Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sirefef infection


  • Please log in to reply
9 replies to this topic

#1 Derpnik

Derpnik

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 06 September 2012 - 01:59 AM

So my computer's infected with Sirefef, whatever that is, as Microsoft Security Essentials is finding many instances of it in the recycle bin.

Windows Defender is also not capable of starting, now. Immediately before this, it was working fine, and actually alerted me to a virus's presence (couldn't read the name, because as soon as I opened the window, and saw there was something WD was calling a threat, it closed spontaneously), and when I try to open Windows Defender via the control panel, the window will open, but if I click start now, I get an error saying it doesn't seem to be installed.

I have no idea how I got this virus, seeing as I just recently reinstalled windows (formatted using the windows disc, suppose that didn't do the job then, if I'd had the virus beforehand?), but I'm hoping someone here can give me a hand with removing it without having to reformat and reinstall windows AGAIN.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 06 September 2012 - 06:57 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 06 September 2012 - 05:59 PM

I ran malwarebyes, and it said it detected two threats, killed them, I restarted my computer, and have not found a "constant map 2012" item running in the task manager since, and a full scan done with malwarebytes turns up no infected files.

Logs:

16:59:44.0521 2460 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
16:59:44.0777 2460 ============================================================
16:59:44.0777 2460 Current date / time: 2012/09/06 16:59:44.0777
16:59:44.0777 2460 SystemInfo:
16:59:44.0777 2460
16:59:44.0777 2460 OS Version: 6.1.7600 ServicePack: 0.0
16:59:44.0777 2460 Product type: Workstation
16:59:44.0778 2460 ComputerName: DESKTOPZILLA
16:59:44.0778 2460 UserName: Kevin
16:59:44.0778 2460 Windows directory: C:\Windows
16:59:44.0778 2460 System windows directory: C:\Windows
16:59:44.0778 2460 Running under WOW64
16:59:44.0778 2460 Processor architecture: Intel x64
16:59:44.0778 2460 Number of processors: 4
16:59:44.0778 2460 Page size: 0x1000
16:59:44.0778 2460 Boot type: Normal boot
16:59:44.0778 2460 ============================================================
16:59:45.0320 2460 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:59:45.0322 2460 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:59:54.0789 2460 Drive \Device\Harddisk2\DR2 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:59:54.0814 2460 ============================================================
16:59:54.0814 2460 \Device\Harddisk0\DR0:
16:59:54.0826 2460 MBR partitions:
16:59:54.0826 2460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747065B0
16:59:54.0826 2460 \Device\Harddisk1\DR1:
16:59:54.0844 2460 MBR partitions:
16:59:54.0844 2460 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
16:59:54.0844 2460 \Device\Harddisk2\DR2:
16:59:54.0845 2460 MBR partitions:
16:59:54.0845 2460 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
16:59:54.0845 2460 ============================================================
16:59:54.0854 2460 C: <-> \Device\Harddisk0\DR0\Partition1
16:59:54.0890 2460 E: <-> \Device\Harddisk2\DR2\Partition1
16:59:55.0060 2460 G: <-> \Device\Harddisk1\DR1\Partition1
16:59:55.0061 2460 ============================================================
16:59:55.0061 2460 Initialize success
16:59:55.0061 2460 ============================================================
17:00:25.0443 3468 ============================================================
17:00:25.0443 3468 Scan started
17:00:25.0443 3468 Mode: Manual; TDLFS;
17:00:25.0443 3468 ============================================================
17:00:26.0232 3468 ================ Scan system memory ========================
17:00:26.0232 3468 System memory - ok
17:00:26.0232 3468 ================ Scan services =============================
17:00:26.0386 3468 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:00:26.0389 3468 1394ohci - ok
17:00:26.0404 3468 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:00:26.0408 3468 ACPI - ok
17:00:26.0450 3468 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:00:26.0452 3468 AcpiPmi - ok
17:00:26.0641 3468 [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:00:26.0644 3468 AdobeFlashPlayerUpdateSvc - ok
17:00:26.0677 3468 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:00:26.0684 3468 adp94xx - ok
17:00:26.0696 3468 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:00:26.0700 3468 adpahci - ok
17:00:26.0712 3468 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:00:26.0714 3468 adpu320 - ok
17:00:26.0734 3468 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:00:26.0736 3468 AeLookupSvc - ok
17:00:26.0765 3468 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
17:00:26.0771 3468 AFD - ok
17:00:26.0783 3468 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:00:26.0784 3468 agp440 - ok
17:00:26.0799 3468 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:00:26.0800 3468 ALG - ok
17:00:26.0808 3468 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:00:26.0808 3468 aliide - ok
17:00:26.0813 3468 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:00:26.0813 3468 amdide - ok
17:00:26.0817 3468 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:00:26.0818 3468 AmdK8 - ok
17:00:26.0822 3468 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:00:26.0823 3468 AmdPPM - ok
17:00:26.0838 3468 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:00:26.0840 3468 amdsata - ok
17:00:26.0845 3468 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:00:26.0847 3468 amdsbs - ok
17:00:26.0861 3468 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:00:26.0861 3468 amdxata - ok
17:00:26.0892 3468 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
17:00:26.0893 3468 AppID - ok
17:00:26.0903 3468 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:00:26.0904 3468 AppIDSvc - ok
17:00:26.0917 3468 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
17:00:26.0918 3468 Appinfo - ok
17:00:26.0941 3468 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:00:26.0949 3468 AppMgmt - ok
17:00:26.0971 3468 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:00:26.0972 3468 arc - ok
17:00:26.0976 3468 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:00:26.0977 3468 arcsas - ok
17:00:27.0058 3468 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:00:27.0059 3468 aspnet_state - ok
17:00:27.0086 3468 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:00:27.0088 3468 AsyncMac - ok
17:00:27.0107 3468 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:00:27.0107 3468 atapi - ok
17:00:27.0138 3468 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:00:27.0146 3468 AudioEndpointBuilder - ok
17:00:27.0157 3468 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:00:27.0162 3468 AudioSrv - ok
17:00:27.0186 3468 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:00:27.0188 3468 AxInstSV - ok
17:00:27.0222 3468 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:00:27.0228 3468 b06bdrv - ok
17:00:27.0253 3468 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:00:27.0257 3468 b57nd60a - ok
17:00:27.0265 3468 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:00:27.0266 3468 BDESVC - ok
17:00:27.0279 3468 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:00:27.0280 3468 Beep - ok
17:00:27.0305 3468 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:00:27.0306 3468 blbdrive - ok
17:00:27.0336 3468 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:00:27.0337 3468 bowser - ok
17:00:27.0342 3468 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:00:27.0343 3468 BrFiltLo - ok
17:00:27.0346 3468 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:00:27.0347 3468 BrFiltUp - ok
17:00:27.0363 3468 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
17:00:27.0365 3468 Browser - ok
17:00:27.0372 3468 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:00:27.0375 3468 Brserid - ok
17:00:27.0379 3468 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:00:27.0380 3468 BrSerWdm - ok
17:00:27.0383 3468 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:00:27.0384 3468 BrUsbMdm - ok
17:00:27.0388 3468 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:00:27.0389 3468 BrUsbSer - ok
17:00:27.0392 3468 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:00:27.0393 3468 BTHMODEM - ok
17:00:27.0420 3468 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:00:27.0422 3468 bthserv - ok
17:00:27.0429 3468 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:00:27.0430 3468 cdfs - ok
17:00:27.0462 3468 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:00:27.0464 3468 cdrom - ok
17:00:27.0473 3468 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
17:00:27.0474 3468 CertPropSvc - ok
17:00:27.0491 3468 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:00:27.0492 3468 circlass - ok
17:00:27.0507 3468 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:00:27.0511 3468 CLFS - ok
17:00:27.0562 3468 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:00:27.0564 3468 clr_optimization_v2.0.50727_32 - ok
17:00:27.0596 3468 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:00:27.0599 3468 clr_optimization_v2.0.50727_64 - ok
17:00:27.0653 3468 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:00:27.0655 3468 clr_optimization_v4.0.30319_32 - ok
17:00:27.0677 3468 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:00:27.0680 3468 clr_optimization_v4.0.30319_64 - ok
17:00:27.0734 3468 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:00:27.0736 3468 CmBatt - ok
17:00:27.0750 3468 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:00:27.0757 3468 cmdide - ok
17:00:27.0791 3468 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
17:00:27.0797 3468 CNG - ok
17:00:27.0816 3468 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:00:27.0817 3468 Compbatt - ok
17:00:27.0832 3468 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:00:27.0833 3468 CompositeBus - ok
17:00:27.0847 3468 COMSysApp - ok
17:00:27.0859 3468 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:00:27.0860 3468 crcdisk - ok
17:00:27.0878 3468 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:00:27.0880 3468 CryptSvc - ok
17:00:27.0915 3468 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
17:00:27.0922 3468 CSC - ok
17:00:27.0943 3468 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
17:00:27.0952 3468 CscService - ok
17:00:27.0975 3468 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:00:27.0982 3468 DcomLaunch - ok
17:00:28.0004 3468 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:00:28.0009 3468 defragsvc - ok
17:00:28.0035 3468 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:00:28.0037 3468 DfsC - ok
17:00:28.0087 3468 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
17:00:28.0091 3468 Dhcp - ok
17:00:28.0114 3468 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:00:28.0115 3468 discache - ok
17:00:28.0126 3468 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:00:28.0128 3468 Disk - ok
17:00:28.0151 3468 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:00:28.0154 3468 Dnscache - ok
17:00:28.0170 3468 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
17:00:28.0174 3468 dot3svc - ok
17:00:28.0190 3468 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
17:00:28.0193 3468 DPS - ok
17:00:28.0224 3468 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:00:28.0225 3468 drmkaud - ok
17:00:28.0250 3468 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:00:28.0254 3468 dtsoftbus01 - ok
17:00:28.0286 3468 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:00:28.0298 3468 DXGKrnl - ok
17:00:28.0322 3468 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:00:28.0324 3468 EapHost - ok
17:00:28.0398 3468 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:00:28.0437 3468 ebdrv - ok
17:00:28.0456 3468 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
17:00:28.0457 3468 EFS - ok
17:00:28.0507 3468 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:00:28.0514 3468 ehRecvr - ok
17:00:28.0517 3468 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:00:28.0519 3468 ehSched - ok
17:00:28.0549 3468 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:00:28.0555 3468 elxstor - ok
17:00:28.0564 3468 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:00:28.0565 3468 ErrDev - ok
17:00:28.0590 3468 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:00:28.0594 3468 EventSystem - ok
17:00:28.0621 3468 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:00:28.0623 3468 exfat - ok
17:00:28.0636 3468 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:00:28.0639 3468 fastfat - ok
17:00:28.0659 3468 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
17:00:28.0666 3468 Fax - ok
17:00:28.0670 3468 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:00:28.0671 3468 fdc - ok
17:00:28.0689 3468 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:00:28.0690 3468 fdPHost - ok
17:00:28.0699 3468 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:00:28.0700 3468 FDResPub - ok
17:00:28.0720 3468 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:00:28.0721 3468 FileInfo - ok
17:00:28.0724 3468 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:00:28.0725 3468 Filetrace - ok
17:00:28.0740 3468 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:00:28.0741 3468 flpydisk - ok
17:00:28.0758 3468 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:00:28.0761 3468 FltMgr - ok
17:00:28.0793 3468 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
17:00:28.0806 3468 FontCache - ok
17:00:28.0839 3468 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:00:28.0840 3468 FontCache3.0.0.0 - ok
17:00:28.0859 3468 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:00:28.0860 3468 FsDepends - ok
17:00:28.0878 3468 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:00:28.0879 3468 Fs_Rec - ok
17:00:28.0897 3468 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:00:28.0899 3468 fvevol - ok
17:00:28.0912 3468 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:00:28.0913 3468 gagp30kx - ok
17:00:28.0941 3468 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
17:00:28.0948 3468 gpsvc - ok
17:00:28.0969 3468 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:00:28.0970 3468 hcw85cir - ok
17:00:28.0999 3468 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:00:29.0003 3468 HdAudAddService - ok
17:00:29.0025 3468 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:00:29.0027 3468 HDAudBus - ok
17:00:29.0029 3468 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:00:29.0030 3468 HidBatt - ok
17:00:29.0034 3468 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:00:29.0035 3468 HidBth - ok
17:00:29.0049 3468 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:00:29.0050 3468 HidIr - ok
17:00:29.0061 3468 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:00:29.0063 3468 hidserv - ok
17:00:29.0104 3468 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:00:29.0105 3468 HidUsb - ok
17:00:29.0122 3468 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:00:29.0124 3468 hkmsvc - ok
17:00:29.0140 3468 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:00:29.0144 3468 HomeGroupListener - ok
17:00:29.0165 3468 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:00:29.0169 3468 HomeGroupProvider - ok
17:00:29.0182 3468 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:00:29.0183 3468 HpSAMD - ok
17:00:29.0206 3468 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:00:29.0214 3468 HTTP - ok
17:00:29.0227 3468 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:00:29.0227 3468 hwpolicy - ok
17:00:29.0242 3468 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:00:29.0243 3468 i8042prt - ok
17:00:29.0324 3468 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:00:29.0330 3468 IAANTMON - ok
17:00:29.0361 3468 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:00:29.0364 3468 iaStor - ok
17:00:29.0397 3468 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:00:29.0404 3468 iaStorV - ok
17:00:29.0457 3468 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:00:29.0469 3468 idsvc - ok
17:00:29.0482 3468 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:00:29.0483 3468 iirsp - ok
17:00:29.0528 3468 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
17:00:29.0541 3468 IKEEXT - ok
17:00:29.0559 3468 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:00:29.0560 3468 intelide - ok
17:00:29.0583 3468 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:00:29.0584 3468 intelppm - ok
17:00:29.0595 3468 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:00:29.0598 3468 IPBusEnum - ok
17:00:29.0609 3468 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:00:29.0610 3468 IpFilterDriver - ok
17:00:29.0616 3468 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:00:29.0618 3468 IPMIDRV - ok
17:00:29.0622 3468 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:00:29.0624 3468 IPNAT - ok
17:00:29.0645 3468 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:00:29.0646 3468 IRENUM - ok
17:00:29.0657 3468 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:00:29.0658 3468 isapnp - ok
17:00:29.0671 3468 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:00:29.0674 3468 iScsiPrt - ok
17:00:29.0703 3468 [ 6EBE4832B1A7C063FDF87035AFC1E3DC ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
17:00:29.0705 3468 JRAID - ok
17:00:29.0715 3468 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:00:29.0717 3468 kbdclass - ok
17:00:29.0727 3468 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:00:29.0728 3468 kbdhid - ok
17:00:29.0739 3468 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
17:00:29.0740 3468 KeyIso - ok
17:00:29.0760 3468 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:00:29.0761 3468 KSecDD - ok
17:00:29.0771 3468 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:00:29.0773 3468 KSecPkg - ok
17:00:29.0777 3468 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:00:29.0778 3468 ksthunk - ok
17:00:29.0813 3468 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:00:29.0819 3468 KtmRm - ok
17:00:29.0846 3468 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:00:29.0850 3468 LanmanServer - ok
17:00:29.0867 3468 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:00:29.0870 3468 LanmanWorkstation - ok
17:00:29.0904 3468 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:00:29.0905 3468 lltdio - ok
17:00:29.0922 3468 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:00:29.0926 3468 lltdsvc - ok
17:00:29.0939 3468 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:00:29.0941 3468 lmhosts - ok
17:00:29.0962 3468 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:00:29.0964 3468 LSI_FC - ok
17:00:29.0967 3468 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:00:29.0969 3468 LSI_SAS - ok
17:00:29.0971 3468 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:00:29.0973 3468 LSI_SAS2 - ok
17:00:29.0976 3468 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:00:29.0978 3468 LSI_SCSI - ok
17:00:29.0993 3468 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:00:29.0994 3468 luafv - ok
17:00:30.0022 3468 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:00:30.0024 3468 Mcx2Svc - ok
17:00:30.0032 3468 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:00:30.0033 3468 megasas - ok
17:00:30.0039 3468 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:00:30.0043 3468 MegaSR - ok
17:00:30.0055 3468 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:00:30.0057 3468 MMCSS - ok
17:00:30.0067 3468 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:00:30.0068 3468 Modem - ok
17:00:30.0096 3468 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:00:30.0097 3468 monitor - ok
17:00:30.0116 3468 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:00:30.0117 3468 mouclass - ok
17:00:30.0121 3468 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:00:30.0122 3468 mouhid - ok
17:00:30.0126 3468 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:00:30.0127 3468 mountmgr - ok
17:00:30.0165 3468 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:00:30.0167 3468 MozillaMaintenance - ok
17:00:30.0183 3468 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:00:30.0185 3468 mpio - ok
17:00:30.0190 3468 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:00:30.0191 3468 mpsdrv - ok
17:00:30.0208 3468 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:00:30.0210 3468 MRxDAV - ok
17:00:30.0229 3468 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:00:30.0231 3468 mrxsmb - ok
17:00:30.0243 3468 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:00:30.0246 3468 mrxsmb10 - ok
17:00:30.0258 3468 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:00:30.0260 3468 mrxsmb20 - ok
17:00:30.0274 3468 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:00:30.0274 3468 msahci - ok
17:00:30.0334 3468 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
17:00:30.0337 3468 MSCamSvc - ok
17:00:30.0343 3468 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:00:30.0345 3468 msdsm - ok
17:00:30.0360 3468 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:00:30.0363 3468 MSDTC - ok
17:00:30.0394 3468 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:00:30.0395 3468 Msfs - ok
17:00:30.0402 3468 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:00:30.0403 3468 mshidkmdf - ok
17:00:30.0419 3468 [ BB590070D606AE6F008341FC9A7B2AD7 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
17:00:30.0420 3468 MSHUSBVideo - ok
17:00:30.0429 3468 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:00:30.0429 3468 msisadrv - ok
17:00:30.0448 3468 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:00:30.0452 3468 MSiSCSI - ok
17:00:30.0456 3468 msiserver - ok
17:00:30.0469 3468 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:00:30.0470 3468 MSKSSRV - ok
17:00:30.0473 3468 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:00:30.0474 3468 MSPCLOCK - ok
17:00:30.0487 3468 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:00:30.0488 3468 MSPQM - ok
17:00:30.0506 3468 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:00:30.0509 3468 MsRPC - ok
17:00:30.0524 3468 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:00:30.0525 3468 mssmbios - ok
17:00:30.0528 3468 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:00:30.0529 3468 MSTEE - ok
17:00:30.0532 3468 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:00:30.0533 3468 MTConfig - ok
17:00:30.0556 3468 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
17:00:30.0557 3468 MTsensor - ok
17:00:30.0565 3468 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:00:30.0566 3468 Mup - ok
17:00:30.0599 3468 [ 77073C1AF9C0921FF18EE628049BB1A9 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
17:00:30.0602 3468 mv91xx - ok
17:00:30.0623 3468 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
17:00:30.0629 3468 napagent - ok
17:00:30.0664 3468 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:00:30.0668 3468 NativeWifiP - ok
17:00:30.0689 3468 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:00:30.0706 3468 NDIS - ok
17:00:30.0715 3468 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:00:30.0716 3468 NdisCap - ok
17:00:30.0737 3468 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:00:30.0738 3468 NdisTapi - ok
17:00:30.0742 3468 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:00:30.0743 3468 Ndisuio - ok
17:00:30.0757 3468 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:00:30.0759 3468 NdisWan - ok
17:00:30.0764 3468 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:00:30.0765 3468 NDProxy - ok
17:00:30.0776 3468 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:00:30.0777 3468 NetBIOS - ok
17:00:30.0783 3468 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:00:30.0786 3468 NetBT - ok
17:00:30.0797 3468 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
17:00:30.0798 3468 Netlogon - ok
17:00:30.0830 3468 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:00:30.0836 3468 Netman - ok
17:00:30.0862 3468 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:30.0864 3468 NetMsmqActivator - ok
17:00:30.0869 3468 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:30.0870 3468 NetPipeActivator - ok
17:00:30.0894 3468 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:00:30.0901 3468 netprofm - ok
17:00:30.0907 3468 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:30.0908 3468 NetTcpActivator - ok
17:00:30.0913 3468 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:00:30.0914 3468 NetTcpPortSharing - ok
17:00:30.0925 3468 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:00:30.0926 3468 nfrd960 - ok
17:00:30.0938 3468 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:00:30.0944 3468 NlaSvc - ok
17:00:30.0947 3468 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:00:30.0947 3468 Npfs - ok
17:00:30.0961 3468 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:00:30.0963 3468 nsi - ok
17:00:30.0977 3468 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:00:30.0977 3468 nsiproxy - ok
17:00:31.0015 3468 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:00:31.0041 3468 Ntfs - ok
17:00:31.0054 3468 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:00:31.0055 3468 Null - ok
17:00:31.0086 3468 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:00:31.0089 3468 NVHDA - ok
17:00:31.0278 3468 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:00:31.0416 3468 nvlddmkm - ok
17:00:31.0435 3468 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:00:31.0437 3468 nvraid - ok
17:00:31.0442 3468 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:00:31.0444 3468 nvstor - ok
17:00:31.0478 3468 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:00:31.0487 3468 nvsvc - ok
17:00:31.0530 3468 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:00:31.0541 3468 nvUpdatusService - ok
17:00:31.0552 3468 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:00:31.0554 3468 nv_agp - ok
17:00:31.0566 3468 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:00:31.0568 3468 ohci1394 - ok
17:00:31.0590 3468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:00:31.0594 3468 p2pimsvc - ok
17:00:31.0604 3468 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:00:31.0609 3468 p2psvc - ok
17:00:31.0625 3468 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:00:31.0633 3468 Parport - ok
17:00:31.0650 3468 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:00:31.0651 3468 partmgr - ok
17:00:31.0656 3468 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:00:31.0659 3468 PcaSvc - ok
17:00:31.0674 3468 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
17:00:31.0675 3468 pci - ok
17:00:31.0682 3468 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:00:31.0683 3468 pciide - ok
17:00:31.0700 3468 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:00:31.0702 3468 pcmcia - ok
17:00:31.0711 3468 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:00:31.0711 3468 pcw - ok
17:00:31.0720 3468 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:00:31.0726 3468 PEAUTH - ok
17:00:31.0763 3468 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:00:31.0776 3468 PeerDistSvc - ok
17:00:31.0839 3468 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:00:31.0840 3468 PerfHost - ok
17:00:31.0877 3468 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
17:00:31.0890 3468 pla - ok
17:00:31.0917 3468 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:00:31.0922 3468 PlugPlay - ok
17:00:31.0936 3468 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:00:31.0937 3468 PNRPAutoReg - ok
17:00:31.0948 3468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:00:31.0950 3468 PNRPsvc - ok
17:00:31.0980 3468 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:00:31.0985 3468 PolicyAgent - ok
17:00:32.0011 3468 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:00:32.0014 3468 Power - ok
17:00:32.0043 3468 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:00:32.0045 3468 PptpMiniport - ok
17:00:32.0056 3468 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:00:32.0057 3468 Processor - ok
17:00:32.0073 3468 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
17:00:32.0077 3468 ProfSvc - ok
17:00:32.0089 3468 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:00:32.0090 3468 ProtectedStorage - ok
17:00:32.0106 3468 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:00:32.0108 3468 Psched - ok
17:00:32.0141 3468 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:00:32.0158 3468 ql2300 - ok
17:00:32.0171 3468 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:00:32.0173 3468 ql40xx - ok
17:00:32.0200 3468 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:00:32.0204 3468 QWAVE - ok
17:00:32.0215 3468 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:00:32.0216 3468 QWAVEdrv - ok
17:00:32.0229 3468 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:00:32.0230 3468 RasAcd - ok
17:00:32.0252 3468 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:00:32.0253 3468 RasAgileVpn - ok
17:00:32.0265 3468 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:00:32.0267 3468 RasAuto - ok
17:00:32.0275 3468 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:00:32.0277 3468 Rasl2tp - ok
17:00:32.0300 3468 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
17:00:32.0305 3468 RasMan - ok
17:00:32.0309 3468 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:00:32.0311 3468 RasPppoe - ok
17:00:32.0315 3468 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:00:32.0316 3468 RasSstp - ok
17:00:32.0322 3468 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:00:32.0325 3468 rdbss - ok
17:00:32.0330 3468 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:00:32.0331 3468 rdpbus - ok
17:00:32.0349 3468 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:00:32.0349 3468 RDPCDD - ok
17:00:32.0374 3468 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:00:32.0376 3468 RDPDR - ok
17:00:32.0391 3468 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:00:32.0392 3468 RDPENCDD - ok
17:00:32.0403 3468 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:00:32.0404 3468 RDPREFMP - ok
17:00:32.0425 3468 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:00:32.0428 3468 RDPWD - ok
17:00:32.0439 3468 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:00:32.0441 3468 rdyboost - ok
17:00:32.0457 3468 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:00:32.0458 3468 RemoteAccess - ok
17:00:32.0472 3468 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:00:32.0474 3468 RemoteRegistry - ok
17:00:32.0484 3468 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:00:32.0486 3468 RpcEptMapper - ok
17:00:32.0498 3468 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:00:32.0499 3468 RpcLocator - ok
17:00:32.0514 3468 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
17:00:32.0517 3468 RpcSs - ok
17:00:32.0537 3468 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:00:32.0539 3468 rspndr - ok
17:00:32.0575 3468 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:00:32.0580 3468 RTL8167 - ok
17:00:32.0614 3468 [ A237566B5A53D17D8348334853F11B38 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
17:00:32.0615 3468 rzudd - ok
17:00:32.0633 3468 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
17:00:32.0634 3468 s3cap - ok
17:00:32.0647 3468 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
17:00:32.0648 3468 SamSs - ok
17:00:32.0656 3468 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:00:32.0657 3468 sbp2port - ok
17:00:32.0668 3468 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:00:32.0671 3468 SCardSvr - ok
17:00:32.0683 3468 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:00:32.0689 3468 scfilter - ok
17:00:32.0712 3468 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
17:00:32.0724 3468 Schedule - ok
17:00:32.0737 3468 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:00:32.0737 3468 SCPolicySvc - ok
17:00:32.0749 3468 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:00:32.0752 3468 SDRSVC - ok
17:00:32.0782 3468 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:00:32.0783 3468 secdrv - ok
17:00:32.0795 3468 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
17:00:32.0797 3468 seclogon - ok
17:00:32.0809 3468 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:00:32.0811 3468 SENS - ok
17:00:32.0815 3468 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:00:32.0817 3468 SensrSvc - ok
17:00:32.0835 3468 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:00:32.0836 3468 Serenum - ok
17:00:32.0849 3468 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:00:32.0851 3468 Serial - ok
17:00:32.0859 3468 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:00:32.0860 3468 sermouse - ok
17:00:32.0877 3468 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
17:00:32.0880 3468 SessionEnv - ok
17:00:32.0902 3468 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:00:32.0903 3468 sffdisk - ok
17:00:32.0923 3468 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:00:32.0924 3468 sffp_mmc - ok
17:00:32.0945 3468 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:00:32.0947 3468 sffp_sd - ok
17:00:32.0967 3468 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:00:32.0967 3468 sfloppy - ok
17:00:32.0994 3468 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:00:32.0998 3468 ShellHWDetection - ok
17:00:33.0002 3468 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:00:33.0003 3468 SiSRaid2 - ok
17:00:33.0012 3468 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:00:33.0014 3468 SiSRaid4 - ok
17:00:33.0044 3468 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:00:33.0046 3468 SkypeUpdate - ok
17:00:33.0065 3468 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:00:33.0067 3468 Smb - ok
17:00:33.0078 3468 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:00:33.0080 3468 SNMPTRAP - ok
17:00:33.0092 3468 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:00:33.0092 3468 spldr - ok
17:00:33.0115 3468 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
17:00:33.0122 3468 Spooler - ok
17:00:33.0181 3468 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
17:00:33.0214 3468 sppsvc - ok
17:00:33.0217 3468 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:00:33.0219 3468 sppuinotify - ok
17:00:33.0246 3468 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:00:33.0250 3468 srv - ok
17:00:33.0266 3468 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:00:33.0269 3468 srv2 - ok
17:00:33.0279 3468 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:00:33.0281 3468 srvnet - ok
17:00:33.0320 3468 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:00:33.0323 3468 SSDPSRV - ok
17:00:33.0327 3468 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:00:33.0329 3468 SstpSvc - ok
17:00:33.0376 3468 Steam Client Service - ok
17:00:33.0393 3468 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:00:33.0394 3468 stexstor - ok
17:00:33.0423 3468 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
17:00:33.0431 3468 stisvc - ok
17:00:33.0442 3468 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
17:00:33.0442 3468 storflt - ok
17:00:33.0465 3468 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:00:33.0468 3468 StorSvc - ok
17:00:33.0487 3468 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
17:00:33.0488 3468 storvsc - ok
17:00:33.0496 3468 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:00:33.0497 3468 swenum - ok
17:00:33.0510 3468 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:00:33.0518 3468 swprv - ok
17:00:33.0562 3468 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
17:00:33.0583 3468 SysMain - ok
17:00:33.0596 3468 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:00:33.0599 3468 TabletInputService - ok
17:00:33.0615 3468 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
17:00:33.0621 3468 TapiSrv - ok
17:00:33.0635 3468 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:00:33.0637 3468 TBS - ok
17:00:33.0691 3468 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:00:33.0713 3468 Tcpip - ok
17:00:33.0746 3468 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:00:33.0758 3468 TCPIP6 - ok
17:00:33.0775 3468 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:00:33.0776 3468 tcpipreg - ok
17:00:33.0793 3468 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:00:33.0794 3468 TDPIPE - ok
17:00:33.0817 3468 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:00:33.0819 3468 TDTCP - ok
17:00:33.0836 3468 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:00:33.0838 3468 tdx - ok
17:00:33.0854 3468 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:00:33.0856 3468 TermDD - ok
17:00:33.0883 3468 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
17:00:33.0892 3468 TermService - ok
17:00:33.0906 3468 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:00:33.0908 3468 Themes - ok
17:00:33.0921 3468 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:00:33.0922 3468 THREADORDER - ok
17:00:33.0931 3468 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:00:33.0934 3468 TrkWks - ok
17:00:33.0972 3468 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:00:33.0974 3468 TrustedInstaller - ok
17:00:33.0991 3468 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:00:33.0992 3468 tssecsrv - ok
17:00:34.0014 3468 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:00:34.0016 3468 tunnel - ok
17:00:34.0031 3468 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:00:34.0033 3468 uagp35 - ok
17:00:34.0047 3468 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:00:34.0051 3468 udfs - ok
17:00:34.0070 3468 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:00:34.0072 3468 UI0Detect - ok
17:00:34.0087 3468 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:00:34.0089 3468 uliagpkx - ok
17:00:34.0103 3468 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:00:34.0105 3468 umbus - ok
17:00:34.0113 3468 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:00:34.0114 3468 UmPass - ok
17:00:34.0133 3468 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
17:00:34.0136 3468 UmRdpService - ok
17:00:34.0152 3468 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:00:34.0158 3468 upnphost - ok
17:00:34.0183 3468 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:00:34.0185 3468 usbaudio - ok
17:00:34.0189 3468 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:00:34.0191 3468 usbccgp - ok
17:00:34.0195 3468 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:00:34.0196 3468 usbcir - ok
17:00:34.0200 3468 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:00:34.0201 3468 usbehci - ok
17:00:34.0209 3468 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:00:34.0213 3468 usbhub - ok
17:00:34.0222 3468 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:00:34.0224 3468 usbohci - ok
17:00:34.0228 3468 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:00:34.0229 3468 usbprint - ok
17:00:34.0249 3468 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:00:34.0251 3468 USBSTOR - ok
17:00:34.0254 3468 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:00:34.0255 3468 usbuhci - ok
17:00:34.0299 3468 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:00:34.0302 3468 usbvideo - ok
17:00:34.0317 3468 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:00:34.0319 3468 UxSms - ok
17:00:34.0330 3468 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
17:00:34.0331 3468 VaultSvc - ok
17:00:34.0347 3468 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:00:34.0348 3468 vdrvroot - ok
17:00:34.0360 3468 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
17:00:34.0367 3468 vds - ok
17:00:34.0381 3468 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:00:34.0382 3468 vga - ok
17:00:34.0390 3468 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:00:34.0391 3468 VgaSave - ok
17:00:34.0401 3468 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:00:34.0404 3468 vhdmp - ok
17:00:34.0440 3468 [ 906A7C6B6659A650648CF21998270945 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:00:34.0454 3468 VIAHdAudAddService - ok
17:00:34.0475 3468 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:00:34.0476 3468 viaide - ok
17:00:34.0496 3468 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
17:00:34.0499 3468 vmbus - ok
17:00:34.0503 3468 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
17:00:34.0504 3468 VMBusHID - ok
17:00:34.0523 3468 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:00:34.0524 3468 volmgr - ok
17:00:34.0531 3468 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:00:34.0535 3468 volmgrx - ok
17:00:34.0542 3468 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:00:34.0546 3468 volsnap - ok
17:00:34.0551 3468 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:00:34.0554 3468 vsmraid - ok
17:00:34.0598 3468 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
17:00:34.0617 3468 VSS - ok
17:00:34.0626 3468 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:00:34.0627 3468 vwifibus - ok
17:00:34.0643 3468 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:00:34.0649 3468 W32Time - ok
17:00:34.0667 3468 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:00:34.0668 3468 WacomPen - ok
17:00:34.0672 3468 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:00:34.0674 3468 WANARP - ok
17:00:34.0678 3468 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:00:34.0678 3468 Wanarpv6 - ok
17:00:34.0715 3468 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
17:00:34.0733 3468 wbengine - ok
17:00:34.0742 3468 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:00:34.0746 3468 WbioSrvc - ok
17:00:34.0768 3468 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:00:34.0774 3468 wcncsvc - ok
17:00:34.0791 3468 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:00:34.0793 3468 WcsPlugInService - ok
17:00:34.0808 3468 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:00:34.0809 3468 Wd - ok
17:00:34.0824 3468 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:00:34.0831 3468 Wdf01000 - ok
17:00:34.0842 3468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:00:34.0845 3468 WdiServiceHost - ok
17:00:34.0848 3468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:00:34.0850 3468 WdiSystemHost - ok
17:00:34.0863 3468 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
17:00:34.0867 3468 WebClient - ok
17:00:34.0882 3468 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:00:34.0886 3468 Wecsvc - ok
17:00:34.0891 3468 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:00:34.0894 3468 wercplsupport - ok
17:00:34.0914 3468 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:00:34.0916 3468 WerSvc - ok
17:00:34.0926 3468 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:00:34.0927 3468 WfpLwf - ok
17:00:34.0941 3468 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:00:34.0948 3468 WIMMount - ok
17:00:34.0955 3468 WinHttpAutoProxySvc - ok
17:00:34.0999 3468 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:00:35.0002 3468 Winmgmt - ok
17:00:35.0044 3468 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
17:00:35.0065 3468 WinRM - ok
17:00:35.0095 3468 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:00:35.0104 3468 Wlansvc - ok
17:00:35.0123 3468 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:00:35.0123 3468 WmiAcpi - ok
17:00:35.0136 3468 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:00:35.0139 3468 wmiApSrv - ok
17:00:35.0157 3468 WMPNetworkSvc - ok
17:00:35.0177 3468 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:00:35.0179 3468 WPCSvc - ok
17:00:35.0187 3468 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:00:35.0190 3468 WPDBusEnum - ok
17:00:35.0203 3468 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:00:35.0204 3468 ws2ifsl - ok
17:00:35.0206 3468 WSearch - ok
17:00:35.0217 3468 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:00:35.0219 3468 WudfPf - ok
17:00:35.0241 3468 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:00:35.0243 3468 WUDFRd - ok
17:00:35.0258 3468 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:00:35.0261 3468 wudfsvc - ok
17:00:35.0267 3468 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:00:35.0271 3468 WwanSvc - ok
17:00:35.0275 3468 ================ Scan global ===============================
17:00:35.0290 3468 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:00:35.0308 3468 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:00:35.0316 3468 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
17:00:35.0329 3468 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:00:35.0354 3468 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:00:35.0359 3468 [Global] - ok
17:00:35.0360 3468 ================ Scan MBR ==================================
17:00:35.0366 3468 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:00:35.0699 3468 \Device\Harddisk0\DR0 - ok
17:00:35.0709 3468 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:00:35.0843 3468 \Device\Harddisk1\DR1 - ok
17:00:35.0848 3468 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:00:35.0978 3468 \Device\Harddisk2\DR2 - ok
17:00:35.0979 3468 ================ Scan VBR ==================================
17:00:35.0981 3468 [ 28F4C13147A40B38263A6A2CE470C814 ] \Device\Harddisk0\DR0\Partition1
17:00:35.0982 3468 \Device\Harddisk0\DR0\Partition1 - ok
17:00:35.0984 3468 [ 99063460BACD74F4752B361EF169F851 ] \Device\Harddisk1\DR1\Partition1
17:00:35.0986 3468 \Device\Harddisk1\DR1\Partition1 - ok
17:00:35.0989 3468 [ 8AA43B91329B2162F817E69E0C2DF47D ] \Device\Harddisk2\DR2\Partition1
17:00:35.0991 3468 \Device\Harddisk2\DR2\Partition1 - ok
17:00:35.0992 3468 ============================================================
17:00:35.0992 3468 Scan finished
17:00:35.0992 3468 ============================================================
17:00:35.0999 4604 Detected object count: 0
17:00:35.0999 4604 Actual detected object count: 0



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-06 17:03:03
-----------------------------
17:03:03.324 OS Version: Windows x64 6.1.7600
17:03:03.324 Number of processors: 4 586 0x1E05
17:03:03.324 ComputerName: DESKTOPZILLA UserName: Kevin
17:03:06.921 Initialize success
17:03:55.618 AVAST engine defs: 12090601
17:04:07.926 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
17:04:07.936 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 3
17:04:07.946 Disk 0 MBR read successfully
17:04:07.946 Disk 0 MBR scan
17:04:07.956 Disk 0 Windows 7 default MBR code
17:04:07.956 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953868 MB offset 2048
17:04:07.976 Disk 0 scanning C:\Windows\system32\drivers
17:04:12.995 Service scanning
17:04:26.675 Modules scanning
17:04:26.691 Disk 0 trace - called modules:
17:04:26.691 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:04:26.706 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004e1b060]
17:04:26.706 3 CLASSPNP.SYS[fffff88001b4943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004bb8050]
17:04:30.223 AVAST engine scan C:\Windows
17:04:36.943 AVAST engine scan C:\Windows\system32
17:07:11.642 AVAST engine scan C:\Windows\system32\drivers
17:07:25.942 AVAST engine scan C:\Users\Kevin
17:11:31.771 AVAST engine scan C:\ProgramData
17:11:45.146 Scan finished successfully
17:12:34.505 Disk 0 MBR has been saved successfully to "C:\Users\Kevin\Desktop\MBR.dat"
17:12:34.509 The log file has been saved successfully to "C:\Users\Kevin\Desktop\aswMBR.txt"



And there were no found threats on ESET, so I guess malwarebytes got rid of it?

Still need help with getting windows defender/windows firewall back, though.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 06 September 2012 - 06:02 PM

Please post the malwarebytes log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 06 September 2012 - 10:40 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Kevin (administrator) on 06-09-2012 at 23:23:03
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Desktopzilla
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cgocable.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cgocable.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 48-5B-39-36-1A-43
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::99b2:39d8:573b:4c9f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, September 06, 2012 3:12:10 AM
Lease Expires . . . . . . . . . . : Friday, September 07, 2012 3:12:11 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 239622969
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-C4-1E-92-48-5B-39-36-1A-43
DNS Servers . . . . . . . . . . . : 24.226.1.93
24.226.10.193
24.226.10.194
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.cgocable.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: ns3.cgocable.net
Address: 24.226.1.93

Name: google.com
Addresses: 2607:f8b0:400b:800::1002
74.125.226.9
74.125.226.4
74.125.226.7
74.125.226.14
74.125.226.8
74.125.226.0
74.125.226.2
74.125.226.3
74.125.226.5
74.125.226.1
74.125.226.6


Pinging google.com [74.125.226.2] with 32 bytes of data:
Reply from 74.125.226.2: bytes=32 time=8ms TTL=57
Reply from 74.125.226.2: bytes=32 time=9ms TTL=57

Ping statistics for 74.125.226.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 9ms, Average = 8ms
Server: ns3.cgocable.net
Address: 24.226.1.93

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=79ms TTL=50
Reply from 98.138.253.109: bytes=32 time=58ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 79ms, Average = 68ms
Server: ns3.cgocable.net
Address: 24.226.1.93

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...48 5b 39 36 1a 43 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.100 276
192.168.0.100 255.255.255.255 On-link 192.168.0.100 276
192.168.0.255 255.255.255.255 On-link 192.168.0.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 276 fe80::/64 On-link
11 276 fe80::99b2:39d8:573b:4c9f/128
On-link
1 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/06/2012 05:13:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/06/2012 05:13:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/06/2012 05:03:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (09/05/2012 00:41:29 AM) (Source: Application Hang) (User: )
Description: The program newsLeecher.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 264

Start Time: 01cd8a09aadeb502

Termination Time: 524

Application Path: C:\Program Files (x86)\NewsLeecher\newsLeecher.exe

Report Id: f2af51c0-f713-11e1-a6ea-485b39361a43

Error: (08/30/2012 07:40:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: RzSynapse.exe, version: 1.4.13.0, time stamp: 0x5024ad49
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x206f6f74
Faulting process id: 0x5a0
Faulting application start time: 0xRzSynapse.exe0
Faulting application path: RzSynapse.exe1
Faulting module path: RzSynapse.exe2
Report Id: RzSynapse.exe3

Error: (08/28/2012 08:42:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (08/25/2012 00:22:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (08/25/2012 00:22:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (08/25/2012 00:21:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.

Error: (08/25/2012 00:21:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.


System errors:
=============
Error: (09/06/2012 03:12:33 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/06/2012 03:12:33 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/06/2012 03:12:13 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/06/2012 03:12:11 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/06/2012 03:12:10 AM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (09/06/2012 03:12:10 AM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (09/06/2012 02:34:56 AM) (Source: Microsoft Antimalware) (User: )
Description: %%8604.0.1526.00.0.0.07%%859NT AUTHORITYSYSTEMS-1-5-181%%8001%%8030.0.0.00x80070424The specified service does not exist as an installed service. 1%%852Default URL

Error: (09/06/2012 02:29:54 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/06/2012 02:29:54 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/06/2012 02:29:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (09/06/2012 05:13:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (09/06/2012 05:13:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (09/06/2012 05:03:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (09/05/2012 00:41:29 AM) (Source: Application Hang)(User: )
Description: newsLeecher.exe0.0.0.026401cd8a09aadeb502524C:\Program Files (x86)\NewsLeecher\newsLeecher.exef2af51c0-f713-11e1-a6ea-485b39361a43

Error: (08/30/2012 07:40:22 PM) (Source: Application Error)(User: )
Description: RzSynapse.exe1.4.13.05024ad49unknown0.0.0.000000000c0000005206f6f745a001cd8708b7454303C:\Program Files (x86)\Razer\Synapse\RzSynapse.exeunknown104f9ff1-f2fc-11e1-b8d5-485b39361a43

Error: (08/28/2012 08:42:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\$Recycle.Bin\S-1-5-21-1495149433-1504022825-899788983-1001\$RY372NJ.exe

Error: (08/25/2012 00:22:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Kevin\Desktop\SoftonicDownloader_for_windows-live-messenger.exe

Error: (08/25/2012 00:22:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Kevin\Desktop\SoftonicDownloader_for_windows-live-messenger.exe

Error: (08/25/2012 00:21:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Kevin\Desktop\SoftonicDownloader_for_windows-live-messenger.exe

Error: (08/25/2012 00:21:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Users\Kevin\Desktop\SoftonicDownloader_for_windows-live-messenger.exe


=========================== Installed Programs ============================

µTorrent (Version: 3.2.0)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
DAEMON Tools Lite (Version: 4.45.4.0315)
Google Chrome (Version: 21.0.1180.89)
Guild Wars 2
Intel® Matrix Storage Manager
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JMicron JMB36X Driver (Version: 1.00.0000)
K-Lite Codec Pack 6.1.0 (Full) (Version: 6.1.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
marvell 91xx driver (Version: 1.0.0.1036)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.60.253.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVCRT (Version: 14.0.1468.721)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.19.0)
NewsLeecher v3.9 Final
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
Pidgin (Version: 2.10.6)
Platform (Version: 1.34)
PS3 Media Server (Version: 1.60.0)
Razer Synapse 2.0 (Version: 1.4.13)
Skype™ 5.10 (Version: 5.10.116)
Steam (Version: 1.0.0.0)
Supercade (Version: 2.0.0.80)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VIA Platform Device Manager (Version: 1.34)
VLC media player 2.0.3 (Version: 2.0.3)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 4087.05 MB
Available physical RAM: 2564.58 MB
Total Pagefile: 8172.25 MB
Available Pagefile: 4971.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.5 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.51 GB) (Free:784.22 GB) NTFS
3 Drive e: (MY DICK) (Fixed) (Total:1397.26 GB) (Free:687.16 GB) NTFS
5 Drive g: (GIGADRIVE) (Fixed) (Total:698.64 GB) (Free:17.22 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOPZILLA

Administrator Guest Kevin
UpdatusUser


**** End of log ****



Farbar Service Scanner Version: 06-08-2012
Ran by Kevin (administrator) on 06-09-2012 at 23:27:25
Running from "C:\Users\Kevin\Desktop"
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-08-20 12:57] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-08-20 12:57] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-08-20 12:59] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



# AdwCleaner v2.000 - Logfile created 09/06/2012 at 23:29:29
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Professional (64 bits)
# User : Kevin - DESKTOPZILLA
# Boot Mode : Normal
# Running from : C:\Users\Kevin\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Softonic

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-1495149433-1504022825-899788983-1003\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default [Profil par défaut]
File : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\yxlb88xt.default\prefs.js

[OK] File is clean.

Profile name : Default User
File : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\hkfo5muc.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1501 octets] - [06/09/2012 23:29:29]

########## EOF - C:\AdwCleaner[S1].txt - [1561 octets] ##########



Malwarebytes log here:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.06.04

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Kevin :: DESKTOPZILLA [administrator]

9/6/2012 11:36:23 PM
mbam-log-2012-09-06 (23-36-23).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215532
Time elapsed: 3 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Just did a quick scan since the log is the same either way, just says nothing was found.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 06 September 2012 - 10:45 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 06 September 2012 - 11:40 PM

Farbar Service Scanner Version: 06-08-2012
Ran by Kevin (administrator) on 07-09-2012 at 00:34:23
Running from "C:\Users\Kevin\Desktop"
Microsoft Windows 7 Professional (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-08-20 12:57] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-08-20 12:57] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-08-20 12:59] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Rkill 2.3.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/07/2012 12:37:06 AM in x64 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Kevin\Desktop\FSS.exe (PID: 5024) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Kevin\Desktop\rkill\rkill-09-07-2012-12-37-11.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$5ac2d27ec70e70c8da3e5c09123376ed\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-21-1495149433-1504022825-899788983-1001\$5ac2d27ec70e70c8da3e5c09123376ed\ [ZA Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/07/2012 12:37:17 AM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 06 September 2012 - 11:49 PM

Run RKILL again and post the new log

Edited by narenxp, 07 September 2012 - 12:06 AM.


#9 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:01:11 AM

Posted 06 September 2012 - 11:57 PM

Rkill 2.3.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/07/2012 12:57:22 AM in x64 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/07/2012 12:57:25 AM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:11 AM

Posted 07 September 2012 - 12:06 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users