Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Progressive Protection, Seekportal, Doublee-click.net


  • Please log in to reply
23 replies to this topic

#1 tcjones1985

tcjones1985

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 28 September 2012 - 04:35 PM

Hi all,

The other day I turned on to find malware on my computer - a fake antivirus called System Progressive Protection.

I have since:

- deleted the files from their origin folders
- ran the computer in safe mode
- run Rkill
- run malware bytes (having first updated)
- run hitman
- deleted all cookies and temporary internet files
- emptied my recycle bin

When I boot my computer in normal mode I get the message:

"recycle bin is corrupted" and I think it then asks if I want to empty it.

System progressive protection seems to have gone but i still have internet re-routing malware going - seekportal and doublee-click.net for example. These won't go no matter what I do.

In my task manager processes, something called atieclxx.exe is running, which I've read could be malware.

When I go back into safe mode and run malwarebytes, it doesn't pick anything up.

If somebody could please help me, then I'd be hugely appreciative.

Thanks,

Trevor

BC AdBot (Login to Remove)

 


#2 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 28 September 2012 - 04:36 PM

Oh, I've also made sure that in my LAN settings I do not have ticked "use a proxy server".

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:33 PM

Posted 28 September 2012 - 05:21 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 08 October 2012 - 06:49 AM

Hi,

Thanks very much for your reply and sorry for taking so long to reply myself. Ran out of time before going on holiday.

I have run the first two in normal mode and the logs are pasted below.

However, when I run the third, it gets stuck when scanning:

c:/ProgramData\WildTangent\...\WTA-1917ce23-3f96-463e-9e47-fcbb8918b585-extr.exe

I have tried running it in normal and safe modes and get the same problem.

Your help would again be greatly appreciated!

1.
10:21:28.0408 5440 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
10:21:28.0626 5440 ============================================================
10:21:28.0626 5440 Current date / time: 2012/10/08 10:21:28.0626
10:21:28.0626 5440 SystemInfo:
10:21:28.0626 5440
10:21:28.0626 5440 OS Version: 6.1.7601 ServicePack: 1.0
10:21:28.0626 5440 Product type: Workstation
10:21:28.0626 5440 ComputerName: TREVOR
10:21:28.0626 5440 UserName: Trevor Jones
10:21:28.0626 5440 Windows directory: C:\Windows
10:21:28.0626 5440 System windows directory: C:\Windows
10:21:28.0626 5440 Running under WOW64
10:21:28.0626 5440 Processor architecture: Intel x64
10:21:28.0626 5440 Number of processors: 2
10:21:28.0626 5440 Page size: 0x1000
10:21:28.0626 5440 Boot type: Normal boot
10:21:28.0626 5440 ============================================================
10:21:31.0091 5440 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:21:31.0106 5440 ============================================================
10:21:31.0106 5440 \Device\Harddisk0\DR0:
10:21:31.0106 5440 MBR partitions:
10:21:31.0106 5440 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
10:21:31.0106 5440 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37484000
10:21:31.0106 5440 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x374E8000, BlocksNum 0x26AE000
10:21:31.0106 5440 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF800
10:21:31.0106 5440 ============================================================
10:21:31.0153 5440 C: <-> \Device\Harddisk0\DR0\Partition2
10:21:31.0200 5440 D: <-> \Device\Harddisk0\DR0\Partition3
10:21:31.0216 5440 E: <-> \Device\Harddisk0\DR0\Partition4
10:21:31.0216 5440 ============================================================
10:21:31.0216 5440 Initialize success
10:21:31.0216 5440 ============================================================
10:22:15.0677 5316 ============================================================
10:22:15.0677 5316 Scan started
10:22:15.0677 5316 Mode: Manual; TDLFS;
10:22:15.0677 5316 ============================================================
10:22:16.0114 5316 ================ Scan system memory ========================
10:22:16.0114 5316 System memory - ok
10:22:16.0114 5316 ================ Scan services =============================
10:22:16.0660 5316 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:22:16.0691 5316 1394ohci - ok
10:22:16.0738 5316 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:22:16.0753 5316 ACPI - ok
10:22:16.0878 5316 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:22:16.0878 5316 AcpiPmi - ok
10:22:17.0034 5316 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:22:17.0034 5316 AdobeARMservice - ok
10:22:17.0143 5316 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:22:17.0174 5316 adp94xx - ok
10:22:17.0237 5316 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:22:17.0252 5316 adpahci - ok
10:22:17.0299 5316 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:22:17.0299 5316 adpu320 - ok
10:22:17.0362 5316 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:22:17.0362 5316 AeLookupSvc - ok
10:22:17.0455 5316 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
10:22:17.0455 5316 AERTFilters - ok
10:22:17.0533 5316 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:22:17.0549 5316 AFD - ok
10:22:17.0892 5316 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:22:17.0892 5316 agp440 - ok
10:22:17.0970 5316 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:22:17.0970 5316 ALG - ok
10:22:18.0110 5316 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:22:18.0142 5316 aliide - ok
10:22:18.0188 5316 [ 715B02B892C5BA46471EFC8DCD2AE934 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:22:18.0188 5316 AMD External Events Utility - ok
10:22:18.0266 5316 AMD FUEL Service - ok
10:22:18.0360 5316 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:22:18.0360 5316 amdide - ok
10:22:18.0391 5316 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
10:22:18.0391 5316 amdiox64 - ok
10:22:18.0438 5316 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:22:18.0438 5316 AmdK8 - ok
10:22:18.0828 5316 [ 7054D5D028B6CA727D0575192D633FA9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:22:18.0937 5316 amdkmdag - ok
10:22:19.0031 5316 [ 1CD2BC11467FD5FC7BE9827A9F3D8566 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:22:19.0031 5316 amdkmdap - ok
10:22:19.0124 5316 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:22:19.0124 5316 AmdPPM - ok
10:22:19.0187 5316 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:22:19.0218 5316 amdsata - ok
10:22:19.0296 5316 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:22:19.0374 5316 amdsbs - ok
10:22:19.0421 5316 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:22:19.0421 5316 amdxata - ok
10:22:19.0514 5316 [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
10:22:19.0530 5316 amd_sata - ok
10:22:19.0686 5316 [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
10:22:19.0686 5316 amd_xata - ok
10:22:19.0780 5316 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:22:19.0811 5316 AppID - ok
10:22:19.0842 5316 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:22:19.0858 5316 AppIDSvc - ok
10:22:19.0920 5316 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:22:19.0920 5316 Appinfo - ok
10:22:20.0076 5316 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:22:20.0076 5316 Apple Mobile Device - ok
10:22:20.0138 5316 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:22:20.0170 5316 arc - ok
10:22:20.0216 5316 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:22:20.0279 5316 arcsas - ok
10:22:20.0341 5316 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:22:20.0357 5316 AsyncMac - ok
10:22:20.0404 5316 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:22:20.0404 5316 atapi - ok
10:22:20.0497 5316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:22:20.0513 5316 AudioEndpointBuilder - ok
10:22:20.0544 5316 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:22:20.0544 5316 AudioSrv - ok
10:22:20.0638 5316 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:22:20.0653 5316 AxInstSV - ok
10:22:20.0716 5316 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:22:20.0731 5316 b06bdrv - ok
10:22:20.0778 5316 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:22:20.0794 5316 b57nd60a - ok
10:22:20.0918 5316 [ 28A4012E68BC9597BCB9B26B51AAC4B6 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
10:22:20.0934 5316 BBSvc - ok
10:22:20.0981 5316 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
10:22:20.0996 5316 BBUpdate - ok
10:22:21.0106 5316 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
10:22:21.0168 5316 BCM43XX - ok
10:22:21.0215 5316 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:22:21.0230 5316 BDESVC - ok
10:22:21.0262 5316 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:22:21.0277 5316 Beep - ok
10:22:21.0371 5316 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:22:21.0386 5316 BFE - ok
10:22:21.0620 5316 [ C8AB71A5102D0FC103F6DFC750005137 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120619.001\BHDrvx64.sys
10:22:21.0636 5316 BHDrvx64 - ok
10:22:21.0698 5316 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:22:21.0698 5316 blbdrive - ok
10:22:21.0761 5316 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:22:21.0761 5316 Bonjour Service - ok
10:22:21.0854 5316 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:22:21.0870 5316 bowser - ok
10:22:21.0917 5316 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:22:21.0917 5316 BrFiltLo - ok
10:22:21.0948 5316 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:22:21.0964 5316 BrFiltUp - ok
10:22:22.0026 5316 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:22:22.0026 5316 Browser - ok
10:22:22.0073 5316 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:22:22.0073 5316 Brserid - ok
10:22:22.0104 5316 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:22:22.0104 5316 BrSerWdm - ok
10:22:22.0120 5316 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:22:22.0135 5316 BrUsbMdm - ok
10:22:22.0166 5316 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:22:22.0182 5316 BrUsbSer - ok
10:22:22.0213 5316 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:22:22.0244 5316 BTHMODEM - ok
10:22:22.0291 5316 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:22:22.0291 5316 bthserv - ok
10:22:22.0354 5316 [ A8AD33C9DD88C810CAC00ACC7F4329FB ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1301000.01C\ccSetx64.sys
10:22:22.0354 5316 ccSet_NIS - ok
10:22:22.0385 5316 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:22:22.0400 5316 cdfs - ok
10:22:22.0447 5316 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:22:22.0463 5316 cdrom - ok
10:22:22.0525 5316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:22:22.0541 5316 CertPropSvc - ok
10:22:22.0588 5316 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:22:22.0603 5316 circlass - ok
10:22:22.0650 5316 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:22:22.0666 5316 CLFS - ok
10:22:22.0806 5316 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:22:22.0915 5316 clr_optimization_v2.0.50727_32 - ok
10:22:23.0149 5316 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:22:23.0180 5316 clr_optimization_v2.0.50727_64 - ok
10:22:23.0368 5316 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:22:23.0414 5316 clr_optimization_v4.0.30319_32 - ok
10:22:23.0602 5316 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:22:23.0617 5316 clr_optimization_v4.0.30319_64 - ok
10:22:23.0664 5316 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
10:22:23.0664 5316 clwvd - ok
10:22:23.0695 5316 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:22:23.0695 5316 CmBatt - ok
10:22:23.0726 5316 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:22:23.0726 5316 cmdide - ok
10:22:23.0789 5316 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
10:22:23.0804 5316 CNG - ok
10:22:23.0820 5316 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:22:23.0836 5316 Compbatt - ok
10:22:23.0867 5316 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:22:23.0867 5316 CompositeBus - ok
10:22:23.0898 5316 COMSysApp - ok
10:22:23.0929 5316 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:22:23.0945 5316 crcdisk - ok
10:22:24.0054 5316 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:22:24.0085 5316 CryptSvc - ok
10:22:24.0179 5316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:22:24.0210 5316 DcomLaunch - ok
10:22:24.0257 5316 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:22:24.0272 5316 defragsvc - ok
10:22:24.0319 5316 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:22:24.0319 5316 DfsC - ok
10:22:24.0366 5316 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:22:24.0382 5316 Dhcp - ok
10:22:24.0428 5316 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:22:24.0428 5316 discache - ok
10:22:24.0475 5316 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:22:24.0491 5316 Disk - ok
10:22:24.0522 5316 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:22:24.0522 5316 Dnscache - ok
10:22:24.0569 5316 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:22:24.0584 5316 dot3svc - ok
10:22:24.0616 5316 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:22:24.0647 5316 DPS - ok
10:22:24.0725 5316 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:22:24.0725 5316 drmkaud - ok
10:22:24.0787 5316 [ A4F408AD1065C7AD2ED332C68025B435 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:22:24.0787 5316 DXGKrnl - ok
10:22:24.0865 5316 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:22:24.0881 5316 EapHost - ok
10:22:25.0068 5316 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:22:25.0177 5316 ebdrv - ok
10:22:25.0255 5316 [ BA6420C1F7070ED8F1BA372844F3E1EC ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:22:25.0271 5316 eeCtrl - ok
10:22:25.0349 5316 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:22:25.0349 5316 EFS - ok
10:22:25.0489 5316 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:22:25.0505 5316 ehRecvr - ok
10:22:25.0552 5316 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:22:25.0552 5316 ehSched - ok
10:22:25.0614 5316 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:22:25.0645 5316 elxstor - ok
10:22:25.0739 5316 [ 1343DF3451BC0C442DC69837C6FBA21B ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:22:25.0739 5316 EraserUtilRebootDrv - ok
10:22:25.0786 5316 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:22:25.0786 5316 ErrDev - ok
10:22:25.0864 5316 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:22:25.0895 5316 EventSystem - ok
10:22:25.0957 5316 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:22:25.0973 5316 exfat - ok
10:22:25.0988 5316 ezSharedSvc - ok
10:22:26.0035 5316 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:22:26.0051 5316 fastfat - ok
10:22:26.0113 5316 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:22:26.0144 5316 Fax - ok
10:22:26.0269 5316 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:22:26.0300 5316 fdc - ok
10:22:26.0347 5316 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:22:26.0410 5316 fdPHost - ok
10:22:26.0441 5316 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:22:26.0441 5316 FDResPub - ok
10:22:26.0488 5316 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:22:26.0488 5316 FileInfo - ok
10:22:26.0519 5316 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:22:26.0534 5316 Filetrace - ok
10:22:26.0628 5316 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:22:26.0628 5316 flpydisk - ok
10:22:26.0675 5316 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:22:26.0690 5316 FltMgr - ok
10:22:26.0753 5316 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:22:26.0784 5316 FontCache - ok
10:22:26.0846 5316 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:22:26.0846 5316 FontCache3.0.0.0 - ok
10:22:26.0878 5316 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:22:26.0878 5316 FsDepends - ok
10:22:26.0909 5316 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:22:26.0909 5316 Fs_Rec - ok
10:22:26.0987 5316 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:22:26.0987 5316 fvevol - ok
10:22:27.0065 5316 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:22:27.0080 5316 gagp30kx - ok
10:22:27.0143 5316 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
10:22:27.0190 5316 GamesAppService - ok
10:22:27.0221 5316 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:22:27.0221 5316 GEARAspiWDM - ok
10:22:27.0268 5316 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:22:27.0283 5316 gpsvc - ok
10:22:27.0392 5316 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:22:27.0392 5316 gupdate - ok
10:22:27.0439 5316 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:22:27.0439 5316 gupdatem - ok
10:22:27.0486 5316 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:22:27.0502 5316 gusvc - ok
10:22:27.0564 5316 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:22:27.0564 5316 hcw85cir - ok
10:22:27.0611 5316 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:22:27.0626 5316 HdAudAddService - ok
10:22:27.0673 5316 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:22:27.0673 5316 HDAudBus - ok
10:22:27.0704 5316 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:22:27.0720 5316 HidBatt - ok
10:22:27.0751 5316 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:22:27.0751 5316 HidBth - ok
10:22:27.0798 5316 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:22:27.0814 5316 HidIr - ok
10:22:27.0845 5316 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:22:27.0845 5316 hidserv - ok
10:22:27.0876 5316 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:22:27.0876 5316 HidUsb - ok
10:22:28.0001 5316 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\Windows\system32\drivers\hitmanpro36.sys
10:22:28.0016 5316 hitmanpro36 - ok
10:22:28.0126 5316 [ 0926C3B5CBF64C88F432FF449B211807 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
10:22:28.0126 5316 HitmanProScheduler - ok
10:22:28.0204 5316 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:22:28.0204 5316 hkmsvc - ok
10:22:28.0250 5316 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:22:28.0250 5316 HomeGroupListener - ok
10:22:28.0344 5316 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:22:28.0344 5316 HomeGroupProvider - ok
10:22:28.0484 5316 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:22:28.0484 5316 HP Support Assistant Service - ok
10:22:28.0640 5316 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:22:28.0640 5316 HPClientSvc - ok
10:22:28.0843 5316 [ 8F123D1FA65ADECEA0244C615EA95DFA ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
10:22:28.0859 5316 hpCMSrv - ok
10:22:28.0921 5316 [ E6AB9E7FF923928E9F549FDDFCEDB28A ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:22:28.0937 5316 HPDrvMntSvc.exe - ok
10:22:28.0999 5316 [ DBDC0581D4506C13E6BEF48D14B1C55B ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
10:22:29.0015 5316 hpqwmiex - ok
10:22:29.0062 5316 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:22:29.0077 5316 HpSAMD - ok
10:22:29.0124 5316 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
10:22:29.0140 5316 HPWMISVC - ok
10:22:29.0171 5316 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:22:29.0186 5316 HTTP - ok
10:22:29.0233 5316 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:22:29.0233 5316 hwpolicy - ok
10:22:29.0280 5316 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:22:29.0280 5316 i8042prt - ok
10:22:29.0342 5316 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:22:29.0374 5316 iaStorV - ok
10:22:29.0561 5316 [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
10:22:29.0639 5316 IconMan_R - ok
10:22:29.0748 5316 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:22:29.0842 5316 idsvc - ok
10:22:30.0044 5316 [ 4E9E0E5A3B0EFEB27491C26BE1D97FDA ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120613.007\IDSvia64.sys
10:22:30.0044 5316 IDSVia64 - ok
10:22:30.0091 5316 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:22:30.0107 5316 iirsp - ok
10:22:30.0185 5316 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:22:30.0294 5316 IKEEXT - ok
10:22:30.0434 5316 [ E395D888EF6D3777134A9E09FF7582C2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:22:30.0466 5316 IntcAzAudAddService - ok
10:22:30.0528 5316 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:22:30.0544 5316 intelide - ok
10:22:30.0606 5316 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:22:30.0606 5316 intelppm - ok
10:22:30.0653 5316 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:22:30.0653 5316 IPBusEnum - ok
10:22:30.0700 5316 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:22:30.0715 5316 IpFilterDriver - ok
10:22:30.0746 5316 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:22:30.0778 5316 iphlpsvc - ok
10:22:30.0824 5316 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:22:30.0824 5316 IPMIDRV - ok
10:22:30.0856 5316 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:22:30.0856 5316 IPNAT - ok
10:22:30.0965 5316 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:22:30.0980 5316 iPod Service - ok
10:22:31.0027 5316 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:22:31.0027 5316 IRENUM - ok
10:22:31.0090 5316 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:22:31.0090 5316 isapnp - ok
10:22:31.0136 5316 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:22:31.0136 5316 iScsiPrt - ok
10:22:31.0183 5316 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:22:31.0183 5316 kbdclass - ok
10:22:31.0214 5316 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:22:31.0230 5316 kbdhid - ok
10:22:31.0246 5316 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:22:31.0246 5316 KeyIso - ok
10:22:31.0292 5316 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:22:31.0292 5316 KSecDD - ok
10:22:31.0339 5316 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:22:31.0339 5316 KSecPkg - ok
10:22:31.0386 5316 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:22:31.0386 5316 ksthunk - ok
10:22:31.0464 5316 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:22:31.0511 5316 KtmRm - ok
10:22:31.0604 5316 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:22:31.0620 5316 LanmanServer - ok
10:22:31.0682 5316 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:22:31.0698 5316 LanmanWorkstation - ok
10:22:31.0745 5316 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:22:31.0745 5316 lltdio - ok
10:22:31.0807 5316 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:22:31.0823 5316 lltdsvc - ok
10:22:31.0838 5316 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:22:31.0854 5316 lmhosts - ok
10:22:31.0948 5316 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:22:31.0948 5316 LSI_FC - ok
10:22:31.0994 5316 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:22:31.0994 5316 LSI_SAS - ok
10:22:32.0026 5316 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:22:32.0041 5316 LSI_SAS2 - ok
10:22:32.0072 5316 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:22:32.0072 5316 LSI_SCSI - ok
10:22:32.0119 5316 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:22:32.0135 5316 luafv - ok
10:22:32.0244 5316 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:22:32.0244 5316 MBAMProtector - ok
10:22:32.0322 5316 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:22:32.0322 5316 MBAMScheduler - ok
10:22:32.0400 5316 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:22:32.0416 5316 MBAMService - ok
10:22:32.0462 5316 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:22:32.0478 5316 Mcx2Svc - ok
10:22:32.0572 5316 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
10:22:32.0572 5316 MDM - ok
10:22:32.0665 5316 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:22:32.0665 5316 megasas - ok
10:22:32.0696 5316 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:22:32.0712 5316 MegaSR - ok
10:22:32.0774 5316 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:22:32.0774 5316 MMCSS - ok
10:22:32.0806 5316 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:22:32.0821 5316 Modem - ok
10:22:32.0837 5316 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:22:32.0837 5316 monitor - ok
10:22:32.0884 5316 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:22:32.0884 5316 mouclass - ok
10:22:32.0930 5316 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
10:22:32.0962 5316 mouhid - ok
10:22:33.0024 5316 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:22:33.0040 5316 mountmgr - ok
10:22:33.0071 5316 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:22:33.0071 5316 mpio - ok
10:22:33.0086 5316 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:22:33.0086 5316 mpsdrv - ok
10:22:33.0149 5316 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:22:33.0180 5316 MpsSvc - ok
10:22:33.0242 5316 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:22:33.0258 5316 MRxDAV - ok
10:22:33.0305 5316 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:22:33.0305 5316 mrxsmb - ok
10:22:33.0336 5316 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:22:33.0336 5316 mrxsmb10 - ok
10:22:33.0367 5316 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:22:33.0367 5316 mrxsmb20 - ok
10:22:33.0398 5316 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:22:33.0398 5316 msahci - ok
10:22:33.0445 5316 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:22:33.0461 5316 msdsm - ok
10:22:33.0476 5316 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:22:33.0492 5316 MSDTC - ok
10:22:33.0523 5316 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:22:33.0539 5316 Msfs - ok
10:22:33.0601 5316 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:22:33.0601 5316 mshidkmdf - ok
10:22:33.0617 5316 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:22:33.0617 5316 msisadrv - ok
10:22:33.0664 5316 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:22:33.0679 5316 MSiSCSI - ok
10:22:33.0679 5316 msiserver - ok
10:22:33.0726 5316 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:22:33.0726 5316 MSKSSRV - ok
10:22:33.0773 5316 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:22:33.0773 5316 MSPCLOCK - ok
10:22:33.0773 5316 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:22:33.0788 5316 MSPQM - ok
10:22:33.0820 5316 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:22:33.0820 5316 MsRPC - ok
10:22:33.0835 5316 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:22:33.0851 5316 mssmbios - ok
10:22:33.0882 5316 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:22:33.0898 5316 MSTEE - ok
10:22:33.0913 5316 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:22:33.0944 5316 MTConfig - ok
10:22:33.0976 5316 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:22:33.0976 5316 Mup - ok
10:22:34.0038 5316 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:22:34.0069 5316 napagent - ok
10:22:34.0116 5316 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:22:34.0132 5316 NativeWifiP - ok
10:22:34.0272 5316 [ 8043D41F881D6ACE40B854AD6E32217F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120620.005\ENG64.SYS
10:22:34.0272 5316 NAVENG - ok
10:22:34.0366 5316 [ 9A9AB2FC45D701DAED465D14980F1305 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120620.005\EX64.SYS
10:22:34.0397 5316 NAVEX15 - ok
10:22:34.0475 5316 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:22:34.0490 5316 NDIS - ok
10:22:34.0537 5316 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:22:34.0553 5316 NdisCap - ok
10:22:34.0600 5316 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:22:34.0600 5316 NdisTapi - ok
10:22:34.0615 5316 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:22:34.0615 5316 Ndisuio - ok
10:22:34.0631 5316 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:22:34.0646 5316 NdisWan - ok
10:22:34.0662 5316 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:22:34.0693 5316 NDProxy - ok
10:22:34.0709 5316 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:22:34.0724 5316 NetBIOS - ok
10:22:34.0756 5316 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:22:34.0771 5316 NetBT - ok
10:22:34.0802 5316 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:22:34.0802 5316 Netlogon - ok
10:22:34.0865 5316 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:22:34.0880 5316 Netman - ok
10:22:34.0927 5316 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:22:34.0958 5316 netprofm - ok
10:22:35.0114 5316 [ 9C745041E72576251BC93709633E89FF ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
10:22:35.0146 5316 netr28x - ok
10:22:35.0239 5316 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:22:35.0302 5316 NetTcpPortSharing - ok
10:22:35.0348 5316 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:22:35.0348 5316 nfrd960 - ok
10:22:35.0442 5316 [ E127420B7FEB65C7F279EAAC183BBC0E ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
10:22:35.0442 5316 NIS - ok
10:22:35.0504 5316 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:22:35.0536 5316 NlaSvc - ok
10:22:35.0614 5316 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\Windows\system32\drivers\npf.sys
10:22:35.0614 5316 NPF - ok
10:22:35.0660 5316 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:22:35.0676 5316 Npfs - ok
10:22:35.0707 5316 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:22:35.0723 5316 nsi - ok
10:22:35.0770 5316 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:22:35.0785 5316 nsiproxy - ok
10:22:35.0910 5316 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:22:35.0957 5316 Ntfs - ok
10:22:36.0004 5316 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:22:36.0066 5316 Null - ok
10:22:36.0113 5316 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
10:22:36.0128 5316 NVENETFD - ok
10:22:36.0206 5316 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:22:36.0253 5316 nvraid - ok
10:22:36.0316 5316 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:22:36.0331 5316 nvstor - ok
10:22:36.0378 5316 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:22:36.0440 5316 nv_agp - ok
10:22:36.0487 5316 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:22:36.0550 5316 ohci1394 - ok
10:22:36.0706 5316 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:22:36.0706 5316 ose - ok
10:22:36.0737 5316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:22:36.0752 5316 p2pimsvc - ok
10:22:36.0815 5316 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:22:36.0846 5316 p2psvc - ok
10:22:36.0877 5316 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:22:36.0893 5316 Parport - ok
10:22:36.0924 5316 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:22:36.0924 5316 partmgr - ok
10:22:36.0955 5316 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:22:36.0971 5316 PcaSvc - ok
10:22:37.0002 5316 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:22:37.0018 5316 pci - ok
10:22:37.0064 5316 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:22:37.0080 5316 pciide - ok
10:22:37.0127 5316 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:22:37.0158 5316 pcmcia - ok
10:22:37.0189 5316 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:22:37.0189 5316 pcw - ok
10:22:37.0220 5316 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:22:37.0236 5316 PEAUTH - ok
10:22:37.0688 5316 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:22:37.0751 5316 PerfHost - ok
10:22:37.0907 5316 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:22:37.0954 5316 pla - ok
10:22:38.0032 5316 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:22:38.0094 5316 PlugPlay - ok
10:22:38.0141 5316 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:22:38.0156 5316 PNRPAutoReg - ok
10:22:38.0375 5316 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:22:38.0390 5316 PNRPsvc - ok
10:22:38.0437 5316 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:22:38.0468 5316 PolicyAgent - ok
10:22:38.0531 5316 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:22:38.0531 5316 Power - ok
10:22:38.0578 5316 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:22:38.0593 5316 PptpMiniport - ok
10:22:38.0702 5316 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:22:38.0734 5316 Processor - ok
10:22:38.0843 5316 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:22:38.0858 5316 ProfSvc - ok
10:22:38.0890 5316 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:22:38.0890 5316 ProtectedStorage - ok
10:22:38.0936 5316 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:22:38.0952 5316 Psched - ok
10:22:39.0077 5316 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:22:39.0124 5316 ql2300 - ok
10:22:39.0170 5316 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:22:39.0186 5316 ql40xx - ok
10:22:39.0233 5316 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:22:39.0248 5316 QWAVE - ok
10:22:39.0280 5316 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:22:39.0295 5316 QWAVEdrv - ok
10:22:39.0342 5316 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:22:39.0342 5316 RasAcd - ok
10:22:39.0389 5316 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:22:39.0404 5316 RasAgileVpn - ok
10:22:39.0451 5316 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:22:39.0467 5316 RasAuto - ok
10:22:39.0514 5316 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:22:39.0529 5316 Rasl2tp - ok
10:22:39.0607 5316 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:22:39.0623 5316 RasMan - ok
10:22:39.0654 5316 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:22:39.0670 5316 RasPppoe - ok
10:22:39.0685 5316 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:22:39.0685 5316 RasSstp - ok
10:22:39.0716 5316 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:22:39.0732 5316 rdbss - ok
10:22:39.0763 5316 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:22:39.0763 5316 rdpbus - ok
10:22:39.0794 5316 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:22:39.0794 5316 RDPCDD - ok
10:22:39.0841 5316 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:22:39.0841 5316 RDPENCDD - ok
10:22:39.0888 5316 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:22:39.0888 5316 RDPREFMP - ok
10:22:39.0935 5316 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:22:39.0935 5316 RDPWD - ok
10:22:39.0966 5316 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:22:39.0997 5316 rdyboost - ok
10:22:40.0044 5316 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:22:40.0060 5316 RemoteAccess - ok
10:22:40.0091 5316 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:22:40.0106 5316 RemoteRegistry - ok
10:22:40.0138 5316 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
10:22:40.0138 5316 rpcapd - ok
10:22:40.0216 5316 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:22:40.0216 5316 RpcEptMapper - ok
10:22:40.0247 5316 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:22:40.0262 5316 RpcLocator - ok
10:22:40.0309 5316 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:22:40.0309 5316 RpcSs - ok
10:22:40.0356 5316 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
10:22:40.0372 5316 RSPCIESTOR - ok
10:22:40.0434 5316 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:22:40.0434 5316 rspndr - ok
10:22:40.0496 5316 [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:22:40.0496 5316 RTL8167 - ok
10:22:40.0528 5316 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:22:40.0528 5316 SamSs - ok
10:22:40.0574 5316 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:22:40.0590 5316 sbp2port - ok
10:22:40.0652 5316 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:22:40.0684 5316 SCardSvr - ok
10:22:40.0746 5316 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:22:40.0746 5316 scfilter - ok
10:22:40.0824 5316 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:22:40.0871 5316 Schedule - ok
10:22:40.0918 5316 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:22:40.0918 5316 SCPolicySvc - ok
10:22:40.0964 5316 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:22:40.0980 5316 sdbus - ok
10:22:41.0027 5316 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:22:41.0058 5316 SDRSVC - ok
10:22:41.0105 5316 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:22:41.0105 5316 secdrv - ok
10:22:41.0136 5316 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:22:41.0152 5316 seclogon - ok
10:22:41.0167 5316 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:22:41.0183 5316 SENS - ok
10:22:41.0245 5316 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:22:41.0245 5316 SensrSvc - ok
10:22:41.0276 5316 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:22:41.0292 5316 Serenum - ok
10:22:41.0339 5316 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:22:41.0339 5316 Serial - ok
10:22:41.0386 5316 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:22:41.0386 5316 sermouse - ok
10:22:41.0464 5316 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:22:41.0479 5316 SessionEnv - ok
10:22:41.0495 5316 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:22:41.0495 5316 sffdisk - ok
10:22:41.0526 5316 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:22:41.0573 5316 sffp_mmc - ok
10:22:41.0620 5316 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:22:41.0620 5316 sffp_sd - ok
10:22:41.0682 5316 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:22:41.0682 5316 sfloppy - ok
10:22:41.0729 5316 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:22:41.0729 5316 SharedAccess - ok
10:22:41.0854 5316 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:22:41.0885 5316 ShellHWDetection - ok
10:22:41.0994 5316 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:22:41.0994 5316 SiSRaid2 - ok
10:22:42.0025 5316 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:22:42.0025 5316 SiSRaid4 - ok
10:22:42.0166 5316 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:22:42.0166 5316 SkypeUpdate - ok
10:22:42.0259 5316 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:22:42.0290 5316 Smb - ok
10:22:42.0353 5316 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:22:42.0368 5316 SNMPTRAP - ok
10:22:42.0384 5316 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:22:42.0384 5316 spldr - ok
10:22:42.0431 5316 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:22:42.0462 5316 Spooler - ok
10:22:42.0634 5316 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:22:42.0774 5316 sppsvc - ok
10:22:42.0805 5316 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:22:42.0821 5316 sppuinotify - ok
10:22:42.0992 5316 [ 1321A6C3C92BBD3F3BBE1292CFF8E91A ] SRTSP C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSP64.SYS
10:22:43.0039 5316 SRTSP - ok
10:22:43.0086 5316 [ BD129C22C3B8C2E584227269DFA77B09 ] SRTSPX C:\Windows\system32\drivers\NISx64\1301000.01C\SRTSPX64.SYS
10:22:43.0086 5316 SRTSPX - ok
10:22:43.0133 5316 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:22:43.0180 5316 srv - ok
10:22:43.0226 5316 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:22:43.0258 5316 srv2 - ok
10:22:43.0320 5316 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:22:43.0336 5316 SrvHsfHDA - ok
10:22:43.0414 5316 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
10:22:43.0460 5316 SrvHsfV92 - ok
10:22:43.0507 5316 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
10:22:43.0523 5316 SrvHsfWinac - ok
10:22:43.0554 5316 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:22:43.0570 5316 srvnet - ok
10:22:43.0648 5316 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:22:43.0648 5316 SSDPSRV - ok
10:22:43.0694 5316 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:22:43.0710 5316 SstpSvc - ok
10:22:43.0726 5316 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:22:43.0757 5316 stexstor - ok
10:22:43.0835 5316 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:22:43.0866 5316 stisvc - ok
10:22:43.0882 5316 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:22:43.0882 5316 swenum - ok
10:22:43.0944 5316 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:22:43.0960 5316 swprv - ok
10:22:43.0991 5316 [ 8B2430762099598DA40686F754632EFD ] SymDS C:\Windows\system32\drivers\NISx64\1301000.01C\SYMDS64.SYS
10:22:44.0006 5316 SymDS - ok
10:22:44.0100 5316 [ FE29B18BF86FFCD55D8733C9B01E5042 ] SymEFA C:\Windows\system32\drivers\NISx64\1301000.01C\SYMEFA64.SYS
10:22:44.0116 5316 SymEFA - ok
10:22:44.0178 5316 [ 36B77F5C9E21F88A8C8EC67AD5415819 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:22:44.0178 5316 SymEvent - ok
10:22:44.0209 5316 [ DD70DA422460FDED831D211DF151D560 ] SymIRON C:\Windows\system32\drivers\NISx64\1301000.01C\Ironx64.SYS
10:22:44.0209 5316 SymIRON - ok
10:22:44.0240 5316 [ BCE4EB2EEF05E388959B46FD21388C2D ] SymNetS C:\Windows\system32\drivers\NISx64\1301000.01C\SYMNETS.SYS
10:22:44.0256 5316 SymNetS - ok
10:22:44.0318 5316 [ B344B6DBEB992CC368DAF6264BBFED8E ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:22:44.0334 5316 SynTP - ok
10:22:44.0459 5316 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:22:44.0552 5316 SysMain - ok
10:22:44.0662 5316 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:22:44.0677 5316 TabletInputService - ok
10:22:44.0724 5316 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:22:44.0740 5316 TapiSrv - ok
10:22:44.0771 5316 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:22:44.0771 5316 TBS - ok
10:22:44.0911 5316 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:22:44.0942 5316 Tcpip - ok
10:22:45.0067 5316 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:22:45.0098 5316 TCPIP6 - ok
10:22:45.0145 5316 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:22:45.0161 5316 tcpipreg - ok
10:22:45.0208 5316 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:22:45.0223 5316 TDPIPE - ok
10:22:45.0254 5316 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:22:45.0270 5316 TDTCP - ok
10:22:45.0301 5316 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:22:45.0317 5316 tdx - ok
10:22:45.0364 5316 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:22:45.0364 5316 TermDD - ok
10:22:45.0426 5316 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:22:45.0442 5316 TermService - ok
10:22:45.0457 5316 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:22:45.0488 5316 Themes - ok
10:22:45.0535 5316 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:22:45.0535 5316 THREADORDER - ok
10:22:45.0582 5316 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:22:45.0598 5316 TrkWks - ok
10:22:45.0691 5316 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:22:45.0691 5316 TrustedInstaller - ok
10:22:45.0738 5316 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:22:45.0738 5316 tssecsrv - ok
10:22:45.0769 5316 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:22:45.0769 5316 TsUsbFlt - ok
10:22:45.0785 5316 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:22:45.0800 5316 TsUsbGD - ok
10:22:45.0816 5316 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:22:45.0816 5316 tunnel - ok
10:22:45.0847 5316 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:22:45.0863 5316 uagp35 - ok
10:22:45.0941 5316 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:22:45.0956 5316 udfs - ok
10:22:45.0988 5316 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:22:46.0003 5316 UI0Detect - ok
10:22:46.0034 5316 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:22:46.0050 5316 uliagpkx - ok
10:22:46.0097 5316 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:22:46.0097 5316 umbus - ok
10:22:46.0128 5316 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
10:22:46.0128 5316 UmPass - ok
10:22:46.0175 5316 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:22:46.0190 5316 upnphost - ok
10:22:46.0237 5316 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:22:46.0237 5316 USBAAPL64 - ok
10:22:46.0268 5316 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:22:46.0268 5316 usbccgp - ok
10:22:46.0315 5316 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:22:46.0331 5316 usbcir - ok
10:22:46.0378 5316 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:22:46.0378 5316 usbehci - ok
10:22:46.0409 5316 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
10:22:46.0409 5316 usbfilter - ok
10:22:46.0440 5316 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
10:22:46.0456 5316 usbhub - ok
10:22:46.0471 5316 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:22:46.0471 5316 usbohci - ok
10:22:46.0534 5316 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:22:46.0534 5316 usbprint - ok
10:22:46.0596 5316 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:22:46.0612 5316 usbscan - ok
10:22:46.0643 5316 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:22:46.0643 5316 USBSTOR - ok
10:22:46.0658 5316 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:22:46.0674 5316 usbuhci - ok
10:22:46.0752 5316 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:22:46.0768 5316 usbvideo - ok
10:22:46.0846 5316 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:22:46.0877 5316 UxSms - ok
10:22:46.0924 5316 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:22:46.0924 5316 VaultSvc - ok
10:22:46.0955 5316 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:22:46.0955 5316 vdrvroot - ok
10:22:47.0002 5316 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:22:47.0017 5316 vds - ok
10:22:47.0111 5316 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:22:47.0126 5316 vga - ok
10:22:47.0173 5316 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:22:47.0173 5316 VgaSave - ok
10:22:47.0204 5316 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:22:47.0236 5316 vhdmp - ok
10:22:47.0267 5316 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:22:47.0267 5316 viaide - ok
10:22:47.0298 5316 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:22:47.0298 5316 volmgr - ok
10:22:47.0345 5316 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:22:47.0360 5316 volmgrx - ok
10:22:47.0392 5316 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:22:47.0392 5316 volsnap - ok
10:22:47.0454 5316 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:22:47.0454 5316 vsmraid - ok
10:22:47.0579 5316 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:22:47.0641 5316 VSS - ok
10:22:47.0704 5316 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:22:47.0704 5316 vwifibus - ok
10:22:47.0735 5316 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:22:47.0735 5316 vwififlt - ok
10:22:47.0766 5316 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:22:47.0797 5316 W32Time - ok
10:22:47.0875 5316 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:22:47.0875 5316 WacomPen - ok
10:22:47.0969 5316 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:22:47.0984 5316 WANARP - ok
10:22:48.0016 5316 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:22:48.0016 5316 Wanarpv6 - ok
10:22:48.0125 5316 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:22:48.0203 5316 WatAdminSvc - ok
10:22:48.0312 5316 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:22:48.0374 5316 wbengine - ok
10:22:48.0390 5316 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:22:48.0390 5316 WbioSrvc - ok
10:22:48.0406 5316 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:22:48.0421 5316 wcncsvc - ok
10:22:48.0452 5316 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:22:48.0452 5316 WcsPlugInService - ok
10:22:48.0484 5316 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:22:48.0515 5316 Wd - ok
10:22:48.0577 5316 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:22:48.0608 5316 Wdf01000 - ok
10:22:48.0624 5316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:22:48.0640 5316 WdiServiceHost - ok
10:22:48.0655 5316 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:22:48.0655 5316 WdiSystemHost - ok
10:22:48.0718 5316 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:22:48.0718 5316 WebClient - ok
10:22:48.0749 5316 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:22:48.0796 5316 Wecsvc - ok
10:22:48.0858 5316 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:22:48.0874 5316 wercplsupport - ok
10:22:48.0889 5316 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:22:48.0936 5316 WerSvc - ok
10:22:48.0967 5316 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:22:48.0983 5316 WfpLwf - ok
10:22:48.0998 5316 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:22:49.0014 5316 WIMMount - ok
10:22:49.0030 5316 WinDefend - ok
10:22:49.0061 5316 WinHttpAutoProxySvc - ok
10:22:49.0217 5316 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:22:49.0217 5316 Winmgmt - ok
10:22:49.0342 5316 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:22:49.0420 5316 WinRM - ok
10:22:49.0513 5316 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:22:49.0513 5316 WinUsb - ok
10:22:49.0576 5316 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:22:49.0607 5316 Wlansvc - ok
10:22:49.0747 5316 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:22:49.0747 5316 wlcrasvc - ok
10:22:49.0966 5316 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:22:49.0981 5316 wlidsvc - ok
10:22:50.0059 5316 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:22:50.0059 5316 WmiAcpi - ok
10:22:50.0168 5316 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:22:50.0184 5316 wmiApSrv - ok
10:22:50.0215 5316 WMPNetworkSvc - ok
10:22:50.0246 5316 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:22:50.0293 5316 WPCSvc - ok
10:22:50.0356 5316 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:22:50.0371 5316 WPDBusEnum - ok
10:22:50.0434 5316 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:22:50.0434 5316 ws2ifsl - ok
10:22:50.0480 5316 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:22:50.0496 5316 wscsvc - ok
10:22:50.0512 5316 WSearch - ok
10:22:50.0543 5316 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:22:50.0558 5316 WudfPf - ok
10:22:50.0590 5316 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:22:50.0621 5316 WUDFRd - ok
10:22:50.0652 5316 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:22:50.0699 5316 wudfsvc - ok
10:22:50.0730 5316 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
10:22:50.0746 5316 WwanSvc - ok
10:22:50.0777 5316 ================ Scan global ===============================
10:22:50.0792 5316 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:22:50.0870 5316 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:22:50.0902 5316 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
10:22:50.0917 5316 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:22:50.0964 5316 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:22:50.0980 5316 [Global] - ok
10:22:50.0980 5316 ================ Scan MBR ==================================
10:22:51.0011 5316 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:22:53.0210 5316 \Device\Harddisk0\DR0 - ok
10:22:53.0210 5316 ================ Scan VBR ==================================
10:22:53.0242 5316 [ C2BFA55496679BBEF630D0E8C2B7346C ] \Device\Harddisk0\DR0\Partition1
10:22:53.0257 5316 \Device\Harddisk0\DR0\Partition1 - ok
10:22:53.0288 5316 [ A014FDC334D262FDDCA6024A2BB13833 ] \Device\Harddisk0\DR0\Partition2
10:22:53.0288 5316 \Device\Harddisk0\DR0\Partition2 - ok
10:22:53.0335 5316 [ A2A88FB62DEF75794F23569F8DE6D925 ] \Device\Harddisk0\DR0\Partition3
10:22:53.0366 5316 \Device\Harddisk0\DR0\Partition3 - ok
10:22:53.0413 5316 [ 9A9047BFD433C636A197003BBDE15A98 ] \Device\Harddisk0\DR0\Partition4
10:22:53.0413 5316 \Device\Harddisk0\DR0\Partition4 - ok
10:22:53.0413 5316 ============================================================
10:22:53.0413 5316 Scan finished
10:22:53.0413 5316 ============================================================
10:22:53.0444 6120 Detected object count: 0
10:22:53.0444 6120 Actual detected object count: 0
10:23:12.0960 5972 Deinitialize success

2.
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-08 10:24:08
-----------------------------
10:24:08.194 OS Version: Windows x64 6.1.7601 Service Pack 1
10:24:08.194 Number of processors: 2 586 0x200
10:24:08.194 ComputerName: TREVOR UserName:
10:24:14.575 Initialize success
10:24:35.978 AVAST engine defs: 12100702
10:24:48.693 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006b
10:24:48.709 Disk 0 Vendor: ST950032 0005 Size: 476940MB BusType: 11
10:24:48.740 Disk 0 MBR read successfully
10:24:48.740 Disk 0 MBR scan
10:24:48.771 Disk 0 Windows 7 default MBR code
10:24:48.833 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
10:24:48.880 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 452872 MB offset 409600
10:24:48.927 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 19804 MB offset 927891456
10:24:48.989 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 968450048
10:24:49.083 Disk 0 scanning C:\Windows\system32\drivers
10:25:26.043 Service scanning
10:26:30.710 Modules scanning
10:26:30.725 Disk 0 trace - called modules:
10:26:30.756 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys
10:26:30.772 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004132060]
10:26:30.788 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8003c31ac0]
10:26:30.803 5 amd_xata.sys[fffff880010faa1d] -> nt!IofCallDriver -> [0xfffffa8003c2f7a0]
10:26:30.819 7 ACPI.sys[fffff88000f267a1] -> nt!IofCallDriver -> \Device\0000006b[0xfffffa8003c2d660]
10:26:34.360 AVAST engine scan C:\Windows
10:26:39.726 AVAST engine scan C:\Windows\system32
10:35:18.979 AVAST engine scan C:\Windows\system32\drivers
10:36:04.972 AVAST engine scan C:\Users\Trevor Jones
10:42:03.283 AVAST engine scan C:\ProgramData
10:43:06.965 Scan finished successfully
10:45:14.030 Disk 0 MBR has been saved successfully to "C:\Users\Trevor Jones\Desktop\MBR.dat"
10:45:14.046 The log file has been saved successfully to "C:\Users\Trevor Jones\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:33 PM

Posted 08 October 2012 - 07:35 AM

ESET log?

#6 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 13 October 2012 - 05:51 AM

Hi,

In my last post I mentioned that I have run ESET twice - in safe and normal modes and had the same problem - it gets stuck / freezes when scanning:

c:/ProgramData\WildTangent\...\WTA-1917ce23-3f96-463e-9e47-fcbb8918b585-extr.exe

It just stays scanning the file indefinitely.

I have to cancel the scan and don't get an option to export the log file.

look forward to hearing your advice.

Cheers,

Trevor.

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:33 PM

Posted 13 October 2012 - 07:32 AM

Can you uninstall Wild tangent from add or remove programs and run the scan again?


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 13 October 2012 - 06:18 PM

OK deleted wild tangent. ESET picked a few things up:

C:\Users\Trevor Jones\AppData\Local\chromeupdate.crx JS/Redirector.NCG trojan deleted - quarantined
C:\Users\Trevor Jones\AppData\Roaming\ustct.dll a variant of Win32/Medfos.DY trojan cleaned by deleting - quarantined

They're currently quarantined. Can I remove them?

Have run autoruns. Text below:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "RTHDVCPL" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\rtkngui64.exe"
+ "SetDefault" "SetDefault" "Hewlett-Packard Development Company, L.P." "c:\program files\hewlett-packard\hp launchbox\setdefault.exe"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "Easybits Recovery" "" "EasyBits Software AS" "c:\program files (x86)\easybits for kids\ezrecover.exe"
+ "HP Quick Launch" "HP Message Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe"
+ "HPConnectionManager" "HPCMDelayStart Application" "Hewlett-Packard Development Company L.P." "c:\program files (x86)\hewlett-packard\hp connection manager\hpcmdelaystart.exe"
+ "HPOSD" "HP On Screen Display" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe"
+ "HPQuickWebProxy" "HP QuickWeb Utilities" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp quickweb\hpqwutils.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\users\trevor jones\appdata\local\facebook\update\facebookupdate.exe"
+ "MobileDocuments" "ubd.exe" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\ubd.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "EasyBits Security Shield Hook - prevents launching insecure programs by kids" "EasyBits Security Shield component" "EasyBits Software Corp." "c:\windows\syswow64\ezupbhook.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton internet security\engine64\19.1.0.28\navshext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton internet security\engine64\19.1.0.28\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton internet security\engine\19.1.0.28\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton internet security\engine\19.1.0.28\ips\ipsbho.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files (x86)\google\google toolbar\googletoolbar_32.dll"
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton internet security\engine\19.1.0.28\coieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4" "" "" "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "AMD FUEL Service" "Provides FUEL Functionality" "Advanced Micro Devices, Inc." "c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "ezSharedSvc" "Provides licensing, security and parental control services for EasyBits applications. If this service is stopped or disabled, these applications will not function properly." "EasyBits Software AS" "c:\windows\syswow64\ezsharedsvchost.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "HitmanProScheduler" "HitmanPro Scheduler controls scheduled scans" "SurfRight B.V." "c:\program files\hitmanpro\hmpsched.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "hpCMSrv" "Manages all HP embedded network connectivities." "Hewlett-Packard Development Company L.P." "c:\program files (x86)\hewlett-packard\hp connection manager\hpcmsrv.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "HP Software Framework WMI Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "HPWMISVC" "HP Quick Launch WMI Service" "Hewlett-Packard Development Company, L.P." "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "IconMan_R" "Realtek Card Reader Icon Tool." "Realsil Microelectronics Inc." "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MDM" "Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\vs7debug\mdm.exe"
+ "NIS" "Norton Internet Security" "Symantec Corporation" "c:\program files (x86)\norton internet security\engine\19.1.0.28\ccsvchst.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "rpcapd" "Allows to capture traffic on this machine from a remote machine." "CACE Technologies, Inc." "c:\program files (x86)\winpcap\rpcapd.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amd_sata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_sata.sys"
+ "amd_xata" "Stor Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_xata.sys"
+ "amdiox64" "AMD IO Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdiox64.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120619.001\bhdrvx64.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "ccSet_NIS" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\nisx64\1301000.01c\ccsetx64.sys"
+ "clwvd" "CyberLink WebCam Virtual Driver" "CyberLink Corporation" "c:\windows\system32\drivers\clwvd.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120613.007\idsvia64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120620.005\eng64.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120620.005\ex64.sys"
+ "netr28x" "Ralink 802.11 Wireless Adapter Driver" "Ralink Technology, Corp." "c:\windows\system32\drivers\netr28x.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NPF" "npf.sys (NT5/6 AMD64) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR" "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nisx64\1301000.01c\srtsp64.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nisx64\1301000.01c\srtspx64.sys"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\nisx64\1301000.01c\symds64.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\nisx64\1301000.01c\symefa64.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\nisx64\1301000.01c\ironx64.sys"
+ "SymNetS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\nisx64\1301000.01c\symnets.sys"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP250 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm9w.dll"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:33 PM

Posted 13 October 2012 - 06:25 PM

They're currently quarantined. Can I remove them?


Remove them

Reboot to normal mode

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#10 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 14 October 2012 - 04:55 AM

MalwareBites:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.14.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Trevor Jones :: TREVOR [administrator]

14/10/2012 09:34:38
mbam-log-2012-10-14 (09-34-38).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 330271
Time elapsed: 1 hour(s), 4 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 14 October 2012 - 05:09 AM

Minitoolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Trevor Jones (administrator) on 14-10-2012 at 10:57:34
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Trevor
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-9C-02-20-33-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 7C-E9-D3-10-62-FA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::486e:f4f6:59b7:3750%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 14 October 2012 09:29:18
Lease Expires . . . . . . . . . . : 15 October 2012 10:50:49
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 243067347
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-CF-12-D0-7C-E9-D3-10-62-FA
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{193E6407-5F3F-412F-8220-FD5DC0ABD7BD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:18bb:daf:fd84:80d6(Preferred)
Link-local IPv6 Address . . . . . : fe80::18bb:daf:fd84:80d6%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: SkyRouter.Home
Address: 192.168.0.1

Name: google.com
Addresses: 2a00:1450:4009:805::1009
173.194.34.160
173.194.34.161
173.194.34.162
173.194.34.163
173.194.34.164
173.194.34.165
173.194.34.166
173.194.34.167
173.194.34.168
173.194.34.169
173.194.34.174


Pinging google.com [173.194.34.160] with 32 bytes of data:
Reply from 173.194.34.160: bytes=32 time=22ms TTL=58
Reply from 173.194.34.160: bytes=32 time=24ms TTL=58

Ping statistics for 173.194.34.160:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 24ms, Average = 23ms
Server: SkyRouter.Home
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=201ms TTL=51
Request timed out.

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 201ms, Maximum = 201ms, Average = 201ms
Server: SkyRouter.Home
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 9c 02 20 33 8d ......Realtek PCIe FE Family Controller
11...7c e9 d3 10 62 fa ......Ralink RT5390 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.6 281
192.168.0.6 255.255.255.255 On-link 192.168.0.6 281
192.168.0.255 255.255.255.255 On-link 192.168.0.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:5ef5:79fd:18bb:daf:fd84:80d6/128
On-link
11 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::18bb:daf:fd84:80d6/128
On-link
11 281 fe80::486e:f4f6:59b7:3750/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/14/2012 09:30:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2012 08:51:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2012 10:49:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2012 10:45:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2012 07:09:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 06:29:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 06:24:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 11:56:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 10:45:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/08/2012 10:45:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/14/2012 09:23:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:23:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:23:40 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:21:34 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:21:34 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:21:34 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:16:34 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:16:34 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:16:34 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (10/14/2012 09:14:26 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (10/14/2012 09:30:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2012 08:51:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2012 10:49:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2012 10:45:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/11/2012 07:09:46 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 06:29:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 06:24:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 11:56:33 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/08/2012 10:45:49 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Trevor Jones\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LQTK6B0\esetsmartinstaller_enu.exe

Error: (10/08/2012 10:45:44 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Trevor Jones\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2LQTK6B0\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Fuel (Version: 2011.0705.1115.18310)
AMD Media Foundation Decoders (Version: 1.0.60705.1113)
AMD VISION Engine Control Center (Version: 2011.0705.1115.18310)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Bejeweled 3 (Version: 2.2.0.97)
Bing Bar (Version: 7.0.826.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.2.8188)
Bonjour (Version: 3.0.0.10)
Canon MP250 series MP Drivers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0705.1115.18310)
Catalyst Control Center InstallProxy (Version: 2011.0705.1115.18310)
Catalyst Control Center Localization All (Version: 2011.0705.1115.18310)
ccc-utility64 (Version: 2011.0705.1115.18310)
CCC Help Chinese Standard (Version: 2011.0705.1114.18310)
CCC Help Chinese Traditional (Version: 2011.0705.1114.18310)
CCC Help Czech (Version: 2011.0705.1114.18310)
CCC Help Danish (Version: 2011.0705.1114.18310)
CCC Help Dutch (Version: 2011.0705.1114.18310)
CCC Help English (Version: 2011.0705.1114.18310)
CCC Help Finnish (Version: 2011.0705.1114.18310)
CCC Help French (Version: 2011.0705.1114.18310)
CCC Help German (Version: 2011.0705.1114.18310)
CCC Help Greek (Version: 2011.0705.1114.18310)
CCC Help Hungarian (Version: 2011.0705.1114.18310)
CCC Help Italian (Version: 2011.0705.1114.18310)
CCC Help Japanese (Version: 2011.0705.1114.18310)
CCC Help Korean (Version: 2011.0705.1114.18310)
CCC Help Norwegian (Version: 2011.0705.1114.18310)
CCC Help Polish (Version: 2011.0705.1114.18310)
CCC Help Portuguese (Version: 2011.0705.1114.18310)
CCC Help Russian (Version: 2011.0705.1114.18310)
CCC Help Spanish (Version: 2011.0705.1114.18310)
CCC Help Swedish (Version: 2011.0705.1114.18310)
CCC Help Thai (Version: 2011.0705.1114.18310)
CCC Help Turkish (Version: 2011.0705.1114.18310)
CCleaner (Version: 3.23)
Chuzzle Deluxe (Version: 2.2.0.95)
Compaq Setup Manager (Version: 1.2.14901.3869)
Cradle of Rome 2 (Version: 2.2.0.98)
CyberLink YouCam (Version: 3.5.0.4606)
D3DX10 (Version: 15.4.2368.0902)
Dora's World Adventure (Version: 2.2.0.95)
ESET Online Scanner v3
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Evernote v. 4.2.3 (Version: 4.2.3.22)
Facebook Messenger 2.1.4651.0 (Version: 2.1.4651.0)
Farm Frenzy (Version: 2.2.0.98)
Farmscapes (Version: 2.2.0.98)
FATE (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
Google Chrome (Version: 22.0.1229.94)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HitmanPro 3.6 (Version: 3.6.2.171)
Hoyle Card Games (Version: 2.2.0.95)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Connection Manager (Version: 4.1.23.1)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Documentation (Version: 1.1.0.0)
HP Games (Version: 1.0.2.5)
HP Launch Box (Version: 1.1.5)
HP On Screen Display (Version: 1.3.5)
HP Power Manager (Version: 1.4.8)
HP Quick Launch (Version: 2.7.2)
HP QuickWeb (Version: 3.1.1.10184)
HP Recovery Manager (Version: 2.0.0)
HP Security Assistant (Version: 1.0.12)
HP Setup (Version: 9.0.15076.3891)
HP Software Framework (Version: 4.5.1.1)
HP Support Assistant (Version: 6.1.12.1)
iCloud (Version: 1.1.0.40)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Letters from Nowhere 2 (Version: 2.2.0.97)
Luxor HD (Version: 2.2.0.98)
Magic Desktop (Version: 3.0)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Norton Internet Security (Version: 19.1.0.28)
opensource (Version: 1.0.14960.3876)
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
QuickTime (Version: 7.72.80.56)
Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.2.12.0)
Realtek Ethernet Controller Driver (Version: 7.42.304.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6461)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Safari (Version: 5.34.57.2)
Skype™ 5.10 (Version: 5.10.116)
swMSM (Version: 12.0.0.1)
Synaptics TouchPad Driver (Version: 15.3.21.0)
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
TL-PA211 Powerline Utility (Version: 2.0)
Torchlight (Version: 2.2.0.98)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
WildTangent Games App (HP Games) (Version: 4.0.5.32)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinPcap 4.1.1 (Version: 4.1.0.1753)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 49%
Total physical RAM: 3690.91 MB
Available physical RAM: 1863.95 MB
Total Pagefile: 7380 MB
Available Pagefile: 5248.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.02 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:442.26 GB) (Free:382.42 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:19.34 GB) (Free:2.1 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

========================= Users: ========================================

User accounts for \\TREVOR

Administrator Guest Trevor Jones

========================= Restore Points ==================================

31-07-2012 07:29:13 Windows Update
03-08-2012 20:22:31 Windows Update
07-08-2012 18:26:32 Windows Update
14-08-2012 09:28:03 Windows Update
17-08-2012 17:32:12 Windows Update
18-08-2012 07:19:16 Windows Update
22-08-2012 05:49:42 Windows Update
28-08-2012 17:45:08 Windows Update
05-09-2012 06:33:24 Windows Update
12-09-2012 18:12:25 Windows Update
14-09-2012 06:06:50 Windows Update
18-09-2012 20:31:23 Windows Update
21-09-2012 20:46:27 Windows Update
25-09-2012 19:28:21 Windows Update

**** End of log ****

#12 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 14 October 2012 - 06:33 AM

Farbar:

Farbar Service Scanner Version: 07-10-2012
Ran by Trevor Jones (administrator) on 14-10-2012 at 12:32:28
Running from "C:\Users\Trevor Jones\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5B2GU1YH"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 14 October 2012 - 06:36 AM

Smart Screen filter blocked me from opening the adware cleaner link. Whjat should I do here?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:33 PM

Posted 14 October 2012 - 07:33 AM

Use a different browser

#15 tcjones1985

tcjones1985
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:01:33 PM

Posted 14 October 2012 - 08:05 AM

Junkware removal tool:

Junkware Removal Tool (JRT) by Thisisu
Version: 1.5.6 (10.14.2012)
OS: Windows 7 Home Premium x64
Ran by Trevor Jones on 14/10/2012 at 12:44:24.51
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** Ask Toolbar Cleanup:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{2fa28606-de77-4029-af96-b231e3b8f827}



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 14/10/2012 at 13:30:04.63
End of Report




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users