Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected?


  • Please log in to reply
28 replies to this topic

#1 Majbach

Majbach

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 05 October 2012 - 10:31 PM

Mod Edit: Split from http://www.bleepingcomputer.com/forums/topic445861.html/page__st__15__p__2861458#entry2861458


Hello! What an invaluable forum and members!
I stumbled on this thread whilst Googling the same problem and error code.
I recently tried to media stream from my laptop running Win 7 Home Premium to my PS3. When I couldn't find the PS3 in Netwroking, I determined it was due to certain services not running. From there, I determined I had an infected laptop with the w64.Zaccess.a virus. It took some time but I managed to successfully kill the beast with ComboFix. Now however, I have noticed that Firewall and Defender will not run - same error and symptoms as the initial poster. Windows Event Controller is missing from services but all others are running properly except Function Discovery Resource Publication which also will not start.

Having read other posts in these forums and learned that identical symptoms are not necessarily identical solutions, I have refrained from following your advice for the initial poster. However, instead of starting a new thread on the same problem, I followed your instructions and below is my log file. Please help. Thanks



Farbar Service Scanner Version: 19-09-2012
Ran by acer (administrator) on 05-10-2012 at 20:22:44
Running from "E:\!!Windows\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by hamluis, 06 October 2012 - 07:59 AM.
Removed link quote, split, PM sent new OP - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:32 PM

Posted 06 October 2012 - 12:27 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 06 October 2012 - 06:18 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Here ya go!
Interesting about the Win32/Packed.Enigma.AAD trojan in the last log. I seriously doubt this has any relevance to my problem though.


12:43:20.0905 6448 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
12:43:21.0304 6448 ============================================================
12:43:21.0304 6448 Current date / time: 2012/10/06 12:43:21.0304
12:43:21.0304 6448 SystemInfo:
12:43:21.0304 6448
12:43:21.0304 6448 OS Version: 6.1.7601 ServicePack: 1.0
12:43:21.0304 6448 Product type: Workstation
12:43:21.0304 6448 ComputerName: ACER-PC
12:43:21.0304 6448 UserName: acer
12:43:21.0304 6448 Windows directory: C:\Windows
12:43:21.0304 6448 System windows directory: C:\Windows
12:43:21.0304 6448 Running under WOW64
12:43:21.0304 6448 Processor architecture: Intel x64
12:43:21.0304 6448 Number of processors: 4
12:43:21.0304 6448 Page size: 0x1000
12:43:21.0304 6448 Boot type: Normal boot
12:43:21.0304 6448 ============================================================
12:43:21.0952 6448 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:43:21.0956 6448 ============================================================
12:43:21.0956 6448 \Device\Harddisk0\DR0:
12:43:21.0957 6448 MBR partitions:
12:43:21.0957 6448 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x47FB800, BlocksNum 0xB2000
12:43:21.0957 6448 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48AD800, BlocksNum 0x1258111D
12:43:21.0969 6448 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x16E2E95C, BlocksNum 0xC54144C
12:43:21.0988 6448 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x2336FDE7, BlocksNum 0x274E70DA
12:43:21.0988 6448 ============================================================
12:43:22.0004 6448 E: <-> \Device\Harddisk0\DR0\Partition3
12:43:22.0021 6448 F: <-> \Device\Harddisk0\DR0\Partition4
12:43:22.0058 6448 C: <-> \Device\Harddisk0\DR0\Partition2
12:43:22.0058 6448 ============================================================
12:43:22.0058 6448 Initialize success
12:43:22.0058 6448 ============================================================
12:43:24.0436 4788 ============================================================
12:43:24.0436 4788 Scan started
12:43:24.0436 4788 Mode: Manual;
12:43:24.0436 4788 ============================================================
12:43:24.0682 4788 ================ Scan system memory ========================
12:43:24.0682 4788 System memory - ok
12:43:24.0682 4788 ================ Scan services =============================
12:43:24.0874 4788 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:43:24.0877 4788 1394ohci - ok
12:43:24.0905 4788 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:43:24.0908 4788 ACPI - ok
12:43:24.0922 4788 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:43:24.0923 4788 AcpiPmi - ok
12:43:25.0016 4788 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
12:43:25.0019 4788 AdobeActiveFileMonitor9.0 - ok
12:43:25.0083 4788 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:43:25.0084 4788 AdobeARMservice - ok
12:43:25.0210 4788 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:43:25.0211 4788 AdobeFlashPlayerUpdateSvc - ok
12:43:25.0246 4788 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:43:25.0252 4788 adp94xx - ok
12:43:25.0283 4788 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:43:25.0287 4788 adpahci - ok
12:43:25.0301 4788 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:43:25.0303 4788 adpu320 - ok
12:43:25.0330 4788 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:43:25.0332 4788 AeLookupSvc - ok
12:43:25.0384 4788 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:43:25.0389 4788 AFD - ok
12:43:25.0416 4788 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:43:25.0418 4788 agp440 - ok
12:43:25.0437 4788 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:43:25.0439 4788 ALG - ok
12:43:25.0459 4788 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:43:25.0460 4788 aliide - ok
12:43:25.0476 4788 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:43:25.0478 4788 amdide - ok
12:43:25.0505 4788 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:43:25.0506 4788 AmdK8 - ok
12:43:25.0526 4788 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:43:25.0527 4788 AmdPPM - ok
12:43:25.0542 4788 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:43:25.0544 4788 amdsata - ok
12:43:25.0570 4788 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:43:25.0574 4788 amdsbs - ok
12:43:25.0587 4788 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:43:25.0588 4788 amdxata - ok
12:43:25.0618 4788 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:43:25.0619 4788 AppID - ok
12:43:25.0633 4788 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:43:25.0634 4788 AppIDSvc - ok
12:43:25.0658 4788 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:43:25.0659 4788 Appinfo - ok
12:43:25.0755 4788 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:43:25.0756 4788 Apple Mobile Device - ok
12:43:25.0796 4788 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:43:25.0797 4788 arc - ok
12:43:25.0810 4788 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:43:25.0812 4788 arcsas - ok
12:43:25.0846 4788 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:43:25.0847 4788 AsyncMac - ok
12:43:25.0867 4788 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:43:25.0868 4788 atapi - ok
12:43:25.0890 4788 [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
12:43:25.0891 4788 AthBTPort - ok
12:43:25.0937 4788 [ 1D1C5E029F0742F04F88C16E7A6AB0E0 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
12:43:25.0938 4788 AtherosSvc - ok
12:43:25.0986 4788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:43:25.0993 4788 AudioEndpointBuilder - ok
12:43:26.0002 4788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:43:26.0006 4788 AudioSrv - ok
12:43:26.0035 4788 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:43:26.0037 4788 AxInstSV - ok
12:43:26.0075 4788 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:43:26.0080 4788 b06bdrv - ok
12:43:26.0121 4788 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:43:26.0124 4788 b57nd60a - ok
12:43:26.0172 4788 [ A424CB46A145E5AABF15621550976DF2 ] b57xdbd C:\Windows\system32\drivers\b57xdbd.sys
12:43:26.0174 4788 b57xdbd - ok
12:43:26.0181 4788 [ BE4E6FD5A898812B85D5817AD9754A9F ] b57xdmp C:\Windows\system32\drivers\b57xdmp.sys
12:43:26.0182 4788 b57xdmp - ok
12:43:26.0237 4788 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:43:26.0239 4788 BDESVC - ok
12:43:26.0272 4788 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:43:26.0273 4788 Beep - ok
12:43:26.0335 4788 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:43:26.0343 4788 BFE - ok
12:43:26.0390 4788 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:43:26.0399 4788 BITS - ok
12:43:26.0443 4788 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:43:26.0444 4788 blbdrive - ok
12:43:26.0504 4788 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:43:26.0506 4788 Bonjour Service - ok
12:43:26.0538 4788 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:43:26.0539 4788 bowser - ok
12:43:26.0551 4788 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:43:26.0552 4788 BrFiltLo - ok
12:43:26.0566 4788 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:43:26.0567 4788 BrFiltUp - ok
12:43:26.0582 4788 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:43:26.0583 4788 BridgeMP - ok
12:43:26.0640 4788 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:43:26.0642 4788 Browser - ok
12:43:26.0681 4788 [ 6DF544E72FF139E8FBBBA6D0E569BEA5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
12:43:26.0683 4788 BrSerIb - ok
12:43:26.0702 4788 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:43:26.0706 4788 Brserid - ok
12:43:26.0714 4788 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:43:26.0715 4788 BrSerWdm - ok
12:43:26.0724 4788 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:43:26.0725 4788 BrUsbMdm - ok
12:43:26.0737 4788 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:43:26.0738 4788 BrUsbSer - ok
12:43:26.0759 4788 [ 80082AD46578F0D3270D2E56D6433082 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
12:43:26.0760 4788 BrUsbSIb - ok
12:43:26.0802 4788 [ 0970D8B7151E9113BF8D44CE2E954DF7 ] bScsiMSa C:\Windows\system32\drivers\bScsiMSa.sys
12:43:26.0804 4788 bScsiMSa - ok
12:43:26.0819 4788 [ 0C1EEE5AF32402D306874B110DE237EC ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys
12:43:26.0821 4788 bScsiSDa - ok
12:43:26.0878 4788 [ D74A81CCF0372C955862692B7AF272C9 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
12:43:26.0883 4788 BTATH_A2DP - ok
12:43:26.0892 4788 [ 3118072D09DAA1961A9F6549A4E8433A ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
12:43:26.0894 4788 btath_avdt - ok
12:43:26.0910 4788 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
12:43:26.0910 4788 BTATH_BUS - ok
12:43:26.0939 4788 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
12:43:26.0942 4788 BTATH_HCRP - ok
12:43:26.0968 4788 [ 8008D892A2BDA67EEFBE25E14EB5DC83 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
12:43:26.0970 4788 BTATH_LWFLT - ok
12:43:26.0982 4788 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
12:43:26.0987 4788 BTATH_RCP - ok
12:43:27.0016 4788 [ 65350DC9B058B34BBD3AC837C38C2817 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
12:43:27.0022 4788 BtFilter - ok
12:43:27.0045 4788 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:43:27.0046 4788 BthEnum - ok
12:43:27.0062 4788 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:43:27.0063 4788 BTHMODEM - ok
12:43:27.0078 4788 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:43:27.0080 4788 BthPan - ok
12:43:27.0112 4788 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:43:27.0119 4788 BTHPORT - ok
12:43:27.0160 4788 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:43:27.0161 4788 bthserv - ok
12:43:27.0185 4788 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:43:27.0186 4788 BTHUSB - ok
12:43:27.0204 4788 catchme - ok
12:43:27.0230 4788 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:43:27.0232 4788 cdfs - ok
12:43:27.0272 4788 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:43:27.0274 4788 cdrom - ok
12:43:27.0307 4788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:43:27.0308 4788 CertPropSvc - ok
12:43:27.0318 4788 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:43:27.0319 4788 circlass - ok
12:43:27.0340 4788 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:43:27.0344 4788 CLFS - ok
12:43:27.0411 4788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:43:27.0413 4788 clr_optimization_v2.0.50727_32 - ok
12:43:27.0464 4788 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:43:27.0465 4788 clr_optimization_v2.0.50727_64 - ok
12:43:27.0531 4788 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:43:27.0551 4788 clr_optimization_v4.0.30319_32 - ok
12:43:27.0597 4788 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:43:27.0598 4788 clr_optimization_v4.0.30319_64 - ok
12:43:27.0628 4788 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:43:27.0629 4788 CmBatt - ok
12:43:27.0645 4788 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:43:27.0646 4788 cmdide - ok
12:43:27.0696 4788 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:43:27.0701 4788 CNG - ok
12:43:27.0725 4788 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:43:27.0727 4788 Compbatt - ok
12:43:27.0745 4788 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:43:27.0746 4788 CompositeBus - ok
12:43:27.0761 4788 COMSysApp - ok
12:43:27.0769 4788 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:43:27.0770 4788 crcdisk - ok
12:43:27.0814 4788 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:43:27.0817 4788 CryptSvc - ok
12:43:27.0839 4788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:43:27.0845 4788 DcomLaunch - ok
12:43:27.0875 4788 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:43:27.0879 4788 defragsvc - ok
12:43:27.0904 4788 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:43:27.0906 4788 DfsC - ok
12:43:27.0932 4788 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:43:27.0936 4788 Dhcp - ok
12:43:27.0953 4788 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:43:27.0954 4788 discache - ok
12:43:27.0982 4788 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:43:27.0983 4788 Disk - ok
12:43:28.0009 4788 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:43:28.0011 4788 Dnscache - ok
12:43:28.0028 4788 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:43:28.0032 4788 dot3svc - ok
12:43:28.0043 4788 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:43:28.0046 4788 DPS - ok
12:43:28.0076 4788 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:43:28.0077 4788 drmkaud - ok
12:43:28.0133 4788 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
12:43:28.0235 4788 DsiWMIService - ok
12:43:28.0274 4788 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:43:28.0284 4788 DXGKrnl - ok
12:43:28.0327 4788 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:43:28.0329 4788 EapHost - ok
12:43:28.0399 4788 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:43:28.0468 4788 ebdrv - ok
12:43:28.0518 4788 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:43:28.0520 4788 EFS - ok
12:43:28.0561 4788 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
12:43:28.0564 4788 EgisTec Ticket Service - ok
12:43:28.0622 4788 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:43:28.0626 4788 ehRecvr - ok
12:43:28.0653 4788 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:43:28.0675 4788 ehSched - ok
12:43:28.0751 4788 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:43:28.0757 4788 elxstor - ok
12:43:28.0809 4788 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
12:43:28.0820 4788 epmntdrv - ok
12:43:28.0955 4788 [ 48425C93B6F36529707206E4FA680CF3 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
12:43:28.0960 4788 ePowerSvc - ok
12:43:28.0973 4788 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:43:28.0974 4788 ErrDev - ok
12:43:29.0002 4788 [ DBAA0C650C9549DC5C599D1E81DEDAAD ] ETD C:\Windows\system32\DRIVERS\ETD.sys
12:43:29.0004 4788 ETD - ok
12:43:29.0038 4788 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
12:43:29.0081 4788 EuGdiDrv - ok
12:43:29.0128 4788 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:43:29.0132 4788 EventSystem - ok
12:43:29.0251 4788 [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:43:29.0258 4788 EvtEng - ok
12:43:29.0290 4788 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:43:29.0293 4788 exfat - ok
12:43:29.0323 4788 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:43:29.0327 4788 fastfat - ok
12:43:29.0376 4788 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:43:29.0384 4788 Fax - ok
12:43:29.0420 4788 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:43:29.0422 4788 fdc - ok
12:43:29.0457 4788 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:43:29.0459 4788 fdPHost - ok
12:43:29.0489 4788 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:43:29.0490 4788 FDResPub - ok
12:43:29.0504 4788 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:43:29.0506 4788 FileInfo - ok
12:43:29.0519 4788 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:43:29.0520 4788 Filetrace - ok
12:43:29.0558 4788 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:43:29.0562 4788 FLEXnet Licensing Service - ok
12:43:29.0580 4788 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:43:29.0581 4788 flpydisk - ok
12:43:29.0597 4788 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:43:29.0601 4788 FltMgr - ok
12:43:29.0646 4788 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:43:29.0673 4788 FontCache - ok
12:43:29.0753 4788 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:43:29.0754 4788 FontCache3.0.0.0 - ok
12:43:29.0768 4788 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:43:29.0769 4788 FsDepends - ok
12:43:29.0803 4788 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:43:29.0804 4788 Fs_Rec - ok
12:43:29.0829 4788 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:43:29.0832 4788 fvevol - ok
12:43:29.0861 4788 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:43:29.0862 4788 gagp30kx - ok
12:43:29.0923 4788 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
12:43:29.0925 4788 GamesAppService - ok
12:43:29.0954 4788 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:43:29.0955 4788 GEARAspiWDM - ok
12:43:29.0993 4788 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:43:30.0001 4788 gpsvc - ok
12:43:30.0091 4788 [ C9B2D1D3F86FD3673EF847DEF73B6F9E ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
12:43:30.0092 4788 GREGService - ok
12:43:30.0124 4788 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
12:43:30.0125 4788 grmnusb - ok
12:43:30.0154 4788 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:43:30.0156 4788 hcw85cir - ok
12:43:30.0188 4788 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:43:30.0192 4788 HdAudAddService - ok
12:43:30.0213 4788 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:43:30.0215 4788 HDAudBus - ok
12:43:30.0228 4788 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:43:30.0229 4788 HidBatt - ok
12:43:30.0242 4788 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:43:30.0244 4788 HidBth - ok
12:43:30.0260 4788 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:43:30.0261 4788 HidIr - ok
12:43:30.0293 4788 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:43:30.0294 4788 hidserv - ok
12:43:30.0319 4788 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:43:30.0320 4788 HidUsb - ok
12:43:30.0352 4788 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:43:30.0355 4788 hkmsvc - ok
12:43:30.0402 4788 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:43:30.0405 4788 HomeGroupListener - ok
12:43:30.0424 4788 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:43:30.0427 4788 HomeGroupProvider - ok
12:43:30.0459 4788 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:43:30.0461 4788 HpSAMD - ok
12:43:30.0489 4788 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:43:30.0497 4788 HTTP - ok
12:43:30.0532 4788 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:43:30.0532 4788 hwpolicy - ok
12:43:30.0561 4788 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:43:30.0562 4788 i8042prt - ok
12:43:30.0589 4788 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\drivers\iaStor.sys
12:43:30.0592 4788 iaStor - ok
12:43:30.0669 4788 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:43:30.0669 4788 IAStorDataMgrSvc - ok
12:43:30.0698 4788 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:43:30.0702 4788 iaStorV - ok
12:43:30.0755 4788 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:43:30.0759 4788 idsvc - ok
12:43:30.0958 4788 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:43:31.0172 4788 igfx - ok
12:43:31.0209 4788 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:43:31.0210 4788 iirsp - ok
12:43:31.0273 4788 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:43:31.0286 4788 IKEEXT - ok
12:43:31.0328 4788 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
12:43:31.0329 4788 intaud_WaveExtensible - ok
12:43:31.0406 4788 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:43:31.0485 4788 IntcAzAudAddService - ok
12:43:31.0542 4788 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:43:31.0546 4788 IntcDAud - ok
12:43:31.0559 4788 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:43:31.0561 4788 intelide - ok
12:43:31.0589 4788 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:43:31.0591 4788 intelppm - ok
12:43:31.0621 4788 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:43:31.0623 4788 IPBusEnum - ok
12:43:31.0651 4788 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:43:31.0653 4788 IpFilterDriver - ok
12:43:31.0667 4788 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:43:31.0669 4788 IPMIDRV - ok
12:43:31.0686 4788 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:43:31.0688 4788 IPNAT - ok
12:43:31.0725 4788 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:43:31.0729 4788 iPod Service - ok
12:43:31.0754 4788 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:43:31.0756 4788 IRENUM - ok
12:43:31.0775 4788 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:43:31.0776 4788 isapnp - ok
12:43:31.0790 4788 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:43:31.0793 4788 iScsiPrt - ok
12:43:31.0838 4788 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
12:43:31.0839 4788 iwdbus - ok
12:43:31.0882 4788 [ 455B75C19BF3F1F2EE3AC10E1169826C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:43:31.0886 4788 k57nd60a - ok
12:43:31.0912 4788 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:43:31.0915 4788 kbdclass - ok
12:43:31.0937 4788 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:43:31.0938 4788 kbdhid - ok
12:43:31.0962 4788 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:43:31.0963 4788 KeyIso - ok
12:43:31.0986 4788 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:43:31.0987 4788 KSecDD - ok
12:43:32.0003 4788 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:43:32.0006 4788 KSecPkg - ok
12:43:32.0018 4788 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:43:32.0019 4788 ksthunk - ok
12:43:32.0070 4788 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:43:32.0074 4788 KtmRm - ok
12:43:32.0135 4788 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:43:32.0138 4788 LanmanServer - ok
12:43:32.0161 4788 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:43:32.0164 4788 LanmanWorkstation - ok
12:43:32.0215 4788 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:43:32.0216 4788 Live Updater Service - ok
12:43:32.0248 4788 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:43:32.0250 4788 lltdio - ok
12:43:32.0279 4788 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:43:32.0283 4788 lltdsvc - ok
12:43:32.0300 4788 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:43:32.0302 4788 lmhosts - ok
12:43:32.0343 4788 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:43:32.0345 4788 LMS - ok
12:43:32.0385 4788 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:43:32.0387 4788 LSI_FC - ok
12:43:32.0398 4788 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:43:32.0400 4788 LSI_SAS - ok
12:43:32.0419 4788 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:43:32.0420 4788 LSI_SAS2 - ok
12:43:32.0434 4788 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:43:32.0436 4788 LSI_SCSI - ok
12:43:32.0462 4788 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:43:32.0464 4788 luafv - ok
12:43:32.0503 4788 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:43:32.0505 4788 MBAMProtector - ok
12:43:32.0561 4788 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:43:32.0566 4788 MBAMScheduler - ok
12:43:32.0634 4788 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:43:32.0641 4788 MBAMService - ok
12:43:32.0704 4788 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:43:32.0706 4788 Mcx2Svc - ok
12:43:32.0718 4788 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:43:32.0720 4788 megasas - ok
12:43:32.0750 4788 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:43:32.0753 4788 MegaSR - ok
12:43:32.0785 4788 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:43:32.0786 4788 MEIx64 - ok
12:43:32.0818 4788 MFX - ok
12:43:32.0841 4788 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:43:32.0843 4788 MMCSS - ok
12:43:32.0860 4788 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:43:32.0861 4788 Modem - ok
12:43:32.0882 4788 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:43:32.0882 4788 monitor - ok
12:43:32.0896 4788 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:43:32.0898 4788 mouclass - ok
12:43:32.0922 4788 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:43:32.0923 4788 mouhid - ok
12:43:32.0941 4788 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:43:32.0942 4788 mountmgr - ok
12:43:32.0983 4788 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:43:32.0986 4788 MpFilter - ok
12:43:33.0000 4788 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:43:33.0003 4788 mpio - ok
12:43:33.0023 4788 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:43:33.0025 4788 mpsdrv - ok
12:43:33.0040 4788 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:43:33.0042 4788 MRxDAV - ok
12:43:33.0055 4788 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:43:33.0058 4788 mrxsmb - ok
12:43:33.0081 4788 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:43:33.0085 4788 mrxsmb10 - ok
12:43:33.0094 4788 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:43:33.0095 4788 mrxsmb20 - ok
12:43:33.0108 4788 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:43:33.0109 4788 msahci - ok
12:43:33.0123 4788 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:43:33.0126 4788 msdsm - ok
12:43:33.0157 4788 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:43:33.0159 4788 MSDTC - ok
12:43:33.0181 4788 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:43:33.0183 4788 Msfs - ok
12:43:33.0194 4788 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:43:33.0195 4788 mshidkmdf - ok
12:43:33.0202 4788 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:43:33.0204 4788 msisadrv - ok
12:43:33.0245 4788 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:43:33.0248 4788 MSiSCSI - ok
12:43:33.0251 4788 msiserver - ok
12:43:33.0271 4788 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:43:33.0272 4788 MSKSSRV - ok
12:43:33.0353 4788 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:43:33.0354 4788 MsMpSvc - ok
12:43:33.0367 4788 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:43:33.0368 4788 MSPCLOCK - ok
12:43:33.0377 4788 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:43:33.0378 4788 MSPQM - ok
12:43:33.0396 4788 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:43:33.0400 4788 MsRPC - ok
12:43:33.0426 4788 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:43:33.0426 4788 mssmbios - ok
12:43:33.0435 4788 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:43:33.0436 4788 MSTEE - ok
12:43:33.0444 4788 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:43:33.0445 4788 MTConfig - ok
12:43:33.0463 4788 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:43:33.0464 4788 Mup - ok
12:43:33.0484 4788 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:43:33.0485 4788 mwlPSDFilter - ok
12:43:33.0501 4788 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:43:33.0502 4788 mwlPSDNServ - ok
12:43:33.0513 4788 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:43:33.0514 4788 mwlPSDVDisk - ok
12:43:33.0549 4788 [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:43:33.0551 4788 MyWiFiDHCPDNS - ok
12:43:33.0580 4788 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:43:33.0585 4788 napagent - ok
12:43:33.0619 4788 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:43:33.0623 4788 NativeWifiP - ok
12:43:33.0726 4788 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
12:43:33.0739 4788 NBService - ok
12:43:33.0797 4788 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:43:33.0806 4788 NDIS - ok
12:43:33.0839 4788 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:43:33.0841 4788 NdisCap - ok
12:43:33.0863 4788 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:43:33.0864 4788 NdisTapi - ok
12:43:33.0895 4788 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:43:33.0897 4788 Ndisuio - ok
12:43:33.0918 4788 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:43:33.0920 4788 NdisWan - ok
12:43:33.0952 4788 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:43:33.0953 4788 NDProxy - ok
12:43:33.0969 4788 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:43:33.0970 4788 NetBIOS - ok
12:43:33.0985 4788 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:43:33.0989 4788 NetBT - ok
12:43:34.0006 4788 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:43:34.0007 4788 Netlogon - ok
12:43:34.0040 4788 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:43:34.0044 4788 Netman - ok
12:43:34.0079 4788 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:43:34.0085 4788 netprofm - ok
12:43:34.0148 4788 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:43:34.0150 4788 NetTcpPortSharing - ok
12:43:34.0326 4788 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
12:43:34.0463 4788 NETwNs64 - ok
12:43:34.0503 4788 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:43:34.0504 4788 nfrd960 - ok
12:43:34.0542 4788 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:43:34.0544 4788 NisDrv - ok
12:43:34.0586 4788 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:43:34.0590 4788 NisSrv - ok
12:43:34.0628 4788 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:43:34.0632 4788 NlaSvc - ok
12:43:34.0726 4788 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
12:43:34.0727 4788 NMIndexingService - ok
12:43:34.0744 4788 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:43:34.0746 4788 Npfs - ok
12:43:34.0800 4788 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:43:34.0801 4788 nsi - ok
12:43:34.0818 4788 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:43:34.0819 4788 nsiproxy - ok
12:43:34.0861 4788 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:43:34.0957 4788 Ntfs - ok
12:43:35.0030 4788 [ 1873214666F6F0A883742DF91FBC48C9 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
12:43:35.0119 4788 NTI IScheduleSvc - ok
12:43:35.0133 4788 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:43:35.0134 4788 NTIDrvr - ok
12:43:35.0146 4788 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:43:35.0147 4788 Null - ok
12:43:35.0172 4788 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:43:35.0174 4788 nusb3hub - ok
12:43:35.0192 4788 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:43:35.0194 4788 nusb3xhc - ok
12:43:35.0225 4788 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:43:35.0228 4788 nvraid - ok
12:43:35.0241 4788 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:43:35.0244 4788 nvstor - ok
12:43:35.0271 4788 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:43:35.0273 4788 nv_agp - ok
12:43:35.0290 4788 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:43:35.0292 4788 ohci1394 - ok
12:43:35.0389 4788 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:43:35.0390 4788 ose - ok
12:43:35.0491 4788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:43:35.0497 4788 p2pimsvc - ok
12:43:35.0563 4788 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:43:35.0570 4788 p2psvc - ok
12:43:35.0574 4788 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
12:43:35.0576 4788 Parport - ok
12:43:35.0600 4788 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:43:35.0602 4788 partmgr - ok
12:43:35.0619 4788 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:43:35.0622 4788 PcaSvc - ok
12:43:35.0638 4788 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:43:35.0641 4788 pci - ok
12:43:35.0655 4788 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:43:35.0657 4788 pciide - ok
12:43:35.0679 4788 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:43:35.0681 4788 pcmcia - ok
12:43:35.0702 4788 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:43:35.0704 4788 pcw - ok
12:43:35.0720 4788 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:43:35.0729 4788 PEAUTH - ok
12:43:35.0863 4788 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:43:35.0863 4788 PerfHost - ok
12:43:35.0928 4788 pfc - ok
12:43:36.0037 4788 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:43:36.0051 4788 pla - ok
12:43:36.0083 4788 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:43:36.0088 4788 PlugPlay - ok
12:43:36.0100 4788 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:43:36.0102 4788 PNRPAutoReg - ok
12:43:36.0113 4788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:43:36.0116 4788 PNRPsvc - ok
12:43:36.0155 4788 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:43:36.0161 4788 PolicyAgent - ok
12:43:36.0214 4788 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:43:36.0217 4788 Power - ok
12:43:36.0256 4788 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:43:36.0258 4788 PptpMiniport - ok
12:43:36.0269 4788 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:43:36.0270 4788 Processor - ok
12:43:36.0300 4788 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:43:36.0304 4788 ProfSvc - ok
12:43:36.0317 4788 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:43:36.0318 4788 ProtectedStorage - ok
12:43:36.0344 4788 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:43:36.0345 4788 Psched - ok
12:43:36.0383 4788 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:43:36.0386 4788 PxHlpa64 - ok
12:43:36.0430 4788 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:43:36.0461 4788 ql2300 - ok
12:43:36.0501 4788 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:43:36.0504 4788 ql40xx - ok
12:43:36.0524 4788 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:43:36.0528 4788 QWAVE - ok
12:43:36.0536 4788 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:43:36.0538 4788 QWAVEdrv - ok
12:43:36.0548 4788 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:43:36.0549 4788 RasAcd - ok
12:43:36.0577 4788 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:43:36.0579 4788 RasAgileVpn - ok
12:43:36.0598 4788 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:43:36.0601 4788 RasAuto - ok
12:43:36.0615 4788 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:43:36.0617 4788 Rasl2tp - ok
12:43:36.0637 4788 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:43:36.0642 4788 RasMan - ok
12:43:36.0660 4788 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:43:36.0661 4788 RasPppoe - ok
12:43:36.0694 4788 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:43:36.0696 4788 RasSstp - ok
12:43:36.0717 4788 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:43:36.0721 4788 rdbss - ok
12:43:36.0741 4788 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:43:36.0743 4788 rdpbus - ok
12:43:36.0753 4788 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:43:36.0753 4788 RDPCDD - ok
12:43:36.0778 4788 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:43:36.0778 4788 RDPENCDD - ok
12:43:36.0789 4788 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:43:36.0789 4788 RDPREFMP - ok
12:43:36.0821 4788 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:43:36.0824 4788 RDPWD - ok
12:43:36.0839 4788 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:43:36.0841 4788 rdyboost - ok
12:43:36.0933 4788 [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:43:36.0942 4788 RegSrvc - ok
12:43:36.0987 4788 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:43:36.0990 4788 RemoteAccess - ok
12:43:37.0052 4788 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:43:37.0055 4788 RemoteRegistry - ok
12:43:37.0088 4788 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:43:37.0090 4788 RFCOMM - ok
12:43:37.0138 4788 [ AD42432D22940B4215177BE113E4919C ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:43:37.0140 4788 RimUsb - ok
12:43:37.0164 4788 [ 4AAFFFA67AC4DFA3D9985D78573887E2 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:43:37.0165 4788 RimVSerPort - ok
12:43:37.0182 4788 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:43:37.0183 4788 ROOTMODEM - ok
12:43:37.0195 4788 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:43:37.0197 4788 RpcEptMapper - ok
12:43:37.0224 4788 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:43:37.0226 4788 RpcLocator - ok
12:43:37.0249 4788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:43:37.0253 4788 RpcSs - ok
12:43:37.0276 4788 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:43:37.0277 4788 rspndr - ok
12:43:37.0284 4788 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:43:37.0285 4788 SamSs - ok
12:43:37.0300 4788 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:43:37.0302 4788 sbp2port - ok
12:43:37.0317 4788 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:43:37.0320 4788 SCardSvr - ok
12:43:37.0368 4788 [ B2F50286DC82B93C013E3FC57BA1A956 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
12:43:37.0402 4788 SCDEmu - ok
12:43:37.0422 4788 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:43:37.0423 4788 scfilter - ok
12:43:37.0453 4788 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:43:37.0471 4788 Schedule - ok
12:43:37.0517 4788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:43:37.0518 4788 SCPolicySvc - ok
12:43:37.0532 4788 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:43:37.0534 4788 sdbus - ok
12:43:37.0555 4788 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:43:37.0558 4788 SDRSVC - ok
12:43:37.0580 4788 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:43:37.0581 4788 secdrv - ok
12:43:37.0595 4788 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:43:37.0597 4788 seclogon - ok
12:43:37.0613 4788 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:43:37.0615 4788 SENS - ok
12:43:37.0626 4788 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:43:37.0628 4788 SensrSvc - ok
12:43:37.0638 4788 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
12:43:37.0639 4788 Serenum - ok
12:43:37.0667 4788 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
12:43:37.0669 4788 Serial - ok
12:43:37.0675 4788 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:43:37.0676 4788 sermouse - ok
12:43:37.0684 4788 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:43:37.0687 4788 SessionEnv - ok
12:43:37.0698 4788 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:43:37.0699 4788 sffdisk - ok
12:43:37.0715 4788 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:43:37.0716 4788 sffp_mmc - ok
12:43:37.0725 4788 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:43:37.0726 4788 sffp_sd - ok
12:43:37.0729 4788 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:43:37.0730 4788 sfloppy - ok
12:43:37.0771 4788 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:43:37.0776 4788 SharedAccess - ok
12:43:37.0816 4788 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:43:37.0821 4788 ShellHWDetection - ok
12:43:37.0885 4788 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:43:37.0906 4788 SiSRaid2 - ok
12:43:37.0925 4788 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:43:37.0927 4788 SiSRaid4 - ok
12:43:37.0956 4788 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:43:37.0958 4788 Smb - ok
12:43:37.0992 4788 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:43:37.0996 4788 SNMPTRAP - ok
12:43:38.0009 4788 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:43:38.0010 4788 spldr - ok
12:43:38.0053 4788 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:43:38.0060 4788 Spooler - ok
12:43:38.0146 4788 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:43:38.0216 4788 sppsvc - ok
12:43:38.0248 4788 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:43:38.0251 4788 sppuinotify - ok
12:43:38.0274 4788 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:43:38.0280 4788 srv - ok
12:43:38.0287 4788 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:43:38.0292 4788 srv2 - ok
12:43:38.0357 4788 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:43:38.0360 4788 srvnet - ok
12:43:38.0392 4788 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:43:38.0395 4788 SSDPSRV - ok
12:43:38.0420 4788 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:43:38.0422 4788 SstpSvc - ok
12:43:38.0434 4788 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:43:38.0435 4788 stexstor - ok
12:43:38.0484 4788 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:43:38.0492 4788 stisvc - ok
12:43:38.0500 4788 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:43:38.0501 4788 swenum - ok
12:43:38.0521 4788 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:43:38.0527 4788 swprv - ok
12:43:38.0567 4788 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:43:38.0613 4788 SysMain - ok
12:43:38.0624 4788 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:43:38.0627 4788 TabletInputService - ok
12:43:38.0634 4788 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:43:38.0638 4788 TapiSrv - ok
12:43:38.0654 4788 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:43:38.0656 4788 TBS - ok
12:43:38.0720 4788 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:43:38.0766 4788 Tcpip - ok
12:43:38.0840 4788 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:43:38.0850 4788 TCPIP6 - ok
12:43:38.0901 4788 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:43:38.0902 4788 tcpipreg - ok
12:43:38.0922 4788 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:43:38.0923 4788 TDPIPE - ok
12:43:38.0953 4788 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:43:38.0955 4788 TDTCP - ok
12:43:38.0973 4788 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:43:38.0975 4788 tdx - ok
12:43:38.0984 4788 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:43:38.0986 4788 TermDD - ok
12:43:39.0016 4788 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:43:39.0024 4788 TermService - ok
12:43:39.0065 4788 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:43:39.0067 4788 Themes - ok
12:43:39.0074 4788 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:43:39.0075 4788 THREADORDER - ok
12:43:39.0093 4788 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:43:39.0096 4788 TrkWks - ok
12:43:39.0139 4788 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:43:39.0140 4788 TrustedInstaller - ok
12:43:39.0149 4788 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:43:39.0150 4788 tssecsrv - ok
12:43:39.0173 4788 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:43:39.0174 4788 TsUsbFlt - ok
12:43:39.0188 4788 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:43:39.0189 4788 TsUsbGD - ok
12:43:39.0228 4788 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:43:39.0230 4788 tunnel - ok
12:43:39.0247 4788 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
12:43:39.0256 4788 TurboB - ok
12:43:39.0276 4788 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:43:39.0277 4788 TurboBoost - ok
12:43:39.0292 4788 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:43:39.0294 4788 uagp35 - ok
12:43:39.0305 4788 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:43:39.0307 4788 UBHelper - ok
12:43:39.0322 4788 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:43:39.0326 4788 udfs - ok
12:43:39.0378 4788 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:43:39.0380 4788 UI0Detect - ok
12:43:39.0407 4788 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:43:39.0408 4788 uliagpkx - ok
12:43:39.0437 4788 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:43:39.0439 4788 umbus - ok
12:43:39.0453 4788 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:43:39.0454 4788 UmPass - ok
12:43:39.0545 4788 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:43:39.0589 4788 UNS - ok
12:43:39.0612 4788 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:43:39.0617 4788 upnphost - ok
12:43:39.0636 4788 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:43:39.0637 4788 USBAAPL64 - ok
12:43:39.0673 4788 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:43:39.0675 4788 usbccgp - ok
12:43:39.0696 4788 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:43:39.0698 4788 usbcir - ok
12:43:39.0717 4788 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:43:39.0719 4788 usbehci - ok
12:43:39.0746 4788 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:43:39.0750 4788 usbhub - ok
12:43:39.0767 4788 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:43:39.0768 4788 usbohci - ok
12:43:39.0801 4788 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:43:39.0802 4788 usbprint - ok
12:43:39.0832 4788 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:43:39.0834 4788 usbscan - ok
12:43:39.0850 4788 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:43:39.0852 4788 USBSTOR - ok
12:43:39.0867 4788 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:43:39.0869 4788 usbuhci - ok
12:43:39.0900 4788 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:43:39.0902 4788 usbvideo - ok
12:43:39.0924 4788 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:43:39.0925 4788 UxSms - ok
12:43:39.0939 4788 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:43:39.0941 4788 VaultSvc - ok
12:43:39.0972 4788 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:43:39.0973 4788 vdrvroot - ok
12:43:39.0998 4788 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:43:40.0004 4788 vds - ok
12:43:40.0029 4788 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:43:40.0030 4788 vga - ok
12:43:40.0044 4788 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:43:40.0046 4788 VgaSave - ok
12:43:40.0066 4788 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:43:40.0068 4788 vhdmp - ok
12:43:40.0081 4788 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:43:40.0082 4788 viaide - ok
12:43:40.0096 4788 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:43:40.0098 4788 volmgr - ok
12:43:40.0116 4788 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:43:40.0120 4788 volmgrx - ok
12:43:40.0137 4788 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:43:40.0141 4788 volsnap - ok
12:43:40.0167 4788 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:43:40.0169 4788 vsmraid - ok
12:43:40.0216 4788 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:43:40.0246 4788 VSS - ok
12:43:40.0275 4788 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:43:40.0276 4788 vwifibus - ok
12:43:40.0292 4788 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:43:40.0294 4788 vwififlt - ok
12:43:40.0320 4788 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:43:40.0321 4788 vwifimp - ok
12:43:40.0328 4788 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:43:40.0333 4788 W32Time - ok
12:43:40.0351 4788 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:43:40.0352 4788 WacomPen - ok
12:43:40.0381 4788 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:43:40.0382 4788 WANARP - ok
12:43:40.0385 4788 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:43:40.0386 4788 Wanarpv6 - ok
12:43:40.0450 4788 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:43:40.0479 4788 WatAdminSvc - ok
12:43:40.0536 4788 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:43:40.0553 4788 wbengine - ok
12:43:40.0587 4788 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:43:40.0590 4788 WbioSrvc - ok
12:43:40.0597 4788 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:43:40.0602 4788 wcncsvc - ok
12:43:40.0611 4788 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:43:40.0614 4788 WcsPlugInService - ok
12:43:40.0627 4788 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:43:40.0628 4788 Wd - ok
12:43:40.0655 4788 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:43:40.0661 4788 Wdf01000 - ok
12:43:40.0693 4788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:43:40.0696 4788 WdiServiceHost - ok
12:43:40.0699 4788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:43:40.0701 4788 WdiSystemHost - ok
12:43:40.0713 4788 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:43:40.0717 4788 WebClient - ok
12:43:40.0742 4788 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:43:40.0746 4788 Wecsvc - ok
12:43:40.0764 4788 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:43:40.0767 4788 wercplsupport - ok
12:43:40.0789 4788 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:43:40.0791 4788 WerSvc - ok
12:43:40.0822 4788 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:43:40.0823 4788 WfpLwf - ok
12:43:40.0832 4788 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:43:40.0834 4788 WIMMount - ok
12:43:40.0860 4788 WinDefend - ok
12:43:40.0863 4788 WinHttpAutoProxySvc - ok
12:43:40.0933 4788 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:43:40.0935 4788 Winmgmt - ok
12:43:40.0986 4788 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:43:41.0032 4788 WinRM - ok
12:43:41.0097 4788 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:43:41.0098 4788 WinUsb - ok
12:43:41.0135 4788 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:43:41.0148 4788 Wlansvc - ok
12:43:41.0264 4788 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:43:41.0275 4788 wlidsvc - ok
12:43:41.0311 4788 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:43:41.0311 4788 WmiAcpi - ok
12:43:41.0342 4788 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:43:41.0345 4788 wmiApSrv - ok
12:43:41.0369 4788 WMPNetworkSvc - ok
12:43:41.0385 4788 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:43:41.0387 4788 WPCSvc - ok
12:43:41.0403 4788 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:43:41.0406 4788 WPDBusEnum - ok
12:43:41.0418 4788 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:43:41.0419 4788 ws2ifsl - ok
12:43:41.0449 4788 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:43:41.0452 4788 wscsvc - ok
12:43:41.0487 4788 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
12:43:41.0489 4788 WSDPrintDevice - ok
12:43:41.0492 4788 WSearch - ok
12:43:41.0706 4788 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:43:41.0734 4788 wuauserv - ok
12:43:41.0767 4788 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:43:41.0769 4788 WudfPf - ok
12:43:41.0792 4788 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:43:41.0795 4788 WUDFRd - ok
12:43:41.0820 4788 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:43:41.0823 4788 wudfsvc - ok
12:43:41.0841 4788 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:43:41.0845 4788 WwanSvc - ok
12:43:41.0889 4788 ================ Scan global ===============================
12:43:41.0917 4788 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:43:41.0945 4788 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:43:41.0954 4788 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
12:43:41.0978 4788 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:43:42.0001 4788 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:43:42.0005 4788 [Global] - ok
12:43:42.0006 4788 ================ Scan MBR ==================================
12:43:42.0018 4788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:43:42.0379 4788 \Device\Harddisk0\DR0 - ok
12:43:42.0380 4788 ================ Scan VBR ==================================
12:43:42.0382 4788 [ BA52C2FF498DCC3FF748A2D1D0D507BF ] \Device\Harddisk0\DR0\Partition1
12:43:42.0383 4788 \Device\Harddisk0\DR0\Partition1 - ok
12:43:42.0396 4788 [ 6F56057CDD78E81F684CCD760594F364 ] \Device\Harddisk0\DR0\Partition2
12:43:42.0398 4788 \Device\Harddisk0\DR0\Partition2 - ok
12:43:42.0413 4788 [ D188C3B21C4D3B2961061FF2D647E3F1 ] \Device\Harddisk0\DR0\Partition3
12:43:42.0415 4788 \Device\Harddisk0\DR0\Partition3 - ok
12:43:42.0432 4788 [ 2C3A18D33CD7EA5B178AF04DC0E47928 ] \Device\Harddisk0\DR0\Partition4
12:43:42.0434 4788 \Device\Harddisk0\DR0\Partition4 - ok
12:43:42.0434 4788 ============================================================
12:43:42.0434 4788 Scan finished
12:43:42.0434 4788 ============================================================
12:43:42.0442 6924 Detected object count: 0
12:43:42.0442 6924 Actual detected object count: 0
12:48:00.0964 5252 Deinitialize success
-----------------------------------------------------------------------------------------------------------------------------------------





aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-06 13:44:33
-----------------------------
13:44:33.614 OS Version: Windows x64 6.1.7601 Service Pack 1
13:44:33.614 Number of processors: 4 586 0x2A07
13:44:33.614 ComputerName: ACER-PC UserName: acer
13:44:34.410 Initialize success
13:44:43.879 AVAST engine defs: 12100601
13:44:49.152 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:44:49.168 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
13:44:49.168 Disk 0 MBR read successfully
13:44:49.168 Disk 0 MBR scan
13:44:49.183 Disk 0 Windows 7 default MBR code
13:44:49.183 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 36854 MB offset 2048
13:44:49.199 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 356 MB offset 75479040
13:44:49.230 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150274 MB offset 76208128
13:44:49.246 Disk 0 Partition - 00 0F Extended LBA 422992 MB offset 383969565
13:44:49.261 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 100994 MB offset 383969628
13:44:49.277 Disk 0 Partition - 00 05 Extended 321998 MB offset 590806440
13:44:49.292 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 321998 MB offset 590806503
13:44:49.339 Disk 0 scanning C:\Windows\system32\drivers
13:45:01.289 Service scanning
13:45:31.678 Modules scanning
13:45:31.678 Disk 0 trace - called modules:
13:45:31.693 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:45:31.693 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008b0f060]
13:45:31.693 3 CLASSPNP.SYS[fffff88001d1e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006359050]
13:45:33.128 AVAST engine scan C:\Windows
13:45:37.918 AVAST engine scan C:\Windows\system32
13:48:50.079 AVAST engine scan C:\Windows\system32\drivers
13:49:06.552 AVAST engine scan C:\Users\acer
14:07:13.474 AVAST engine scan C:\ProgramData
14:14:38.764 Scan finished successfully
14:19:15.133 Disk 0 MBR has been saved successfully to "E:\!!Windows\Desktop\MBR.dat"
14:19:15.180 The log file has been saved successfully to "E:\!!Windows\Desktop\aswMBR.txt"


------------------------------------------------------------------------------------------------------------------------------------



C:\Program Files (x86)\Clipdiary\ClipDiary.exe a variant of Win32/Packed.Enigma.AAD trojan
Operating memory a variant of Win32/Packed.Enigma.AAD trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:32 PM

Posted 06 October 2012 - 06:28 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.


Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 06 October 2012 - 08:48 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.


Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Youre not going to ask me to jump up and down and bark like a dog next, are you?

I ran Malaware already and performed the actions already.
Here are the other logs. The last program seemed to have made A LOT of changes to Firefox.

MiniToolBox by Farbar Version: 23-07-2012
Ran by acer (administrator) on 06-10-2012 at 18:20:33
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : acer-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . :
IPv4 Address. . . . . . . . . . . :(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : October-06-12 1:43:02 PM
Lease Expires . . . . . . . . . . : October-13-12 1:43:57 PM
Default Gateway . . . . . . . . . : 1
DHCP Server . . . . . . . . . . . : 1
DHCPv6 IAID . . . . . . . . . . . : 4
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-BD-CE-87-DC-0E-A1-02-2D-5B
DNS Servers . . . . . . . . . . . : 1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : PXE.ACER.COM
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.PXE.ACER.COM:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6FBFD357-B39E-4FFA-A807-5D7736547782}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: www
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:400a:801::1007
173.194.33.37
173.194.33.35
173.194.33.32
173.194.33.36
173.194.33.41
173.194.33.39
173.194.33.40
173.194.33.38
173.194.33.34
173.194.33.46
173.194.33.33


Pinging google.com [173.194.33.37] with 32 bytes of data:
Reply from 173.194.33.37: bytes=32 time=26ms TTL=56
Reply from 173.194.33.37: bytes=32 time=79ms TTL=56

Ping statistics for 173.194.33.37:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 79ms, Average = 52ms
Server: www
Address: 192.168.0.1

Name: yahoo.com
Addresses:
72.30.38.140



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=170ms TTL=53
Reply from 98.138.253.109: bytes=32 time=76ms TTL=53

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 76ms, Maximum = 170ms, Average = 123ms
Server: www
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 3ms, Average = 2ms
===========================================================================
Interface List
14...08 11 96 5c cb 85 ......Microsoft Virtual WiFi Miniport Adapter #2
13...08 11 96 5c cb 85 ......Microsoft Virtual WiFi Miniport Adapter
12...08 11 96 5c cb 84 ......Intel® Centrino® Advanced-N 6205
11...dc 0e a1 04 cf 47 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
snip
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::f84b:8c6b:5f66:1e23/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/06/2012 06:07:50 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (10/06/2012 05:52:02 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/06/2012 05:50:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/06/2012 05:50:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (10/06/2012 05:06:53 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/06/2012 02:20:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/06/2012 02:20:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/06/2012 01:43:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/06/2012 01:43:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2012 00:44:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/06/2012 06:09:32 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/06/2012 06:09:32 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/06/2012 04:25:17 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/06/2012 04:25:17 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/06/2012 03:05:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %Virus:Win64/Sirefef.A60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Virus:Win64/Sirefef.A603

Name: Virus:Win64/Sirefef.A

ID: 2147657893

Severity: %Virus:Win64/Sirefef.A600

Category: %Virus:Win64/Sirefef.A602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Virus:Win64/Sirefef.A608

User: {CB05D7D2-BD6F-4C78-95AE-E1F5EFCF9857}9

Process Name: %Virus:Win64/Sirefef.A609

Action: {CB05D7D2-BD6F-4C78-95AE-E1F5EFCF9857}1

Action Status: {CB05D7D2-BD6F-4C78-95AE-E1F5EFCF9857}8

Error Code: {CB05D7D2-BD6F-4C78-95AE-E1F5EFCF9857}3

Error description: {CB05D7D2-BD6F-4C78-95AE-E1F5EFCF9857}4

Signature Version: 2012-10-06T22:05:07.374Z1

Engine Version: 2012-10-06T22:05:07.374Z2

Error: (10/06/2012 03:05:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %Virus:Win64/Sirefef.A60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Virus:Win64/Sirefef.A603

Name: Virus:Win64/Sirefef.A

ID: 2147657893

Severity: %Virus:Win64/Sirefef.A600

Category: %Virus:Win64/Sirefef.A602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Virus:Win64/Sirefef.A608

User: {1A613331-D9F7-4695-BBCF-F65ECC70D109}9

Process Name: %Virus:Win64/Sirefef.A609

Action: {1A613331-D9F7-4695-BBCF-F65ECC70D109}1

Action Status: {1A613331-D9F7-4695-BBCF-F65ECC70D109}8

Error Code: {1A613331-D9F7-4695-BBCF-F65ECC70D109}3

Error description: {1A613331-D9F7-4695-BBCF-F65ECC70D109}4

Signature Version: 2012-10-06T22:05:11.766Z1

Engine Version: 2012-10-06T22:05:11.766Z2

Error: (10/06/2012 03:05:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %Virus:Win64/Sirefef.A60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Virus:Win64/Sirefef.A603

Name: Virus:Win64/Sirefef.A

ID: 2147657893

Severity: %Virus:Win64/Sirefef.A600

Category: %Virus:Win64/Sirefef.A602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Virus:Win64/Sirefef.A608

User: {39

Process Name: %Virus:Win64/Sirefef.A609

Action: {3E01B5A2-97FF-437E-B868-D90BDF5E7BC4}1

Action Status: {3E01B5A2-97FF-437E-B868-D90BDF5E7BC4}8

Error Code: {3E01B5A2-97FF-437E-B868-D90BDF5E7BC4}3

Error description: {3E01B5A2-97FF-437E-B868-D90BDF5E7BC4}4

Signature Version: 2012-10-06T22:05:11.965Z1

Engine Version: 2012-10-06T22:05:11.965Z2

Error: (10/06/2012 03:05:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %Virus:Win64/Sirefef.A60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Virus:Win64/Sirefef.A603

Name: Virus:Win64/Sirefef.A

ID: 2147657893

Severity: %Virus:Win64/Sirefef.A600

Category: %Virus:Win64/Sirefef.A602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Virus:Win64/Sirefef.A608

User: {F26FC3D7-DCF8-4A97-A0EA-866217B1BF67}9

Process Name: %Virus:Win64/Sirefef.A609

Action: {F26FC3D7-DCF8-4A97-A0EA-866217B1BF67}1

Action Status: {F26FC3D7-DCF8-4A97-A0EA-866217B1BF67}8

Error Code: {F26FC3D7-DCF8-4A97-A0EA-866217B1BF67}3

Error description: {F26FC3D7-DCF8-4A97-A0EA-866217B1BF67}4

Signature Version: 2012-10-06T22:05:12.428Z1

Engine Version: 2012-10-06T22:05:12.428Z2

Error: (10/06/2012 03:05:31 PM) (Source: Microsoft Antimalware) (User: )
Description: %Virus:Win64/Sirefef.A60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Virus:Win64/Sirefef.A603

Name: Virus:Win64/Sirefef.A

ID: 2147657893

Severity: %Virus:Win64/Sirefef.A600

Category: %Virus:Win64/Sirefef.A602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Virus:Win64/Sirefef.A608

User: {04B2525F-6981-405C-91FD-42B3484C4E1D}9

Process Name: %Virus:Win64/Sirefef.A609

Action: {04B2525F-6981-405C-91FD-42B3484C4E1D}1

Action Status: {04B2525F-6981-405C-91FD-42B3484C4E1D}8

Error Code: {04B2525F-6981-405C-91FD-42B3484C4E1D}3

Error description: {04B2525F-6981-405C-91FD-42B3484C4E1D}4

Signature Version: 2012-10-06T22:05:12.868Z1

Engine Version: 2012-10-06T22:05:12.868Z2

Error: (10/06/2012 02:05:26 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (10/06/2012 06:07:50 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (10/06/2012 05:52:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifeste:\!!windows\Desktop\esetsmartinstaller_enu.exe

Error: (10/06/2012 05:50:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/06/2012 05:50:25 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/06/2012 05:06:53 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (10/06/2012 02:20:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\!!Windows\Desktop\esetsmartinstaller_enu.exe

Error: (10/06/2012 02:20:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\!!Windows\Desktop\esetsmartinstaller_enu.exe

Error: (10/06/2012 01:43:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\!!Windows\Desktop\esetsmartinstaller_enu.exe

Error: (10/06/2012 01:43:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2012 00:44:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\!!Windows\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

AC3Filter 1.63b (Version: 1.63b)
ACDSee 5.0 PowerPack (Version: 5.0.0)
ACDSee Pro (Version: 8.1.99)
ACDSee Pro 5 (Version: 5.1.137)
Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.0.1904)
Acer ePower Management (Version: 6.00.3008)
Acer eRecovery Management (Version: 5.00.3502)
Acer Games (Version: 1.0.2.5)
Acer Registration (Version: 1.04.3503)
Acer ScreenSaver (Version: 1.1.0519.2011)
Acer Updater (Version: 1.02.3500)
Adobe AIR (Version: 1.5.3.9130)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 3.1.3)
AusLogics Disk Defrag (Version: version 1.3)
Backroad Mapbooks BC (Version: 2.2.0)
Backroad Mapbooks BC 2.2.0 (Version: 2.2.0)
Backup Manager V3 (Version: 3.0.0.99)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
Bluetooth Win7 Suite (64) (Version: 7.4.0.96)
Bonjour (Version: 3.0.0.10)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2)
Broadcom NetLink Controller (Version: 14.8.4.1)
Build-a-lot 4 - Power Source (Version: 2.2.0.97)
CCleaner (Version: 3.23)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
clear.fi (Version: 1.0.1517_36458)
clear.fi (Version: 1.0.2024.00)
clear.fi (Version: 9.0.8026)
clear.fi Client (Version: 1.00.3500)
ClearType Tuning Control Panel Applet (Version: 1.01.0000)
Clipdiary 3.4 (Version: 3.4)
ConvertHelper 2.2
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
DISKdata
DivX Setup (Version: 2.6.1.9)
Dolby Advanced Audio v2 (Version: 7.2.7000.7)
Dora's World Adventure (Version: 2.2.0.95)
EASEUS Partition Master 9.1.0 Professional
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.6.3_WHQL (Version: 8.0.6.3)
ExpertGPS
Facebook Messenger 2.1.4590.0 (Version: 2.1.4590.0)
FATE: The Cursed King (Version: 2.2.0.97)
Final Drive: Nitro (Version: 2.2.0.95)
FotoSlate 4 (Version: 4.0.22)
Galerie de photos (Version: 16.4.3503.0728)
Garmin BaseCamp (Version: 3.2.2)
Garmin BlueChart Americas v9.5 (Version: 9.5.0.0)
Garmin City Navigator North America NT 2012.40 Update (Version: 15.40.0.0)
Garmin MapInstall (Version: 3.15.0)
Garmin MapSource (Version: 6.16.3)
Garmin MetroGuide Canada v5 (Version: 5.0.0.0)
Garmin nRoute (Version: 2.7.6.0)
Garmin POI Loader (Version: 2.7.0)
Garmin TOPO Canada v4 (Version: 4.0.0.0)
Garmin USB Drivers (Version: 1.0.0.0)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.6)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
HitmanPro 3.6 (Version: 3.6.1.164)
iCloud (Version: 2.0.2.187)
Identity Card (Version: 1.00.3501)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2418)
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel® Rapid Storage Technology (Version: 10.5.0.1026)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.41.0)
Intel® Wireless Display
iTunes (Version: 10.7.0.21)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Jewel Match 3 (Version: 2.2.0.97)
Junk Mail filter update (Version: 16.4.3503.0728)
Kobo (Version: 1.9)
Launch Manager (Version: 5.1.7)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MapSource
MapSource (Version: 5.4)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SkyDrive (Version: 16.4.6010.0727)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
mkv2vob (Version: 2.4.9)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
MP3 Rocket
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion (Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (Version: 4.0.14.27)
MyWinLocker Suite (Version: 4.0.14.18)
Nero 7 Ultra Edition (Version: 7.02.9888)
neroxml (Version: 1.0.0)
newsXpresso (Version: 1.0.0.40)
NTI Media Maker 9 (Version: 9.0.2.8942)
Penguins! (Version: 2.2.0.95)
Photo Common (Version: 16.4.3503.0728)
Photo Gallery (Version: 16.4.3503.0728)
PicaView
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
POP Peeper
PowerDesk 6 (Version: 6.0.1.8)
PowerISO (Version: 4.8)
QuickTime (Version: 7.72.80.56)
QuickTime Alternative 3.2.2 (Version: 3.2.2)
Realtek High Definition Audio Driver (Version: 6.0.1.6438)
Remote Control USB Driver (Version: 2.3.2.317)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
Shredder (Version: 2.0.8.9)
SmartStart v1.25
Stop It!
Torchlight (Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
VLC media player 2.0.1 (Version: 2.0.1)
Welcome Center (Version: 1.02.3503)
WildTangent Games App (Acer Games) (Version: 4.0.5.14)
Winamp (Version: 5.63 )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (Version: 03/08/2007 2.2.1.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Live (Version: 16.4.3503.0728)
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR archiver
Zuma's Revenge (Version: 2.2.0.97)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 5995.86 MB
Available physical RAM: 3373.22 MB
Total Pagefile: 11989.91 MB
Available Pagefile: 9353.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.67 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:146.75 GB) (Free:49.44 GB) NTFS
3 Drive e: (Windows) (Fixed) (Total:98.63 GB) (Free:9.02 GB) NTFS
4 Drive f: (Storage) (Fixed) (Total:314.45 GB) (Free:6.39 GB) NTFS

========================= Users: ========================================

User accounts for \\ACER-PC

acer Administrator Guest

========================= Restore Points ==================================

30-09-2012 08:28:35 Scheduled Checkpoint
01-10-2012 04:53:41 before dvx
01-10-2012 06:52:40 Windows Modules Installer
01-10-2012 07:03:53 Windows Modules Installer
01-10-2012 07:23:06 Restore Operation
05-10-2012 02:50:08 Microsoft Antimalware Checkpoint
05-10-2012 05:19:36 Windows Update
05-10-2012 05:28:52 Restore Operation
05-10-2012 22:12:37 after combofix
05-10-2012 22:28:17 Windows Update
05-10-2012 23:00:32 Windows Update
05-10-2012 23:16:00 virus gone
06-10-2012 01:01:38 Installed mkv2vob

**** End of log ****
----------------------------------------------------





# AdwCleaner v2.003 - Logfile created 10/06/2012 at 18:21:55
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : acer - ACER-PC
# Boot Mode : Normal
# Running from : E:\!!Windows\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\acer\AppData\Local\Software
Folder Deleted : C:\Users\acer\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=CA&userid=8c714e8f-5436-4739-a1ed-f435bd4d26c9&searchtype=hp --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=CA&userid=8c714e8f-5436-4739-a1ed-f435bd4d26c9&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoIMonetizer&dpid=SnapdoIMonetizer&co=CA&userid=8c714e8f-5436-4739-a1ed-f435bd4d26c9&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\glhctmpa.default\prefs.js

Deleted : user_pref("de.soerenrinne.googlebuttons.userlist", "Google Shortcuts Settings,Mail,Maps,Calendar,Rea[...]
Deleted : user_pref("extensions.504fded5cf892.scode", "(function(){try{if('aol.com,mail.google.com,mystart.inc[...]

*************************

AdwCleaner[S1].txt - [3186 octets] - [06/10/2012 18:21:55]

########## EOF - C:\AdwCleaner[S1].txt - [3246 octets]
---------------------------------------------------------------------------------







Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.9 (10.06.2012)
OS: Windows 7 Home Premium x64
Ran by acer on 06/10/2012 at 18:34:52.45
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys: 0 Detections



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired

Removed the following from [PREFS.JS] :

user_pref("extensions.504fded5cf892.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.sweetim.com'.indexOf(window.self.location.hostname)>-1) return;}catch(e){};if(window.self.location.hostname.indexOf('mail.')==-1){for(i=0;i<5;i++){window.setTimeout(function(){if(document.getElementById(\"c2soffer\")){document.getElementById(\"c2soffer\").parentNode.removeChild(document.getElementById(\"c2soffer\"))}},i*100)};};})();");


*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on 06/10/2012 at 18:35:09.24
End of Report

Edited by Majbach, 06 October 2012 - 08:51 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:32 PM

Posted 06 October 2012 - 08:51 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 06 October 2012 - 08:56 PM

by the way. The last program closed down my browser as I was using it and i then rebooted the laptop. upon reboot, i got a flag from windows security essentials stating something about the Sirefef.A Virus that was quarantined. I deleted them.

#8 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 07 October 2012 - 07:50 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here



MiniToolBox by Farbar Version: 23-07-2012
Ran by acer (administrator) on 07-10-2012 at 17:43:46
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6205 = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : acer-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 08-11-96-5C-CB-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 08-11-96-5C-CB-85
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6205
Physical Address. . . . . . . . . : 08-11-96-5C-CB-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . :
Link-local IPv6 Address . . . . . : fe80::f845f66:1e23%12(Preferred)
IPv4 Address. . . . . . . . . . . : 1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : October-07-12 5:33:36 PM
Lease Expires . . . . . . . . . . : October-14-12 5:33:36 PM
Default Gateway . . . . . . . . . : 192.1
DHCP Server . . . . . . . . . . . : 192.
DHCPv6 IAID . . . . . . . . . . . : 453513622
DHCPv6 Client DUID. . . . . . . . : 00-01-00-0D-CE-87-DC-0E-A1-02-2D-5B
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : PXE.ACER.COM
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : DC-0E-A1-04F-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.PXE.ACER.COM:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CE5687A3-5D15-4408-8940-370964C76D2C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F215DCD2-BD6B-40FD-847E-049EF99EF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6FBFD357-B39E-4FFA-A807-5D7736547782}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: www
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:400a:800::1000
173.194.33.14
173.194.33.1
173.194.33.5
173.194.33.4
173.194.33.0
173.194.33.7
173.194.33.6
173.194.33.8
173.194.33.3
173.194.33.9
173.194.33.2


Pinging google.com [173.194.33.14] with 32 bytes of data:
Reply from 173.194.33.14: bytes=32 time=25ms TTL=56
Reply from 173.194.33.14: bytes=32 time=113ms TTL=56

Ping statistics for 173.194.33.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 113ms, Average = 69ms
Server: www
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=171ms TTL=51
Reply from 98.139.183.24: bytes=32 time=186ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 171ms, Maximum = 186ms, Average = 178ms
Server: www
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 4ms, Average = 2ms
===========================================================================
Interface List
14...08 11 96 5c cb 85 ......Microsoft Virtual WiFi Miniport Adapter #2
13...08 11 96 5c cb 85 ......Microsoft Virtual WiFi Miniport Adapter
12...08 11 96 5c cb 84 ......Intel® Centrino® Advanced-N 6205
11...dc 0e a1 04 cf 47 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.142 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.5.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.142 281
192.168.042 255.255.255.255 On-link 192.168.0.142 281
192.168.0.255 255.255.255.255 On-link 192.168.0.142 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.142 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.142 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
12 281 fe80::f84b:8c6b:5f66:1e23/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/07/2012 05:33:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 01:44:26 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (10/07/2012 00:34:16 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/07/2012 10:27:10 AM) (Source: Application Hang) (User: )
Description: The program DivX Plus Player.exe version 10.3.3.16 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7c4

Start Time: 01cda4b0e8e91442

Termination Time: 12

Application Path: C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe

Report Id: 35fb17d7-10a4-11e2-a765-dc0ea104cf47

Error: (10/07/2012 09:42:05 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 01:15:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/07/2012 01:14:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (10/06/2012 06:41:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/07/2012 05:35:47 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 05:34:19 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 05:34:19 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (10/07/2012 05:33:48 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/07/2012 05:33:46 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
MFX

Error: (10/07/2012 05:33:20 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/07/2012 05:33:08 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\drivers\pfc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (10/07/2012 05:27:15 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 01:48:25 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (10/07/2012 01:48:25 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (10/07/2012 05:33:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 01:44:26 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (10/07/2012 00:34:16 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (10/07/2012 10:27:10 AM) (Source: Application Hang)(User: )
Description: DivX Plus Player.exe10.3.3.167c401cda4b0e8e9144212C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe35fb17d7-10a4-11e2-a765-dc0ea104cf47

Error: (10/07/2012 09:42:05 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2012 01:15:40 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/07/2012 01:14:51 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (10/06/2012 06:41:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

AC3Filter 1.63b (Version: 1.63b)
ACDSee 5.0 PowerPack (Version: 5.0.0)
ACDSee Pro (Version: 8.1.99)
ACDSee Pro 5 (Version: 5.1.137)
Acer Backup Manager (Version: 3.0.0.99)
Acer Crystal Eye Webcam (Version: 1.0.1904)
Acer ePower Management (Version: 6.00.3008)
Acer eRecovery Management (Version: 5.00.3502)
Acer Games (Version: 1.0.2.5)
Acer Registration (Version: 1.04.3503)
Acer ScreenSaver (Version: 1.1.0519.2011)
Acer Updater (Version: 1.02.3500)
Adobe AIR (Version: 1.5.3.9130)
Adobe Community Help (Version: 3.2.1)
Adobe Community Help (Version: 3.2.1.650)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Reader X (10.1.4) MUI (Version: 10.1.4)
Agatha Christie - Death on the Nile (Version: 2.2.0.98)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 3.1.3)
AusLogics Disk Defrag (Version: version 1.3)
Backroad Mapbooks BC (Version: 2.2.0)
Backroad Mapbooks BC 2.2.0 (Version: 2.2.0)
Backup Manager V3 (Version: 3.0.0.99)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
Bluetooth Win7 Suite (64) (Version: 7.4.0.96)
Bonjour (Version: 3.0.0.10)
Broadcom Card Reader Driver Installer (Version: 14.8.2.2)
Broadcom NetLink Controller (Version: 14.8.4.1)
Build-a-lot 4 - Power Source (Version: 2.2.0.97)
CCleaner (Version: 3.23)
Chronicles of Albian (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
clear.fi (Version: 1.0.1517_36458)
clear.fi (Version: 1.0.2024.00)
clear.fi (Version: 9.0.8026)
clear.fi Client (Version: 1.00.3500)
ClearType Tuning Control Panel Applet (Version: 1.01.0000)
Clipdiary 3.4 (Version: 3.4)
ConvertHelper 2.2
Cradle of Rome 2 (Version: 2.2.0.95)
D3DX10 (Version: 15.4.2368.0902)
DISKdata
DivX Setup (Version: 2.6.1.9)
Dolby Advanced Audio v2 (Version: 7.2.7000.7)
Dora's World Adventure (Version: 2.2.0.95)
EASEUS Partition Master 9.1.0 Professional
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.6.3_WHQL (Version: 8.0.6.3)
ExpertGPS
Facebook Messenger 2.1.4590.0 (Version: 2.1.4590.0)
FATE: The Cursed King (Version: 2.2.0.97)
Final Drive: Nitro (Version: 2.2.0.95)
FotoSlate 4 (Version: 4.0.22)
Galerie de photos (Version: 16.4.3503.0728)
Garmin BaseCamp (Version: 3.2.2)
Garmin BlueChart Americas v9.5 (Version: 9.5.0.0)
Garmin City Navigator North America NT 2012.40 Update (Version: 15.40.0.0)
Garmin MapInstall (Version: 3.15.0)
Garmin MapSource (Version: 6.16.3)
Garmin MetroGuide Canada v5 (Version: 5.0.0.0)
Garmin nRoute (Version: 2.7.6.0)
Garmin POI Loader (Version: 2.7.0)
Garmin TOPO Canada v4 (Version: 4.0.0.0)
Garmin USB Drivers (Version: 1.0.0.0)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.6)
Governor of Poker 2 Premium Edition (Version: 2.2.0.95)
HitmanPro 3.6 (Version: 3.6.1.164)
iCloud (Version: 2.0.2.187)
Identity Card (Version: 1.00.3501)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2418)
Intel® PROSet/Wireless WiFi Software (Version: 14.01.1000)
Intel® Rapid Storage Technology (Version: 10.5.0.1026)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.41.0)
Intel® Wireless Display
iTunes (Version: 10.7.0.21)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Jewel Match 3 (Version: 2.2.0.97)
Junk Mail filter update (Version: 16.4.3503.0728)
Kobo (Version: 1.9)
Launch Manager (Version: 5.1.7)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MapSource
MapSource (Version: 5.4)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SkyDrive (Version: 16.4.6010.0727)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
mkv2vob (Version: 2.4.9)
Movie Maker (Version: 16.4.3503.0728)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
MP3 Rocket
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery of Mortlake Mansion (Version: 2.2.0.98)
MyWinLocker (Version: 4.0.14.27)
MyWinLocker 4 (Version: 4.0.14.27)
MyWinLocker Suite (Version: 4.0.14.18)
Nero 7 Ultra Edition (Version: 7.02.9888)
neroxml (Version: 1.0.0)
newsXpresso (Version: 1.0.0.40)
NTI Media Maker 9 (Version: 9.0.2.8942)
Penguins! (Version: 2.2.0.95)
Photo Common (Version: 16.4.3503.0728)
Photo Gallery (Version: 16.4.3503.0728)
PicaView
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.95)
POP Peeper
PowerDesk 6 (Version: 6.0.1.8)
PowerISO (Version: 4.8)
QuickTime (Version: 7.72.80.56)
QuickTime Alternative 3.2.2 (Version: 3.2.2)
Realtek High Definition Audio Driver (Version: 6.0.1.6438)
Remote Control USB Driver (Version: 2.3.2.317)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
Shredder (Version: 2.0.8.9)
SmartStart v1.25
Stop It!
Torchlight (Version: 2.2.0.97)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Villagers 5 - New Believers (Version: 2.2.0.97)
VLC media player 2.0.1 (Version: 2.0.1)
Welcome Center (Version: 1.02.3503)
WildTangent Games App (Acer Games) (Version: 4.0.5.14)
Winamp (Version: 5.63 )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) (Version: 03/08/2007 2.2.1.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Live (Version: 16.4.3503.0728)
Windows Live Communications Platform (Version: 16.4.3503.0728)
Windows Live Essentials (Version: 16.4.3503.0728)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3503.0728)
Windows Live Mail (Version: 16.4.3503.0728)
Windows Live Messenger (Version: 16.4.3503.0728)
Windows Live MIME IFilter (Version: 16.4.3503.0728)
Windows Live Photo Common (Version: 16.4.3503.0728)
Windows Live PIMT Platform (Version: 16.4.3503.0728)
Windows Live SOXE (Version: 16.4.3503.0728)
Windows Live SOXE Definitions (Version: 16.4.3503.0728)
Windows Live UX Platform (Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (Version: 16.4.3503.0728)
Windows Live Writer (Version: 16.4.3503.0728)
Windows Live Writer Resources (Version: 16.4.3503.0728)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
WinRAR archiver
Zuma's Revenge (Version: 2.2.0.97)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 5995.86 MB
Available physical RAM: 3851.95 MB
Total Pagefile: 11989.91 MB
Available Pagefile: 9725.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.67 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:146.75 GB) (Free:68.76 GB) NTFS
3 Drive e: (Windows) (Fixed) (Total:98.63 GB) (Free:8.83 GB) NTFS
4 Drive f: (Storage) (Fixed) (Total:314.45 GB) (Free:37.31 GB) NTFS

========================= Users: ========================================

User accounts for \\ACER-PC

acer Administrator Guest

========================= Restore Points ==================================

30-09-2012 08:28:35 Scheduled Checkpoint
01-10-2012 04:53:41 before dvx
01-10-2012 06:52:40 Windows Modules Installer
01-10-2012 07:03:53 Windows Modules Installer
01-10-2012 07:23:06 Restore Operation
05-10-2012 02:50:08 Microsoft Antimalware Checkpoint
05-10-2012 05:19:36 Windows Update
05-10-2012 05:28:52 Restore Operation
05-10-2012 22:12:37 after combofix
05-10-2012 22:28:17 Windows Update
05-10-2012 23:00:32 Windows Update
05-10-2012 23:16:00 virus gone
06-10-2012 01:01:38 Installed mkv2vob
08-10-2012 00:31:20 before farbr

**** End of log ****
----------------------------------------------------------------






Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/07/2012 05:46:37 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* iphlpsvc [Missing Service]
* MpsSvc [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/07/2012 05:46:53 PM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)
-------------------------------------------------------------------------





"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
X "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
X "AthBtTray" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athbttray.exe"
X "AtherosBtStack" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\btvstack.exe"
+ "ETDCtrl" "ETD Control Center" "ELAN Microelectronics Corp." "c:\program files\elantech\etdctrl.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "IntelTBRunOnce" "" "" "c:\program files\intel\turboboost\runtbgadgetonce.vbs"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "Power Management" "ePowerTray" "Acer Incorporated" "c:\program files\acer\acer epower management\epowertray.exe"
+ "RtHDVBg_Dolby" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
X "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "ArcadeMovieService" "clear.fi Movie Resident Program" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\clear.fimovieservice.exe"
+ "BackupManagerTray" "Acer Backup Manager" "NTI Corporation" "c:\program files (x86)\nti\acer backup manager\backupmanagertray.exe"
X "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "Dolby Advanced Audio v2" "Dolby Profile Selector" "Dolby Laboratories Inc." "c:\dolby pcee4\pcee4.exe"
X "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "LManager" "Launch Manager" "Dritek System Inc." "c:\program files (x86)\launch manager\lmanager.exe"
+ "NUSB3MON" "USB 3.0 Monitor" "Renesas Electronics Corporation" "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
X "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime alternative\qttask.exe"
+ "SuiteTray" "SuiteTray" "Egis Technology Inc." "c:\program files (x86)\egistec mywinlockersuite\x86\suitetray.exe"
"C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
X "Dialog Helper.lnk" "PowerDesk Dialog Helper" "V Communications, Inc." "c:\program files (x86)\vcom\powerdesk\pddlghlp.exe"
+ "Facebook Messenger.lnk" "Facebook Messenger" "Facebook" "c:\users\acer\appdata\local\facebook\messenger\2.1.4590.0\facebookmessenger.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
X "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "Nero Home" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nmbgmonitor.exe"
+ "clipdiary" "" "" "c:\program files (x86)\clipdiary\clipdiary.exe"
X "Global Registration" "Global Registration" "Acer Incorporated" "c:\program files (x86)\acer\registration\greg.exe"
+ "iCloudServices" "iCloud" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\icloudservices.exe"
+ "POP Peeper" "POP Peeper Email Notifier" "Mortal Universe" "c:\program files (x86)\pop peeper\poppeeper.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
X "NeroMobileAd" "Nero Mobile Advertisment" "Nero AG" "c:\program files (x86)\nero\nero 7\nero mobile\neromobilead.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Atheros" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\btvappext.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
X "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "PicaView" "PicaView Shell Extension DLL" "ACD Systems, Ltd." "c:\program files (x86)\acd systems\picaview\picaview.dll"
+ "PowerDesk Menu" "PowerDesk Shell Extension" "V Communications, Inc." "c:\program files (x86)\vcom\powerdesk\pdshext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "FTShellContext" "Bluetooth Tray" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\shellcontextext.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "MWLIVShellExt" "Shell Dynamic Link Library" "Egis Technology Inc. " "c:\program files (x86)\egistec mywinlocker\x64\mwlivshellext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x64\shreddercontextmenu.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MWLIVShellExt" "Shell Dynamic Link Library" "Egis Technology Inc. " "c:\program files (x86)\egistec mywinlocker\mwlivshellext.dll"
+ "ShredderContextMenu" "ShredderContextMenu" "Egis Technology Inc." "c:\program files (x86)\egistec shredder\x86\shreddercontextmenu.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "PowerDesk Menu" "PowerDesk Shell Extension" "V Communications, Inc." "c:\program files (x86)\vcom\powerdesk\pdshext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "PowerDesk Menu" "PowerDesk Shell Extension" "V Communications, Inc." "c:\program files (x86)\vcom\powerdesk\pdshext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Ath_CopyHook" "AthCopyHook Dynamic Link Library" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\athcopyhook.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "PowerISO" "PowerISOShell DLL" "PowerISO Computing, Inc." "c:\program files (x86)\poweriso\pwrisosh.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
X "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CIESpeechBHO Class" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
X "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "SSVHelper Class" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre1.6.0_01\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send by Bluetooth to" "Bluetooth IE PlugIn" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\ieplugin.dll"
"Task Scheduler" "" "" ""
X "\Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
X "\Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\reader 10.0\reader\reader_sl.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\clear.fi" "clear.fi" "Acer Incorporated" "c:\program files (x86)\acer\clear.fi\mvp\clear.fi.exe"
+ "\clear.fiAgent" "clear.fi Resident Program" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\mvp\clear.fiagent.exe"
+ "\DMREngine" "DMREngine" "CyberLink" "c:\program files (x86)\acer\clear.fi\mvp\.\kernel\dmr\dmrengine.exe"
+ "\EgisUpdate" "EgisUpdate Release Application" "Egis Technology Inc." "c:\program files\egistec ips\egisupdate.exe"
X "\FacebookUpdateTaskUserS-1-5-21-2412566542-2080497746-3994005206-1000Core" "Facebook Installer" "Facebook Inc." "c:\users\acer\appdata\local\facebook\update\facebookupdate.exe"
X "\FacebookUpdateTaskUserS-1-5-21-2412566542-2080497746-3994005206-1000UA" "Facebook Installer" "Facebook Inc." "c:\users\acer\appdata\local\facebook\update\facebookupdate.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\PMMUpdate" "PMM Update Application" "Egis Technology Inc." "c:\program files\egistec ips\pmmupdate.exe"
+ "\Recovery Management\Burn Notification" "NotificationCenter" "Acer" "c:\program files\acer\acer erecovery management\notificationcenter\notification.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
X "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AtherosSvc" "Atheros BT Stack Service Agent" "Atheros Commnucations" "c:\program files (x86)\bluetooth suite\adminservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DsiWMIService" "Launch Manager WMI service program" "Dritek System Inc." "c:\program files (x86)\launch manager\dsiwmis.exe"
+ "EgisTec Ticket Service" "Egis Ticket Service" "Egis Technology Inc. " "c:\program files (x86)\common files\egistec\services\egisticketservice.exe"
+ "ePowerSvc" "ePower Service" "Acer Incorporated" "c:\program files\acer\acer epower management\epowersvc.exe"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Acresso Software Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "GamesAppService" "WT Games App Services" "WildTangent, Inc." "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\acer\registration\gregsvc.exe"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "Live Updater Service" "Updater Service" "Acer Incorporated" "c:\program files\acer\acer updater\updaterservice.exe"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe"
X "NBService" "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\nero\nero 7\nero backitup\nbservice.exe"
+ "NMIndexingService" "Nero Home" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nmindexingservice.exe"
+ "NTI IScheduleSvc" "NTI IShadow Manage backup/Sync jobs and etc..." "NTI Corporation" "c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "TurboBoost" "Intel® Turbo Boost Technology Monitor 2.0" "Intel® Corporation" "c:\program files\intel\turboboost\turboboost.exe"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "AthBTPort" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_flt.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "b57xdbd" "Broadcom xD Picture Card Bus Driver" "Broadcom Corporation" "c:\windows\system32\drivers\b57xdbd.sys"
+ "b57xdmp" "Broadcom xD Picture Card Miniport Driver" "Broadcom Corporation" "c:\windows\system32\drivers\b57xdmp.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrSerIb" "Brother MFC Serial Interface Driver(WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserib.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
X "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
X "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
X "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
X "BrUsbSIb" "Brother MFC Serial USB Driver(WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbsib.sys"
+ "bScsiMSa" "Broadcom Memory Stick Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bscsimsa.sys"
+ "bScsiSDa" "Broadcom SD 3.0 Driver" "Broadcom Corporation" "c:\windows\system32\drivers\bscsisda.sys"
+ "BTATH_A2DP" "Atheros A2DP driver" "Atheros" "c:\windows\system32\drivers\btath_a2dp.sys"
+ "btath_avdt" "Atheros Bluetooth AVDT driver" "Atheros" "c:\windows\system32\drivers\btath_avdt.sys"
+ "BTATH_BUS" "Atheros BUS driver" "Atheros" "c:\windows\system32\drivers\btath_bus.sys"
+ "BTATH_HCRP" "Atheros HCRP driver" "Atheros" "c:\windows\system32\drivers\btath_hcrp.sys"
+ "BTATH_LWFLT" "Atheros FILTER driver" "Atheros" "c:\windows\system32\drivers\btath_lwflt.sys"
+ "BTATH_RCP" "Atheros AVRCP driver" "Atheros" "c:\windows\system32\drivers\btath_rcp.sys"
+ "BtFilter" "BtFilter Driver" "Atheros" "c:\windows\system32\drivers\btfilter.sys"
+ "catchme" "" "" "File not found: C:\ComboFix\catchme.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "epmntdrv" "" "" "c:\windows\system32\epmntdrv.sys"
+ "ETD" "ETD Kernel Center" "ELAN Microelectronics Corp." "c:\windows\system32\drivers\etd.sys"
+ "EuGdiDrv" "" "" "c:\windows\system32\eugdidrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "grmnusb" "grmnusb.sys" "GARMIN Corp." "c:\windows\system32\drivers\grmnusb.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "intaud_WaveExtensible" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\intelaud.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IntcDAud" "Intel® Display Audio Driver" "Intel® Corporation" "c:\windows\system32\drivers\intcdaud.sys"
+ "iwdbus" "Intel® WiDi Solution" "Intel Corporation" "c:\windows\system32\drivers\iwdbus.sys"
+ "k57nd60a" "Broadcom NetLink ™ Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\k57nd60a.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys"
+ "MFX" "" "" "File not found: C:\Windows\System32\Drivers\MFX.sys"
+ "mwlPSDFilter" "mwlPSDFilter Filter Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdfilter.sys"
+ "mwlPSDNServ" "mwlPSDNServ Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdnserv.sys"
+ "mwlPSDVDisk" "mwlPSDVdisk Driver" "Egis Technology Inc." "c:\windows\system32\drivers\mwlpsdvdisk.sys"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NTI Corporation" "c:\windows\system32\drivers\ntidrvr.sys"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "pfc" "" "" "File not found: system32\drivers\pfc.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial_amd64.sys"
+ "SCDEmu" "PowerISO Virtual Drive" "PowerISO Computing, Inc." "c:\windows\system32\drivers\scdemu.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "TurboB" "Turbo Boost UI Monitor driver" "Intel® Corporation" "c:\windows\system32\drivers\turbob.sys"
+ "UBHelper" "NTI CD-ROM Filter Driver" "NTI Corporation" "c:\windows\system32\drivers\ubhelper.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter64.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "VIDC.ACDV" "" "" "File not found: ACDV.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3filter" "" "" "c:\windows\syswow64\ac3filter.acm"
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "msacm.l3codecp" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "VIDC.ACDV" "ACDV" "ACD Systems" "c:\windows\syswow64\acdv.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\x64\ac3filter64.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\program files (x86)\ac3filter\ac3filter.ax"
+ "ACDEncodeQT" "ACD QuickTime Encoder" "ACD Systems" "c:\program files (x86)\common files\acd systems\video\acdencodeqt.ax"
+ "ACDEncodeRM" "ACD RM Encoder" "" "c:\program files (x86)\common files\acd systems\video\acdencoderm.ax"
+ "ACDFX Filter" "ACDFX DirectShow Transform Filter" "ACD Systems" "c:\program files (x86)\common files\acd systems\acdfx.ax"
+ "CyberLink Audio Decoder (PCMMovie)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PCMMovie)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (PCMMovie)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudspa.ax"
+ "CyberLink Audio Wizard (PCMMovie)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\claudwizard.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PCMMovie)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clline21.ax"
+ "CyberLink TimeStretch Filter (PCMMovie)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\audiofilter\clauts.ax"
+ "CyberLink Tzan Filter (PCMMovie)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PCMMovie)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\acer\clear.fi\movie\videofilter\clvsd.ax"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
X "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
X "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "DS Video Buffer Filter" "WiDiAgent.dll COM object." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files (x86)\nero\nero 7\nero vision\nvdv.dll"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\hmnavigator.ax"
+ "Intel® Mux Renderer" "Intel® TS Mux / Network Renderer" "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder" "" "" "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder" "AAC audio decoder filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_aac_ds.ax"
+ "MainConcept AAC Encoder" "AAC audio encoder filter" "MainConcept GmbH" "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MainConcept AMR Decoder" "AMR Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_amr_ds.ax"
+ "MainConcept Audio Converter" "Audio Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_converter_ds.ax"
+ "MainConcept Audio Resampler" "Audio Resampler Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_audio_samplerate_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder" "AVC/H.264 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_avc_ds.ax"
+ "MainConcept Color Space Converter" "Color Space Converter DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_colorspace_ds.ax"
+ "MainConcept DV Dif Parser" "DV Dif Parser DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_parser_dv_ds.ax"
+ "MainConcept DV Video Decoder" "DirectShow DVCPro Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv_ds.ax"
+ "MainConcept DV-Demultiplexer" "DV-Splitter DS Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demux_dv_ds.ax"
+ "MainConcept DVCPro 50 Video Decoder" "DirectShow DVCPro50 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv50_ds.ax"
+ "MainConcept DVCPro HD Video Decoder" "DirectShow DVCProHD Video Decoder" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_dv100_ds.ax"
+ "MainConcept Frame Rate Converter" "Frame Rate Converter DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_framerate_ds.ax"
+ "MainConcept ImageScaler" "ImageScaler DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_trans_video_imagescaler_ds.ax"
+ "MainConcept Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mpa_ds.ax"
+ "MainConcept MP4 Demultiplexer" "MP4 Demultiplexer Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp4_ds.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_demuxpush_mp2_ds.ax"
+ "MainConcept MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp2v_ds.ax"
+ "MainConcept MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_dec_mp4v_ds.ax"
+ "MainConcept Sink Filter" "Sink DS Filter" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_render_fileindex_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\research in motion\blackberry desktop\codecs\mc_demux_mp2_ds.ax"
+ "MainConcept VC-1 Decoder" "VC-1 Decoder DirectShow Filter" "MainConcept GmbH" "c:\program files (x86)\adobe\elements 9 organizer\caheadless\mc_dec_vc1_ds.ax"
+ "MPEG-2 PSI Reader Filter" "Mpeg2PsiReader" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\mpeg2psireader.ax"
+ "MPEG-2 Stream Reader Filter" "Mpeg2StreamReader" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\mpeg2streamreader.ax"
+ "Nero Audible Decoder" "Nero Audible Decoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neaudible.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files (x86)\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nefsource.ax"
+ "Nero FLV Splitter" "Nero FLV Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neflvsplitter.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\necapture.ax"
+ "Nero FTC" "Frame Time Corrector Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neftc.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP3 Encoder" "MP3 Encoding Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nemp3encoder.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files (x86)\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\neresize.ax"
+ "Nero Sample Queue" "Sample Queue Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesamplequeue.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Smart3D Text Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Transition Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Smart3D Video Effect Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files (x86)\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Control" "Transport Stream Controller Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nestreamcontrol.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nerender.ax"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files (x86)\common files\ahead\dsfilter\nesoundswitch.ax"
+ "SlideShow" "" "" "c:\program files (x86)\nti\nti media maker 9\media maker\slideshow.ax"
+ "Track1Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track1filter.dll"
+ "Track2Filter" "Adobe Photoshop Elements 9.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements 9 organizer\track2filter.dll"
+ "WD Audio Filter" "WiDi Audio Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter" "Intel® WiDi Secure Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WDSource Filter" "WiDi Video Source Filter." "Intel Corporation" "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "AthCredentialProvider" "Bluetooth Credential Provider" "Atheros Commnucations" "c:\windows\system32\athcredentialprovider.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" ""
+ "AthCredentialProvider" "Bluetooth Credential Provider" "Atheros Commnucations" "c:\windows\system32\athcredentialprovider.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
X "BJ Language Monitor3_2" "Canon Inkjet Printer Driver" "CANON INC." "c:\windows\system32\cnblm3_2.dll"
"C:\Users\acer\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Battery Meter" "With this Battery Meter Gadget you can display your Status, Percent Remaining, Time Remaining, Designed Voltage, Current Voltage, Charge Rate, Discharge Rate, Current Charge Capacity, Maximum Charge Capacity, Designed Capacity, Retain Capacity, Manufacture, Device Name, Unique ID, Serial Number and Chemistry." "AddGadget" "C:\Users\acer\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Battery_Meter_V1.0.gadget\Gadget.xml"

#9 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 07 October 2012 - 07:53 PM

Still cannot launch Windows Defender, Function Discovery Resource Publication and windows Firewall.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:32 PM

Posted 08 October 2012 - 01:43 AM

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#11 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 08 October 2012 - 10:49 AM

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Farbar Service Scanner Version: 07-10-2012
Ran by acer (administrator) on 08-10-2012 at 08:49:24
Running from "E:\!!Windows\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:32 PM

Posted 08 October 2012 - 10:59 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

#13 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 09 October 2012 - 07:54 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log

Farbar Service Scanner Version: 07-10-2012
Ran by acer (administrator) on 09-10-2012 at 17:54:01
Running from "E:\!!Windows\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-09 16:21] - [2012-06-01 22:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:32 PM

Posted 09 October 2012 - 09:12 PM

Download

Mppsvc

Launch it and click YES

Restart the PC and post the new FSS log

Let me know if you have any current issues

#15 Majbach

Majbach
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 09 October 2012 - 10:26 PM

Download

Mppsvc

Launch it and click YES

Restart the PC and post the new FSS log

Let me know if you have any current issues

Making progress but still cannot said services. Firewall now says 'cannot load service...refer to system event log..." which I cannot locate.

Farbar Service Scanner Version: 07-10-2012
Ran by acer (administrator) on 09-10-2012 at 20:19:49
Running from "E:\!!Windows\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-09 16:21] - [2012-06-01 22:41] - 0184320 ____A (Microsoft Corporation) 9C01375BE382E834CC26D1B7EAF2C4FE

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users