Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Sirefef, or ZeroAcess, in need of help.


  • Please log in to reply
8 replies to this topic

#1 Derpnik

Derpnik

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 27 November 2012 - 11:15 PM

As the title says, my computer's infected by a virus. Malwarebytes found some infected files, and I keep seeing iexplore.exe show up in my task manager, despite never using internet explorer.

I had this problem once before, and I tried following the same steps as before, but the problem seems to persist. Windows defender and the like keep getting uninstalled by the virus, etc.

I would really appreciate some help, and I'd like to avoid reformatting, if possible.

BC AdBot (Login to Remove)

 


#2 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 27 November 2012 - 11:24 PM

And also, when I restart my computer I get a notification that the recycle bin on C is corrupted, how can I fix this?

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:45 AM

Posted 28 November 2012 - 07:39 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 28 November 2012 - 03:50 PM

14:49:37.0794 3484 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:49:38.0044 3484 ============================================================
14:49:38.0044 3484 Current date / time: 2012/11/28 14:49:38.0044
14:49:38.0044 3484 SystemInfo:
14:49:38.0044 3484
14:49:38.0044 3484 OS Version: 6.1.7600 ServicePack: 0.0
14:49:38.0044 3484 Product type: Workstation
14:49:38.0044 3484 ComputerName: DESKTOPZILLA
14:49:38.0044 3484 UserName: Kevin
14:49:38.0044 3484 Windows directory: C:\Windows
14:49:38.0044 3484 System windows directory: C:\Windows
14:49:38.0044 3484 Running under WOW64
14:49:38.0044 3484 Processor architecture: Intel x64
14:49:38.0044 3484 Number of processors: 4
14:49:38.0044 3484 Page size: 0x1000
14:49:38.0044 3484 Boot type: Normal boot
14:49:38.0044 3484 ============================================================
14:49:38.0794 3484 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:49:38.0794 3484 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:49:38.0794 3484 ============================================================
14:49:38.0794 3484 \Device\Harddisk0\DR0:
14:49:38.0804 3484 MBR partitions:
14:49:38.0804 3484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x747065B0
14:49:38.0804 3484 \Device\Harddisk1\DR1:
14:49:38.0804 3484 MBR partitions:
14:49:38.0804 3484 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAEA86800
14:49:38.0804 3484 ============================================================
14:49:38.0814 3484 C: <-> \Device\Harddisk0\DR0\Partition1
14:49:38.0824 3484 E: <-> \Device\Harddisk1\DR1\Partition1
14:49:38.0824 3484 ============================================================
14:49:38.0824 3484 Initialize success
14:49:38.0824 3484 ============================================================
14:49:43.0194 2836 ============================================================
14:49:43.0194 2836 Scan started
14:49:43.0194 2836 Mode: Manual; TDLFS;
14:49:43.0194 2836 ============================================================
14:49:43.0634 2836 ================ Scan system memory ========================
14:49:43.0634 2836 System memory - ok
14:49:43.0634 2836 ================ Scan services =============================
14:49:43.0774 2836 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:49:43.0774 2836 1394ohci - ok
14:49:43.0794 2836 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:49:43.0794 2836 ACPI - ok
14:49:43.0814 2836 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:49:43.0814 2836 AcpiPmi - ok
14:49:43.0864 2836 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:49:43.0864 2836 AdobeARMservice - ok
14:49:43.0894 2836 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:49:43.0894 2836 adp94xx - ok
14:49:43.0914 2836 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:49:43.0914 2836 adpahci - ok
14:49:43.0934 2836 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:49:43.0934 2836 adpu320 - ok
14:49:43.0964 2836 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:49:43.0964 2836 AeLookupSvc - ok
14:49:43.0994 2836 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
14:49:44.0004 2836 AFD - ok
14:49:44.0024 2836 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:49:44.0024 2836 agp440 - ok
14:49:44.0044 2836 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:49:44.0044 2836 ALG - ok
14:49:44.0054 2836 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:49:44.0054 2836 aliide - ok
14:49:44.0054 2836 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:49:44.0054 2836 amdide - ok
14:49:44.0064 2836 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:49:44.0064 2836 AmdK8 - ok
14:49:44.0074 2836 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:49:44.0074 2836 AmdPPM - ok
14:49:44.0084 2836 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
14:49:44.0084 2836 amdsata - ok
14:49:44.0104 2836 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:49:44.0104 2836 amdsbs - ok
14:49:44.0114 2836 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
14:49:44.0114 2836 amdxata - ok
14:49:44.0124 2836 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:49:44.0124 2836 AppID - ok
14:49:44.0144 2836 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:49:44.0144 2836 AppIDSvc - ok
14:49:44.0164 2836 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
14:49:44.0164 2836 Appinfo - ok
14:49:44.0184 2836 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:49:44.0184 2836 AppMgmt - ok
14:49:44.0204 2836 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:49:44.0204 2836 arc - ok
14:49:44.0214 2836 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:49:44.0214 2836 arcsas - ok
14:49:44.0284 2836 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:49:44.0284 2836 aspnet_state - ok
14:49:44.0294 2836 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:49:44.0304 2836 AsyncMac - ok
14:49:44.0324 2836 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:49:44.0324 2836 atapi - ok
14:49:44.0344 2836 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:49:44.0344 2836 AudioEndpointBuilder - ok
14:49:44.0364 2836 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:49:44.0364 2836 AudioSrv - ok
14:49:44.0384 2836 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:49:44.0384 2836 AxInstSV - ok
14:49:44.0404 2836 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:49:44.0404 2836 b06bdrv - ok
14:49:44.0424 2836 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:49:44.0424 2836 b57nd60a - ok
14:49:44.0464 2836 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:49:44.0464 2836 BDESVC - ok
14:49:44.0474 2836 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:49:44.0474 2836 Beep - ok
14:49:44.0514 2836 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
14:49:44.0524 2836 BFE - ok
14:49:44.0564 2836 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
14:49:44.0574 2836 BITS - ok
14:49:44.0584 2836 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:49:44.0584 2836 blbdrive - ok
14:49:44.0604 2836 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:49:44.0604 2836 bowser - ok
14:49:44.0624 2836 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:49:44.0624 2836 BrFiltLo - ok
14:49:44.0634 2836 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:49:44.0634 2836 BrFiltUp - ok
14:49:44.0664 2836 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
14:49:44.0664 2836 Browser - ok
14:49:44.0674 2836 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:49:44.0674 2836 Brserid - ok
14:49:44.0674 2836 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:49:44.0674 2836 BrSerWdm - ok
14:49:44.0684 2836 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:49:44.0684 2836 BrUsbMdm - ok
14:49:44.0694 2836 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:49:44.0694 2836 BrUsbSer - ok
14:49:44.0694 2836 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:49:44.0694 2836 BTHMODEM - ok
14:49:44.0714 2836 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:49:44.0714 2836 bthserv - ok
14:49:44.0724 2836 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:49:44.0724 2836 cdfs - ok
14:49:44.0754 2836 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:49:44.0754 2836 cdrom - ok
14:49:44.0764 2836 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
14:49:44.0764 2836 CertPropSvc - ok
14:49:44.0774 2836 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:49:44.0774 2836 circlass - ok
14:49:44.0794 2836 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:49:44.0794 2836 CLFS - ok
14:49:44.0854 2836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:49:44.0854 2836 clr_optimization_v2.0.50727_32 - ok
14:49:44.0874 2836 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:49:44.0874 2836 clr_optimization_v2.0.50727_64 - ok
14:49:44.0934 2836 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:49:44.0934 2836 clr_optimization_v4.0.30319_32 - ok
14:49:44.0944 2836 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:49:44.0944 2836 clr_optimization_v4.0.30319_64 - ok
14:49:44.0964 2836 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:49:44.0974 2836 CmBatt - ok
14:49:44.0984 2836 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:49:44.0984 2836 cmdide - ok
14:49:45.0024 2836 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:49:45.0024 2836 CNG - ok
14:49:45.0034 2836 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:49:45.0034 2836 Compbatt - ok
14:49:45.0064 2836 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:49:45.0064 2836 CompositeBus - ok
14:49:45.0074 2836 COMSysApp - ok
14:49:45.0084 2836 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:49:45.0084 2836 crcdisk - ok
14:49:45.0104 2836 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:49:45.0104 2836 CryptSvc - ok
14:49:45.0134 2836 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
14:49:45.0144 2836 CSC - ok
14:49:45.0164 2836 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
14:49:45.0174 2836 CscService - ok
14:49:45.0194 2836 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:49:45.0204 2836 DcomLaunch - ok
14:49:45.0224 2836 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:49:45.0224 2836 defragsvc - ok
14:49:45.0244 2836 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:49:45.0244 2836 DfsC - ok
14:49:45.0274 2836 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
14:49:45.0274 2836 Dhcp - ok
14:49:45.0304 2836 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:49:45.0304 2836 discache - ok
14:49:45.0334 2836 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:49:45.0334 2836 Disk - ok
14:49:45.0364 2836 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:49:45.0364 2836 Dnscache - ok
14:49:45.0384 2836 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
14:49:45.0384 2836 dot3svc - ok
14:49:45.0404 2836 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
14:49:45.0404 2836 DPS - ok
14:49:45.0434 2836 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:49:45.0434 2836 drmkaud - ok
14:49:45.0474 2836 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:49:45.0474 2836 dtsoftbus01 - ok
14:49:45.0504 2836 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:49:45.0514 2836 DXGKrnl - ok
14:49:45.0544 2836 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:49:45.0544 2836 EapHost - ok
14:49:45.0624 2836 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:49:45.0644 2836 ebdrv - ok
14:49:45.0664 2836 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
14:49:45.0664 2836 EFS - ok
14:49:45.0704 2836 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:49:45.0714 2836 ehRecvr - ok
14:49:45.0724 2836 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:49:45.0724 2836 ehSched - ok
14:49:45.0764 2836 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:49:45.0764 2836 elxstor - ok
14:49:45.0784 2836 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:49:45.0784 2836 ErrDev - ok
14:49:45.0814 2836 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:49:45.0814 2836 EventSystem - ok
14:49:45.0854 2836 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:49:45.0854 2836 exfat - ok
14:49:45.0864 2836 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:49:45.0874 2836 fastfat - ok
14:49:45.0894 2836 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
14:49:45.0904 2836 Fax - ok
14:49:45.0914 2836 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:49:45.0914 2836 fdc - ok
14:49:45.0934 2836 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:49:45.0934 2836 fdPHost - ok
14:49:45.0954 2836 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:49:45.0954 2836 FDResPub - ok
14:49:45.0964 2836 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:49:45.0964 2836 FileInfo - ok
14:49:45.0974 2836 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:49:45.0974 2836 Filetrace - ok
14:49:45.0984 2836 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:49:45.0984 2836 flpydisk - ok
14:49:45.0994 2836 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:49:45.0994 2836 FltMgr - ok
14:49:46.0034 2836 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
14:49:46.0044 2836 FontCache - ok
14:49:46.0084 2836 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:49:46.0084 2836 FontCache3.0.0.0 - ok
14:49:46.0104 2836 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:49:46.0104 2836 FsDepends - ok
14:49:46.0124 2836 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:49:46.0124 2836 Fs_Rec - ok
14:49:46.0144 2836 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:49:46.0144 2836 fvevol - ok
14:49:46.0164 2836 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:49:46.0164 2836 gagp30kx - ok
14:49:46.0204 2836 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
14:49:46.0214 2836 gpsvc - ok
14:49:46.0224 2836 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:49:46.0224 2836 hcw85cir - ok
14:49:46.0254 2836 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:49:46.0254 2836 HdAudAddService - ok
14:49:46.0284 2836 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:49:46.0284 2836 HDAudBus - ok
14:49:46.0294 2836 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:49:46.0294 2836 HidBatt - ok
14:49:46.0304 2836 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:49:46.0304 2836 HidBth - ok
14:49:46.0324 2836 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:49:46.0324 2836 HidIr - ok
14:49:46.0324 2836 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:49:46.0324 2836 hidserv - ok
14:49:46.0354 2836 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:49:46.0354 2836 HidUsb - ok
14:49:46.0374 2836 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:49:46.0374 2836 hkmsvc - ok
14:49:46.0394 2836 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:49:46.0394 2836 HomeGroupListener - ok
14:49:46.0414 2836 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:49:46.0424 2836 HomeGroupProvider - ok
14:49:46.0434 2836 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:49:46.0434 2836 HpSAMD - ok
14:49:46.0474 2836 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:49:46.0474 2836 HTTP - ok
14:49:46.0484 2836 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:49:46.0494 2836 hwpolicy - ok
14:49:46.0504 2836 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:49:46.0504 2836 i8042prt - ok
14:49:46.0544 2836 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:49:46.0544 2836 iaStor - ok
14:49:46.0574 2836 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
14:49:46.0584 2836 iaStorV - ok
14:49:46.0614 2836 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:49:46.0624 2836 idsvc - ok
14:49:46.0644 2836 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:49:46.0654 2836 iirsp - ok
14:49:46.0704 2836 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
14:49:46.0714 2836 IKEEXT - ok
14:49:46.0734 2836 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:49:46.0734 2836 intelide - ok
14:49:46.0754 2836 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:49:46.0754 2836 intelppm - ok
14:49:46.0774 2836 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:49:46.0774 2836 IPBusEnum - ok
14:49:46.0784 2836 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:49:46.0784 2836 IpFilterDriver - ok
14:49:46.0844 2836 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:49:46.0844 2836 iphlpsvc - ok
14:49:46.0854 2836 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:49:46.0854 2836 IPMIDRV - ok
14:49:46.0864 2836 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:49:46.0864 2836 IPNAT - ok
14:49:46.0894 2836 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:49:46.0894 2836 IRENUM - ok
14:49:46.0894 2836 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:49:46.0894 2836 isapnp - ok
14:49:46.0914 2836 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:49:46.0914 2836 iScsiPrt - ok
14:49:46.0944 2836 [ 6EBE4832B1A7C063FDF87035AFC1E3DC ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
14:49:46.0944 2836 JRAID - ok
14:49:46.0954 2836 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:49:46.0954 2836 kbdclass - ok
14:49:46.0974 2836 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:49:46.0974 2836 kbdhid - ok
14:49:46.0984 2836 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
14:49:46.0984 2836 KeyIso - ok
14:49:47.0004 2836 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:49:47.0004 2836 KSecDD - ok
14:49:47.0024 2836 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:49:47.0024 2836 KSecPkg - ok
14:49:47.0034 2836 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:49:47.0034 2836 ksthunk - ok
14:49:47.0054 2836 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:49:47.0064 2836 KtmRm - ok
14:49:47.0094 2836 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:49:47.0094 2836 LanmanServer - ok
14:49:47.0114 2836 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:49:47.0114 2836 LanmanWorkstation - ok
14:49:47.0144 2836 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:49:47.0144 2836 lltdio - ok
14:49:47.0174 2836 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:49:47.0174 2836 lltdsvc - ok
14:49:47.0194 2836 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:49:47.0194 2836 lmhosts - ok
14:49:47.0204 2836 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:49:47.0214 2836 LSI_FC - ok
14:49:47.0224 2836 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:49:47.0224 2836 LSI_SAS - ok
14:49:47.0224 2836 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:49:47.0224 2836 LSI_SAS2 - ok
14:49:47.0234 2836 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:49:47.0234 2836 LSI_SCSI - ok
14:49:47.0244 2836 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:49:47.0244 2836 luafv - ok
14:49:47.0264 2836 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:49:47.0264 2836 Mcx2Svc - ok
14:49:47.0284 2836 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:49:47.0284 2836 megasas - ok
14:49:47.0294 2836 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:49:47.0304 2836 MegaSR - ok
14:49:47.0304 2836 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:49:47.0314 2836 MMCSS - ok
14:49:47.0324 2836 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:49:47.0324 2836 Modem - ok
14:49:47.0344 2836 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:49:47.0344 2836 monitor - ok
14:49:47.0374 2836 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:49:47.0374 2836 mouclass - ok
14:49:47.0394 2836 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:49:47.0394 2836 mouhid - ok
14:49:47.0414 2836 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:49:47.0424 2836 mountmgr - ok
14:49:47.0474 2836 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:49:47.0474 2836 MozillaMaintenance - ok
14:49:47.0484 2836 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:49:47.0484 2836 mpio - ok
14:49:47.0494 2836 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:49:47.0494 2836 mpsdrv - ok
14:49:47.0544 2836 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:49:47.0554 2836 MpsSvc - ok
14:49:47.0564 2836 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:49:47.0564 2836 MRxDAV - ok
14:49:47.0604 2836 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:49:47.0604 2836 mrxsmb - ok
14:49:47.0624 2836 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:49:47.0624 2836 mrxsmb10 - ok
14:49:47.0634 2836 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:49:47.0634 2836 mrxsmb20 - ok
14:49:47.0644 2836 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:49:47.0644 2836 msahci - ok
14:49:47.0694 2836 [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
14:49:47.0694 2836 MSCamSvc - ok
14:49:47.0704 2836 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:49:47.0704 2836 msdsm - ok
14:49:47.0724 2836 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:49:47.0724 2836 MSDTC - ok
14:49:47.0744 2836 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:49:47.0744 2836 Msfs - ok
14:49:47.0754 2836 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:49:47.0754 2836 mshidkmdf - ok
14:49:47.0774 2836 [ BB590070D606AE6F008341FC9A7B2AD7 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
14:49:47.0774 2836 MSHUSBVideo - ok
14:49:47.0794 2836 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:49:47.0794 2836 msisadrv - ok
14:49:47.0804 2836 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:49:47.0814 2836 MSiSCSI - ok
14:49:47.0814 2836 msiserver - ok
14:49:47.0824 2836 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:49:47.0824 2836 MSKSSRV - ok
14:49:47.0834 2836 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:49:47.0834 2836 MSPCLOCK - ok
14:49:47.0834 2836 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:49:47.0844 2836 MSPQM - ok
14:49:47.0844 2836 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:49:47.0854 2836 MsRPC - ok
14:49:47.0864 2836 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:49:47.0864 2836 mssmbios - ok
14:49:47.0884 2836 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:49:47.0884 2836 MSTEE - ok
14:49:47.0894 2836 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:49:47.0894 2836 MTConfig - ok
14:49:47.0924 2836 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
14:49:47.0924 2836 MTsensor - ok
14:49:47.0934 2836 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:49:47.0934 2836 Mup - ok
14:49:47.0974 2836 [ 77073C1AF9C0921FF18EE628049BB1A9 ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
14:49:47.0974 2836 mv91xx - ok
14:49:47.0994 2836 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
14:49:48.0004 2836 napagent - ok
14:49:48.0024 2836 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:49:48.0034 2836 NativeWifiP - ok
14:49:48.0074 2836 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:49:48.0074 2836 NDIS - ok
14:49:48.0094 2836 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:49:48.0094 2836 NdisCap - ok
14:49:48.0104 2836 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:49:48.0104 2836 NdisTapi - ok
14:49:48.0124 2836 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:49:48.0124 2836 Ndisuio - ok
14:49:48.0134 2836 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:49:48.0134 2836 NdisWan - ok
14:49:48.0154 2836 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:49:48.0154 2836 NDProxy - ok
14:49:48.0164 2836 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:49:48.0164 2836 NetBIOS - ok
14:49:48.0174 2836 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:49:48.0174 2836 NetBT - ok
14:49:48.0184 2836 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
14:49:48.0184 2836 Netlogon - ok
14:49:48.0224 2836 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:49:48.0234 2836 Netman - ok
14:49:48.0254 2836 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:48.0254 2836 NetMsmqActivator - ok
14:49:48.0264 2836 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:48.0264 2836 NetPipeActivator - ok
14:49:48.0284 2836 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:49:48.0284 2836 netprofm - ok
14:49:48.0294 2836 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:48.0294 2836 NetTcpActivator - ok
14:49:48.0304 2836 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:49:48.0304 2836 NetTcpPortSharing - ok
14:49:48.0324 2836 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:49:48.0324 2836 nfrd960 - ok
14:49:48.0354 2836 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:49:48.0354 2836 NlaSvc - ok
14:49:48.0364 2836 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:49:48.0364 2836 Npfs - ok
14:49:48.0374 2836 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:49:48.0374 2836 nsi - ok
14:49:48.0384 2836 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:49:48.0394 2836 nsiproxy - ok
14:49:48.0424 2836 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:49:48.0444 2836 Ntfs - ok
14:49:48.0454 2836 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:49:48.0454 2836 Null - ok
14:49:48.0484 2836 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:49:48.0484 2836 NVHDA - ok
14:49:48.0714 2836 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:49:48.0764 2836 nvlddmkm - ok
14:49:48.0794 2836 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
14:49:48.0794 2836 nvraid - ok
14:49:48.0804 2836 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
14:49:48.0804 2836 nvstor - ok
14:49:48.0844 2836 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
14:49:48.0854 2836 nvsvc - ok
14:49:48.0914 2836 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:49:48.0924 2836 nvUpdatusService - ok
14:49:48.0944 2836 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:49:48.0944 2836 nv_agp - ok
14:49:48.0964 2836 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:49:48.0964 2836 ohci1394 - ok
14:49:48.0984 2836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:49:48.0984 2836 p2pimsvc - ok
14:49:49.0004 2836 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:49:49.0014 2836 p2psvc - ok
14:49:49.0024 2836 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:49:49.0024 2836 Parport - ok
14:49:49.0034 2836 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:49:49.0034 2836 partmgr - ok
14:49:49.0044 2836 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:49:49.0044 2836 PcaSvc - ok
14:49:49.0064 2836 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
14:49:49.0064 2836 pci - ok
14:49:49.0064 2836 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:49:49.0074 2836 pciide - ok
14:49:49.0084 2836 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:49:49.0084 2836 pcmcia - ok
14:49:49.0094 2836 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:49:49.0094 2836 pcw - ok
14:49:49.0104 2836 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:49:49.0114 2836 PEAUTH - ok
14:49:49.0144 2836 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:49:49.0154 2836 PeerDistSvc - ok
14:49:49.0214 2836 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:49:49.0224 2836 PerfHost - ok
14:49:49.0264 2836 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
14:49:49.0274 2836 pla - ok
14:49:49.0314 2836 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:49:49.0314 2836 PlugPlay - ok
14:49:49.0324 2836 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:49:49.0324 2836 PNRPAutoReg - ok
14:49:49.0334 2836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:49:49.0334 2836 PNRPsvc - ok
14:49:49.0364 2836 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:49:49.0374 2836 PolicyAgent - ok
14:49:49.0394 2836 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:49:49.0404 2836 Power - ok
14:49:49.0424 2836 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:49:49.0424 2836 PptpMiniport - ok
14:49:49.0444 2836 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:49:49.0444 2836 Processor - ok
14:49:49.0464 2836 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
14:49:49.0464 2836 ProfSvc - ok
14:49:49.0474 2836 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:49:49.0474 2836 ProtectedStorage - ok
14:49:49.0504 2836 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:49:49.0504 2836 Psched - ok
14:49:49.0534 2836 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:49:49.0544 2836 ql2300 - ok
14:49:49.0554 2836 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:49:49.0554 2836 ql40xx - ok
14:49:49.0574 2836 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:49:49.0584 2836 QWAVE - ok
14:49:49.0594 2836 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:49:49.0594 2836 QWAVEdrv - ok
14:49:49.0604 2836 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:49:49.0604 2836 RasAcd - ok
14:49:49.0624 2836 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:49:49.0624 2836 RasAgileVpn - ok
14:49:49.0634 2836 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:49:49.0634 2836 RasAuto - ok
14:49:49.0664 2836 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:49:49.0664 2836 Rasl2tp - ok
14:49:49.0674 2836 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
14:49:49.0684 2836 RasMan - ok
14:49:49.0694 2836 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:49:49.0694 2836 RasPppoe - ok
14:49:49.0704 2836 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:49:49.0704 2836 RasSstp - ok
14:49:49.0704 2836 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:49:49.0704 2836 rdbss - ok
14:49:49.0714 2836 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:49:49.0714 2836 rdpbus - ok
14:49:49.0734 2836 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:49:49.0734 2836 RDPCDD - ok
14:49:49.0754 2836 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:49:49.0754 2836 RDPDR - ok
14:49:49.0764 2836 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:49:49.0764 2836 RDPENCDD - ok
14:49:49.0774 2836 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:49:49.0774 2836 RDPREFMP - ok
14:49:49.0804 2836 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:49:49.0804 2836 RDPWD - ok
14:49:49.0814 2836 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:49:49.0814 2836 rdyboost - ok
14:49:49.0834 2836 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:49:49.0834 2836 RemoteAccess - ok
14:49:49.0854 2836 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:49:49.0854 2836 RemoteRegistry - ok
14:49:49.0864 2836 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:49:49.0864 2836 RpcEptMapper - ok
14:49:49.0874 2836 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:49:49.0874 2836 RpcLocator - ok
14:49:49.0894 2836 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
14:49:49.0894 2836 RpcSs - ok
14:49:49.0924 2836 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:49:49.0924 2836 rspndr - ok
14:49:49.0954 2836 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:49:49.0954 2836 RTL8167 - ok
14:49:49.0994 2836 [ 672CA863751E96F0A800215C11FD496F ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
14:49:49.0994 2836 rzudd - ok
14:49:50.0024 2836 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
14:49:50.0024 2836 s3cap - ok
14:49:50.0034 2836 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
14:49:50.0034 2836 SamSs - ok
14:49:50.0044 2836 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:49:50.0044 2836 sbp2port - ok
14:49:50.0074 2836 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:49:50.0074 2836 SCardSvr - ok
14:49:50.0084 2836 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:49:50.0084 2836 scfilter - ok
14:49:50.0114 2836 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
14:49:50.0114 2836 Schedule - ok
14:49:50.0134 2836 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:49:50.0134 2836 SCPolicySvc - ok
14:49:50.0134 2836 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:49:50.0134 2836 SDRSVC - ok
14:49:50.0164 2836 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:49:50.0164 2836 secdrv - ok
14:49:50.0184 2836 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
14:49:50.0184 2836 seclogon - ok
14:49:50.0204 2836 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:49:50.0204 2836 SENS - ok
14:49:50.0214 2836 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:49:50.0214 2836 SensrSvc - ok
14:49:50.0234 2836 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:49:50.0234 2836 Serenum - ok
14:49:50.0244 2836 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:49:50.0254 2836 Serial - ok
14:49:50.0254 2836 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:49:50.0254 2836 sermouse - ok
14:49:50.0264 2836 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
14:49:50.0264 2836 SessionEnv - ok
14:49:50.0294 2836 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:49:50.0294 2836 sffdisk - ok
14:49:50.0314 2836 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:49:50.0314 2836 sffp_mmc - ok
14:49:50.0334 2836 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:49:50.0334 2836 sffp_sd - ok
14:49:50.0334 2836 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:49:50.0334 2836 sfloppy - ok
14:49:50.0364 2836 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:49:50.0374 2836 SharedAccess - ok
14:49:50.0394 2836 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:49:50.0404 2836 ShellHWDetection - ok
14:49:50.0414 2836 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:49:50.0414 2836 SiSRaid2 - ok
14:49:50.0424 2836 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:49:50.0424 2836 SiSRaid4 - ok
14:49:50.0444 2836 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:49:50.0444 2836 SkypeUpdate - ok
14:49:50.0464 2836 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:49:50.0474 2836 Smb - ok
14:49:50.0494 2836 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:49:50.0494 2836 SNMPTRAP - ok
14:49:50.0504 2836 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:49:50.0504 2836 spldr - ok
14:49:50.0524 2836 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
14:49:50.0524 2836 Spooler - ok
14:49:50.0574 2836 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
14:49:50.0594 2836 sppsvc - ok
14:49:50.0604 2836 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:49:50.0604 2836 sppuinotify - ok
14:49:50.0644 2836 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:49:50.0644 2836 srv - ok
14:49:50.0674 2836 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:49:50.0674 2836 srv2 - ok
14:49:50.0694 2836 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:49:50.0694 2836 srvnet - ok
14:49:50.0744 2836 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:49:50.0754 2836 SSDPSRV - ok
14:49:50.0764 2836 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:49:50.0764 2836 SstpSvc - ok
14:49:50.0804 2836 Steam Client Service - ok
14:49:50.0834 2836 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:49:50.0844 2836 Stereo Service - ok
14:49:50.0864 2836 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:49:50.0864 2836 stexstor - ok
14:49:50.0884 2836 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
14:49:50.0894 2836 stisvc - ok
14:49:50.0914 2836 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
14:49:50.0914 2836 storflt - ok
14:49:50.0934 2836 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:49:50.0934 2836 StorSvc - ok
14:49:50.0944 2836 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
14:49:50.0944 2836 storvsc - ok
14:49:50.0964 2836 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:49:50.0964 2836 swenum - ok
14:49:50.0994 2836 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:49:51.0004 2836 swprv - ok
14:49:51.0034 2836 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
14:49:51.0044 2836 SysMain - ok
14:49:51.0054 2836 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:49:51.0054 2836 TabletInputService - ok
14:49:51.0064 2836 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
14:49:51.0074 2836 TapiSrv - ok
14:49:51.0084 2836 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:49:51.0084 2836 TBS - ok
14:49:51.0124 2836 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:49:51.0134 2836 Tcpip - ok
14:49:51.0164 2836 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:49:51.0174 2836 TCPIP6 - ok
14:49:51.0194 2836 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:49:51.0194 2836 tcpipreg - ok
14:49:51.0204 2836 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:49:51.0204 2836 TDPIPE - ok
14:49:51.0234 2836 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:49:51.0234 2836 TDTCP - ok
14:49:51.0244 2836 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:49:51.0244 2836 tdx - ok
14:49:51.0254 2836 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:49:51.0254 2836 TermDD - ok
14:49:51.0284 2836 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
14:49:51.0294 2836 TermService - ok
14:49:51.0304 2836 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:49:51.0304 2836 Themes - ok
14:49:51.0304 2836 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:49:51.0304 2836 THREADORDER - ok
14:49:51.0314 2836 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:49:51.0314 2836 TrkWks - ok
14:49:51.0364 2836 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:49:51.0364 2836 TrustedInstaller - ok
14:49:51.0374 2836 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:49:51.0374 2836 tssecsrv - ok
14:49:51.0414 2836 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:49:51.0414 2836 tunnel - ok
14:49:51.0424 2836 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:49:51.0424 2836 uagp35 - ok
14:49:51.0444 2836 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:49:51.0444 2836 udfs - ok
14:49:51.0464 2836 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:49:51.0464 2836 UI0Detect - ok
14:49:51.0474 2836 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:49:51.0474 2836 uliagpkx - ok
14:49:51.0494 2836 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:49:51.0494 2836 umbus - ok
14:49:51.0504 2836 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:49:51.0504 2836 UmPass - ok
14:49:51.0534 2836 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
14:49:51.0534 2836 UmRdpService - ok
14:49:51.0554 2836 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:49:51.0564 2836 upnphost - ok
14:49:51.0584 2836 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
14:49:51.0584 2836 usbaudio - ok
14:49:51.0604 2836 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:49:51.0604 2836 usbccgp - ok
14:49:51.0614 2836 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:49:51.0614 2836 usbcir - ok
14:49:51.0624 2836 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:49:51.0624 2836 usbehci - ok
14:49:51.0644 2836 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:49:51.0644 2836 usbhub - ok
14:49:51.0654 2836 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:49:51.0654 2836 usbohci - ok
14:49:51.0654 2836 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:49:51.0654 2836 usbprint - ok
14:49:51.0674 2836 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:49:51.0674 2836 USBSTOR - ok
14:49:51.0684 2836 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:49:51.0684 2836 usbuhci - ok
14:49:51.0724 2836 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:49:51.0724 2836 usbvideo - ok
14:49:51.0734 2836 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:49:51.0744 2836 UxSms - ok
14:49:51.0754 2836 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
14:49:51.0754 2836 VaultSvc - ok
14:49:51.0774 2836 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:49:51.0774 2836 vdrvroot - ok
14:49:51.0794 2836 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
14:49:51.0804 2836 vds - ok
14:49:51.0814 2836 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:49:51.0814 2836 vga - ok
14:49:51.0824 2836 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:49:51.0824 2836 VgaSave - ok
14:49:51.0834 2836 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:49:51.0834 2836 vhdmp - ok
14:49:51.0874 2836 [ 906A7C6B6659A650648CF21998270945 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:49:51.0884 2836 VIAHdAudAddService - ok
14:49:51.0904 2836 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:49:51.0904 2836 viaide - ok
14:49:51.0924 2836 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
14:49:51.0924 2836 vmbus - ok
14:49:51.0934 2836 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
14:49:51.0934 2836 VMBusHID - ok
14:49:51.0954 2836 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:49:51.0954 2836 volmgr - ok
14:49:51.0974 2836 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:49:51.0974 2836 volmgrx - ok
14:49:51.0984 2836 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
14:49:51.0984 2836 volsnap - ok
14:49:52.0004 2836 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:49:52.0004 2836 vsmraid - ok
14:49:52.0044 2836 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
14:49:52.0064 2836 VSS - ok
14:49:52.0074 2836 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:49:52.0074 2836 vwifibus - ok
14:49:52.0094 2836 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:49:52.0104 2836 W32Time - ok
14:49:52.0114 2836 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:49:52.0114 2836 WacomPen - ok
14:49:52.0144 2836 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:49:52.0144 2836 WANARP - ok
14:49:52.0144 2836 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:49:52.0144 2836 Wanarpv6 - ok
14:49:52.0174 2836 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
14:49:52.0184 2836 wbengine - ok
14:49:52.0194 2836 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:49:52.0194 2836 WbioSrvc - ok
14:49:52.0224 2836 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:49:52.0224 2836 wcncsvc - ok
14:49:52.0244 2836 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:49:52.0244 2836 WcsPlugInService - ok
14:49:52.0264 2836 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:49:52.0264 2836 Wd - ok
14:49:52.0274 2836 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:49:52.0284 2836 Wdf01000 - ok
14:49:52.0294 2836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:49:52.0294 2836 WdiServiceHost - ok
14:49:52.0294 2836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:49:52.0294 2836 WdiSystemHost - ok
14:49:52.0304 2836 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
14:49:52.0314 2836 WebClient - ok
14:49:52.0324 2836 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:49:52.0334 2836 Wecsvc - ok
14:49:52.0344 2836 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:49:52.0344 2836 wercplsupport - ok
14:49:52.0364 2836 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:49:52.0364 2836 WerSvc - ok
14:49:52.0374 2836 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:49:52.0374 2836 WfpLwf - ok
14:49:52.0384 2836 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:49:52.0384 2836 WIMMount - ok
14:49:52.0414 2836 WinDefend - ok
14:49:52.0424 2836 WinHttpAutoProxySvc - ok
14:49:52.0464 2836 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:49:52.0464 2836 Winmgmt - ok
14:49:52.0504 2836 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:49:52.0524 2836 WinRM - ok
14:49:52.0554 2836 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:49:52.0554 2836 Wlansvc - ok
14:49:52.0604 2836 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:49:52.0604 2836 WmiAcpi - ok
14:49:52.0634 2836 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:49:52.0634 2836 wmiApSrv - ok
14:49:52.0654 2836 WMPNetworkSvc - ok
14:49:52.0674 2836 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:49:52.0674 2836 WPCSvc - ok
14:49:52.0684 2836 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:49:52.0684 2836 WPDBusEnum - ok
14:49:52.0694 2836 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:49:52.0694 2836 ws2ifsl - ok
14:49:52.0744 2836 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
14:49:52.0744 2836 wscsvc - ok
14:49:52.0754 2836 WSearch - ok
14:49:52.0834 2836 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:49:52.0854 2836 wuauserv - ok
14:49:52.0874 2836 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:49:52.0874 2836 WudfPf - ok
14:49:52.0894 2836 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:49:52.0894 2836 WUDFRd - ok
14:49:52.0914 2836 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:49:52.0914 2836 wudfsvc - ok
14:49:52.0924 2836 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:49:52.0924 2836 WwanSvc - ok
14:49:52.0924 2836 ================ Scan global ===============================
14:49:52.0944 2836 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:49:52.0964 2836 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:49:52.0964 2836 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
14:49:52.0984 2836 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:49:52.0994 2836 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:49:53.0004 2836 [Global] - ok
14:49:53.0004 2836 ================ Scan MBR ==================================
14:49:53.0014 2836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:49:53.0254 2836 \Device\Harddisk0\DR0 - ok
14:49:53.0254 2836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:49:53.0374 2836 \Device\Harddisk1\DR1 - ok
14:49:53.0374 2836 ================ Scan VBR ==================================
14:49:53.0374 2836 [ 28F4C13147A40B38263A6A2CE470C814 ] \Device\Harddisk0\DR0\Partition1
14:49:53.0374 2836 \Device\Harddisk0\DR0\Partition1 - ok
14:49:53.0384 2836 [ 8AA43B91329B2162F817E69E0C2DF47D ] \Device\Harddisk1\DR1\Partition1
14:49:53.0384 2836 \Device\Harddisk1\DR1\Partition1 - ok
14:49:53.0384 2836 ============================================================
14:49:53.0384 2836 Scan finished
14:49:53.0384 2836 ============================================================
14:49:53.0404 3428 Detected object count: 0
14:49:53.0404 3428 Actual detected object count: 0

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-28 14:50:47
-----------------------------
14:50:47.184 OS Version: Windows x64 6.1.7600
14:50:47.184 Number of processors: 4 586 0x1E05
14:50:47.184 ComputerName: DESKTOPZILLA UserName: Kevin
14:50:49.624 Initialize success
14:50:55.244 AVAST engine defs: 12112701
14:51:03.264 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:51:03.274 Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA39C Size: 953869MB BusType: 11
14:51:03.294 Disk 0 MBR read successfully
14:51:03.294 Disk 0 MBR scan
14:51:03.304 Disk 0 Windows 7 default MBR code
14:51:03.304 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 953868 MB offset 2048
14:51:03.324 Disk 0 scanning C:\Windows\system32\drivers
14:51:08.784 Service scanning
14:51:23.004 Modules scanning
14:51:23.014 Disk 0 trace - called modules:
14:51:23.034 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
14:51:23.044 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004e3e060]
14:51:23.044 3 CLASSPNP.SYS[fffff88001b3a43f] -> nt!IofCallDriver -> [0xfffffa8004b811e0]
14:51:23.384 5 ACPI.sys[fffff88000ee1781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004bb2060]
14:51:25.674 AVAST engine scan C:\Windows
14:51:29.444 AVAST engine scan C:\Windows\system32
14:53:41.232 AVAST engine scan C:\Windows\system32\drivers
14:53:49.432 AVAST engine scan C:\Users\Kevin
14:59:44.694 AVAST engine scan C:\ProgramData
15:00:01.494 Scan finished successfully
15:05:48.232 Disk 0 MBR has been saved successfully to "C:\Users\Kevin\Desktop\MBR.dat"
15:05:48.232 The log file has been saved successfully to "C:\Users\Kevin\Desktop\aswMBR.txt"

ESET:
C:\Users\Kevin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\3961e06c-18d71640 a variant of Win32/Injector.ZPB trojan cleaned by deleting - quarantined
C:\Users\Kevin\AppData\Roaming\wscrc.dll a variant of Win32/Medfos.FY trojan cleaned by deleting - quarantined

Edited by Derpnik, 28 November 2012 - 03:51 PM.


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:45 AM

Posted 28 November 2012 - 05:04 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 29 November 2012 - 12:22 AM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.28.01

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Kevin :: DESKTOPZILLA [administrator]

11/28/2012 6:59:57 PM
mbam-log-2012-11-28 (18-59-57).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 433262
Time elapsed: 36 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

MiniToolBox by Farbar Version: 25-11-2012
Ran by Kevin (administrator) on 29-11-2012 at 00:13:35
Running from "C:\Users\Kevin\Desktop"
Windows 7 Professional (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Desktopzilla
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cgocable.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cgocable.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 48-5B-39-36-1A-43
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::99b2:39d8:573b:4c9f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 28, 2012 8:16:50 AM
Lease Expires . . . . . . . . . . : Thursday, November 29, 2012 8:16:50 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 239622969
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-C4-1E-92-48-5B-39-36-1A-43
DNS Servers . . . . . . . . . . . : 24.226.1.93
24.226.10.193
24.226.10.194
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.cgocable.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cgocable.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:38a7:8b:2786:449b(Preferred)
Link-local IPv6 Address . . . . . : fe80::38a7:8b:2786:449b%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: ns3.cgocable.net
Address: 24.226.1.93

Name: google.com
Addresses: 2607:f8b0:400b:801::1007
74.125.226.32
74.125.226.46
74.125.226.39
74.125.226.37
74.125.226.35
74.125.226.38
74.125.226.36
74.125.226.40
74.125.226.41
74.125.226.33
74.125.226.34


Pinging google.com [74.125.226.36] with 32 bytes of data:
Reply from 74.125.226.36: bytes=32 time=15ms TTL=57
Reply from 74.125.226.36: bytes=32 time=12ms TTL=57

Ping statistics for 74.125.226.36:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 15ms, Average = 13ms
Server: ns3.cgocable.net
Address: 24.226.1.93

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=67ms TTL=44
Reply from 98.139.183.24: bytes=32 time=99ms TTL=44

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 67ms, Maximum = 99ms, Average = 83ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...48 5b 39 36 1a 43 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.100 276
192.168.0.100 255.255.255.255 On-link 192.168.0.100 276
192.168.0.255 255.255.255.255 On-link 192.168.0.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:9d38:6ab8:38a7:8b:2786:449b/128
On-link
11 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::38a7:8b:2786:449b/128
On-link
11 276 fe80::99b2:39d8:573b:4c9f/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/28/2012 03:06:39 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/28/2012 03:06:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/28/2012 02:47:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/28/2012 01:34:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/28/2012 01:33:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"1".
Dependent Assembly Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/27/2012 11:08:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/27/2012 11:08:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7600.16768, time stamp: 0x4d688122
Faulting module name: SHELL32.dll, version: 6.1.7600.17038, time stamp: 0x4fd2dd43
Exception code: 0xc0000005
Fault offset: 0x00000000000950c5
Faulting process id: 0x1388
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (11/27/2012 11:06:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (11/27/2012 11:05:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7600.16768, time stamp: 0x4d688122
Faulting module name: EXPLORERFRAME.dll, version: 6.1.7600.16623, time stamp: 0x4c258eef
Exception code: 0xc000041d
Fault offset: 0x00000000000290f2
Faulting process id: 0x7ec
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (11/27/2012 09:19:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.


System errors:
=============
Error: (11/27/2012 10:54:28 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/27/2012 10:54:28 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/27/2012 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (11/27/2012 10:54:03 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/27/2012 10:54:03 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (11/27/2012 10:54:01 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (11/27/2012 09:34:00 PM) (Source: Service Control Manager) (User: )
Description: The MSCamSvc service terminated unexpectedly. It has done this 1 time(s).

Error: (11/27/2012 09:21:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).

Error: (11/25/2012 11:06:32 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/24/2012 07:32:14 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (11/28/2012 03:06:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (11/28/2012 03:06:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (11/28/2012 02:47:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (11/28/2012 01:34:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/28/2012 01:33:56 AM) (Source: SideBySide)(User: )
Description: Native.XSplitBroadcaster.exe,type="win32",version="1.0.0.0"C:\Program Files (x86)\SplitMediaLabs\XSplit\XSplitBroadcasterSrc.exe

Error: (11/27/2012 11:08:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (11/27/2012 11:08:43 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7600.167684d688122SHELL32.dll6.1.7600.170384fd2dd43c000000500000000000950c5138801cdcd1dad84a9eeC:\Windows\explorer.exeC:\Windows\system32\SHELL32.dll4bf2c026-3911-11e2-8881-485b39361a43

Error: (11/27/2012 11:06:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe

Error: (11/27/2012 11:05:01 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7600.167684d688122EXPLORERFRAME.dll6.1.7600.166234c258eefc000041d00000000000290f27ec01cdcd1cc50ae4f7C:\Windows\Explorer.EXEC:\Windows\system32\EXPLORERFRAME.dllc7b10827-3910-11e2-8881-485b39361a43

Error: (11/27/2012 09:19:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\Kevin\Desktop\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

µTorrent (Version: 3.2.0)
7-Zip 9.20
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Reader XI (Version: 11.0.00)
Beyond Divinity
DAEMON Tools Lite (Version: 4.45.4.0315)
Divine Divinity
Episode1Beta
ESET Online Scanner v3
Guild Wars 2
Heroes of Newerth (Version: 2.3.0)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
JMicron JMB36X Driver (Version: 1.00.0000)
K-Lite Codec Pack 6.1.0 (Full) (Version: 6.1.0)
Katawa Shoujo
Legend of Grimrock
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
marvell 91xx driver (Version: 1.0.0.1036)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.60.253.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Application Compatibility Database
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 14.0.1468.721)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.19.0)
NewsLeecher v3.9 Final
Notepad++ (Version: 6.1.6)
NVIDIA 3D Vision Controller Driver 306.97 (Version: 306.97)
NVIDIA 3D Vision Driver 306.97 (Version: 306.97)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA PhysX (Version: 9.12.0613)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0697)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
OpenAL
PAYDAY: The Heist
Pidgin (Version: 2.10.6)
PlanetSide 2
Platform (Version: 1.34)
PS3 Media Server (Version: 1.60.0)
Razer Synapse 2.0 (Version: 1.4.13)
Rock of Ages
Skype™ 5.10 (Version: 5.10.116)
Steam (Version: 1.0.0.0)
Supercade (Version: 2.0.0.80)
Torchlight II
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
VIA Platform Device Manager (Version: 1.34)
VLC media player 2.0.3 (Version: 2.0.3)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
XSplit (Version: 1.1.1209.0601)

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 4087.05 MB
Available physical RAM: 1258.25 MB
Total Pagefile: 8172.25 MB
Available Pagefile: 3897.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.5 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.51 GB) (Free:742.46 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOPZILLA

Administrator Guest Kevin
UpdatusUser

========================= Restore Points ==================================

23-11-2012 11:39:00 Scheduled Checkpoint
24-11-2012 12:29:37 Installed DirectX
25-11-2012 15:33:01 Installed DirectX

**** End of log ****


Farbar Service Scanner Version: 09-11-2012
Ran by Kevin (administrator) on 29-11-2012 at 00:14:51
Running from "C:\Users\Kevin\Desktop"
Windows 7 Professional (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-08-20 11:57] - [2011-12-27 22:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-08-20 11:57] - [2012-03-30 06:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-08-20 11:59] - [2012-04-24 00:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v2.009 - Logfile created 11/29/2012 at 00:15:41
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Professional (64 bits)
# User : Kevin - DESKTOPZILLA
# Boot Mode : Normal
# Running from : C:\Users\Kevin\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default [Profil par défaut]
File : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\yxlb88xt.default\prefs.js

[OK] File is clean.

Profile name : Default User
File : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\hkfo5muc.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1001 octets] - [29/11/2012 00:15:41]
AdwCleaner[S1].txt - [1630 octets] - [06/09/2012 22:29:29]
AdwCleaner[S2].txt - [1190 octets] - [27/11/2012 22:52:38]

########## EOF - C:\AdwCleaner[R1].txt - [1181 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.6.1 (11.28.2012:5)
OS: Windows 7 Professional x64
Ran by Kevin on Thu 11/29/2012 at 0:17:09.97
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/29/2012 at 0:20:20.60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:45 AM

Posted 29 November 2012 - 05:39 AM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#8 Derpnik

Derpnik
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:45 AM

Posted 29 November 2012 - 11:32 AM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/29/2012 11:29:20 AM in x64 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/29/2012 11:29:35 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)


"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
"C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "pidgin.exe - Shortcut.lnk" "Pidgin" "The Pidgin developer community" "c:\program files (x86)\pidgin\pidgin.exe"
+ "PMS.exe - Shortcut.lnk" "PS3 Media Server" "PS3 Media Server" "c:\program files (x86)\ps3 media server\pms.exe"
+ "RzSynapse.exe - Shortcut.lnk" "Razer Synapse" "Razer USA Ltd" "c:\program files (x86)\razer\synapse\rzsynapse.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DAEMON Tools Lite" "DAEMON Tools Lite" "DT Soft Ltd" "c:\program files (x86)\daemon tools lite\dtlite.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
+ "Skype" "Skype " "Skype Technologies S.A." "c:\program files (x86)\skype\phone\skype.exe"
+ "Steam" "Steam" "Valve Corporation" "c:\program files (x86)\steam\steam.exe"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "ANotepad++64" "ShellHandler for Notepad++ (64 bit)" "" "c:\program files (x86)\notepad++\nppshell_05.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "WinRAR shell extension" "Alexander Roshal" "c:\program files\winrar\rarext32.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"Task Scheduler" "" "" ""
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MSCamSvc" "MsCamSvc.exe" "Microsoft Corporation" "c:\program files\microsoft lifecam\mscams64.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService" "NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server." "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe"
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files (x86)\skype\updater\updater.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "aswMBR" "" "" "File not found: C:\Users\Kevin\AppData\Local\Temp\aswMBR.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "dtsoftbus01" "DAEMON Tools Virtual Bus Driver" "DT Soft Ltd" "c:\windows\system32\drivers\dtsoftbus01.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "JRAID" "JMicron JMB36X RAID Driver" "JMicron Technology Corp." "c:\windows\system32\drivers\jraid.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "MTsensor" "ATK0110 ACPI Utility" "" "c:\windows\system32\drivers\asacpi.sys"
+ "mv91xx" "Marvell magni Windows Driver" "Marvell Semiconductor, Inc." "c:\windows\system32\drivers\mv91xx.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 306.97 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "rzudd" "Razer Rzudd Engine" "Razer USA Ltd" "c:\windows\system32\drivers\rzudd.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "VIAHdAudAddService" "VIA High Definition Audio Function Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viahduaa.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ac3acm" "AC-3 ACM Codec" "fccHandler" "c:\windows\syswow64\ac3acm.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "msacm.lameacm" "Lame MP3 codec engine" "http://www.mp3dev.org/" "c:\windows\syswow64\lameacm.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "VIDC.FFDS" "" "" "c:\windows\syswow64\ff_vfw.dll"
+ "VIDC.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "VIDC.YV12" "Helix YV12 YUV Codec" "www.helixcommunity.org" "c:\windows\syswow64\yv12vfw.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3File" "" "" "c:\program files (x86)\k-lite codec pack\filters\ac3file.ax"
+ "DC-Bass Source" "DirectShow™ Audio Decoder" "http://www.dsp-worx.de" "c:\program files (x86)\k-lite codec pack\filters\dcbasssource.ax"
+ "DirectVobSub" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "DirectVobSub (auto-loading version)" "VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth" "Gabest" "c:\program files (x86)\k-lite codec pack\filters\vsfilter.dll"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Audio Processor" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow DXVA Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow subtitles filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "ffdshow Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\program files (x86)\k-lite codec pack\ffdshow\ffdshow.ax"
+ "File Source (Monkey Audio)" "" "" "c:\program files (x86)\k-lite codec pack\filters\monkeysource.ax"
+ "Haali Matroska Muxer" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Media Splitter (AR)" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Simple Media Splitter" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "Haali Video Renderer" "" "" "c:\program files (x86)\k-lite codec pack\filters\haali\dxr.dll"
+ "Haali Video Sink" "Haali Media Splitter" "" "c:\program files (x86)\k-lite codec pack\filters\haali\splitter.ax"
+ "madFlac Decoder" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "madFlac Source" "DirectShow FLAC Decoder" "www.madshi.net" "c:\program files (x86)\k-lite codec pack\filters\madflac.ax"
+ "MONOGRAM AMR Decoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Encoder" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Mux" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM AMR Splitter" "AMR Filter Pack" "MONOGRAM Multimedia, s.r.o." "c:\program files (x86)\k-lite codec pack\filters\mmamr.ax"
+ "MONOGRAM Musepack Decoder" "mmmpcdec" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdec.ax"
+ "MONOGRAM Musepack Splitter" "mmmpcdmx" "" "c:\program files (x86)\k-lite codec pack\filters\mmmpcdmx.ax"
+ "MPC - FLV Source (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - FLV Splitter (Gabest)" "FLV Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\flvsplitter.ax"
+ "MPC - MP4 Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MP4 Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - Mpeg Source (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - Mpeg Splitter (Gabest)" "Mpeg Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mpegsplitter.ax"
+ "MPC - MPEG4 Video Source" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "MPC - MPEG4 Video Splitter" "MP4 Splitter" "MPC-HC Team" "c:\program files (x86)\k-lite codec pack\filters\mp4splitter.ax"
+ "T" "VP7 Decompression Filter" "On2.com Inc." "c:\program files (x86)\k-lite codec pack\filters\vp7dec.ax"
+ "VHAudioGain" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHCropResize" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHDeinterlace" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHFrameRateConv" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHMixerSource" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHMultiReader" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHMultiWriter" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHSplitProcSource" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHYV12Decoder" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "VHYV12Encoder" "VHMediaLib COM implementation" "SplitmediaLabs Limited" "c:\program files (x86)\splitmedialabs\xsplit\vhmediacom.dll"
+ "WavPack Audio Decoder" "WavPack Audio DirectShow Decoder" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdsdecoder.ax"
+ "WavPack Audio Splitter" "WavPack Audio DirectShow Splitter" "-" "c:\program files (x86)\k-lite codec pack\filters\wavpackdssplitter.ax"
+ "WebM VP8 Decoder Filter" "WebM VP8 Decoder Filter" "Google" "c:\program files (x86)\k-lite codec pack\filters\vp8decoder.dll"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:45 AM

Posted 29 November 2012 - 06:24 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users