I use avira and keep getting an alert about the TR/ATRAPS.Gen2 virus. I have tried quarantining and deleting and it keeps coming back. I also used malwarebytes, but it still keeps on coming back.
Any ideas?
Thanks
Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
TR/ATRAPS.Gen2
Started by
tri21
, Jul 18 2012 12:47 AM
14 replies to this topic
Back to top- BC Ads
- BleepingComputer.com
#2
narenxp
-
- BC Advisor
-
- 16,365 posts
Forum Addict
- Gender:Male
- Location:India
Posted 18 July 2012 - 12:50 AM
Download
TDSSkiller
Launch it.Click on change parameters-Select TDLFS file system
Click on "Scan".Please post the LOG report(log file should be in your C drive)
Download
aswMBR
Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log
Post the log results here
Download
ESET online scanner
Install it
Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats
Export the list to desktop,copy the contents of the text file in your reply
TDSSkiller
Launch it.Click on change parameters-Select TDLFS file system
Click on "Scan".Please post the LOG report(log file should be in your C drive)
Download
aswMBR
Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log
Post the log results here
Download
ESET online scanner
Install it
Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats
Export the list to desktop,copy the contents of the text file in your reply
#3
tri21
-
- Members
-
- 8 posts
New Member
Posted 18 July 2012 - 01:20 AM
TDDSkiller Log:
aswMBR log:
Last one is scanning atm
15:51:45.0988 0536 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 15:51:46.0738 0536 ============================================================ 15:51:46.0738 0536 Current date / time: 2012/07/18 15:51:46.0738 15:51:46.0738 0536 SystemInfo: 15:51:46.0738 0536 15:51:46.0738 0536 OS Version: 6.1.7600 ServicePack: 0.0 15:51:46.0738 0536 Product type: Workstation 15:51:46.0738 0536 ComputerName: NICK-NOTEBOOK 15:51:46.0739 0536 UserName: Nick 15:51:46.0739 0536 Windows directory: C:\Windows 15:51:46.0739 0536 System windows directory: C:\Windows 15:51:46.0739 0536 Running under WOW64 15:51:46.0739 0536 Processor architecture: Intel x64 15:51:46.0739 0536 Number of processors: 8 15:51:46.0739 0536 Page size: 0x1000 15:51:46.0739 0536 Boot type: Normal boot 15:51:46.0739 0536 ============================================================ 15:51:47.0321 0536 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:51:47.0325 0536 ============================================================ 15:51:47.0325 0536 \Device\Harddisk0\DR0: 15:51:47.0326 0536 MBR partitions: 15:51:47.0326 0536 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0x15D50510 15:51:47.0343 0536 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1884A800, BlocksNum 0x3ECFB000 15:51:47.0343 0536 ============================================================ 15:51:47.0397 0536 C: <-> \Device\Harddisk0\DR0\Partition0 15:51:47.0433 0536 D: <-> \Device\Harddisk0\DR0\Partition1 15:51:47.0433 0536 ============================================================ 15:51:47.0433 0536 Initialize success 15:51:47.0433 0536 ============================================================ 15:51:50.0256 0496 ============================================================ 15:51:50.0256 0496 Scan started 15:51:50.0256 0496 Mode: Manual; 15:51:50.0256 0496 ============================================================ 15:51:53.0242 0496 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 15:51:53.0272 0496 1394ohci - ok 15:51:53.0342 0496 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 15:51:53.0345 0496 ACPI - ok 15:51:53.0397 0496 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 15:51:53.0400 0496 AcpiPmi - ok 15:51:53.0482 0496 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 15:51:53.0533 0496 adp94xx - ok 15:51:53.0626 0496 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 15:51:53.0667 0496 adpahci - ok 15:51:53.0705 0496 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 15:51:53.0735 0496 adpu320 - ok 15:51:53.0814 0496 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 15:51:53.0818 0496 AeLookupSvc - ok 15:51:53.0888 0496 AFBAgent (079cba3c5c9ab11b2b4e6bd729a860f2) C:\Windows\system32\FBAgent.exe 15:51:53.0896 0496 AFBAgent - ok 15:51:54.0031 0496 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys 15:51:54.0065 0496 AFD - ok 15:51:54.0122 0496 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 15:51:54.0127 0496 agp440 - ok 15:51:54.0163 0496 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 15:51:54.0164 0496 ALG - ok 15:51:54.0194 0496 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 15:51:54.0197 0496 aliide - ok 15:51:54.0205 0496 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 15:51:54.0208 0496 amdide - ok 15:51:54.0237 0496 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 15:51:54.0242 0496 AmdK8 - ok 15:51:54.0267 0496 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 15:51:54.0273 0496 AmdPPM - ok 15:51:54.0310 0496 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys 15:51:54.0335 0496 amdsata - ok 15:51:54.0388 0496 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 15:51:54.0419 0496 amdsbs - ok 15:51:54.0482 0496 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys 15:51:54.0485 0496 amdxata - ok 15:51:54.0622 0496 AntiVirMailService (312eba7b8fbdb2570c8d0c911c35ef2c) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe 15:51:54.0624 0496 AntiVirMailService - ok 15:51:54.0691 0496 AntiVirSchedulerService (697010baa012bf4fc8ec64b35e446b1c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:51:54.0692 0496 AntiVirSchedulerService - ok 15:51:54.0734 0496 AntiVirService (82101c790e8e488a4c0b2a6465942b6f) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:51:54.0735 0496 AntiVirService - ok 15:51:54.0790 0496 AntiVirWebService (211659cc0826c43cade17754d51d7c6a) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE 15:51:54.0792 0496 AntiVirWebService - ok 15:51:54.0868 0496 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 15:51:54.0873 0496 AppID - ok 15:51:54.0907 0496 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 15:51:54.0912 0496 AppIDSvc - ok 15:51:54.0933 0496 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll 15:51:54.0937 0496 Appinfo - ok 15:51:55.0046 0496 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:51:55.0047 0496 Apple Mobile Device - ok 15:51:55.0097 0496 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 15:51:55.0102 0496 arc - ok 15:51:55.0118 0496 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 15:51:55.0123 0496 arcsas - ok 15:51:55.0189 0496 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe 15:51:55.0190 0496 ASLDRService - ok 15:51:55.0206 0496 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 15:51:55.0208 0496 ASMMAP64 - ok 15:51:55.0295 0496 aspnet_state - ok 15:51:55.0331 0496 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 15:51:55.0336 0496 AsyncMac - ok 15:51:55.0369 0496 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 15:51:55.0372 0496 atapi - ok 15:51:55.0399 0496 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\Windows\system32\DRIVERS\btath_flt.sys 15:51:55.0402 0496 AthBTPort - ok 15:51:55.0467 0496 Atheros Bt&Wlan Coex Agent (a6307f356d778e18a76e7783ef98c6aa) C:\Program Files (x86)\Atheros\Ath_CoexAgent.exe 15:51:55.0468 0496 Atheros Bt&Wlan Coex Agent - ok 15:51:55.0506 0496 AtherosSvc (749ff240dedafaff94288e0307104df3) C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe 15:51:55.0507 0496 AtherosSvc - ok 15:51:55.0754 0496 athr (b4174564ad5834a1680610572477878c) C:\Windows\system32\DRIVERS\athrx.sys 15:51:55.0842 0496 athr - ok 15:51:55.0948 0496 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe 15:51:55.0949 0496 ATKGFNEXSrv - ok 15:51:55.0972 0496 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 15:51:55.0975 0496 ATKWMIACPIIO - ok 15:51:56.0152 0496 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 15:51:56.0163 0496 AudioEndpointBuilder - ok 15:51:56.0168 0496 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll 15:51:56.0171 0496 AudioSrv - ok 15:51:56.0246 0496 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 15:51:56.0250 0496 avgntflt - ok 15:51:56.0307 0496 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 15:51:56.0312 0496 avipbb - ok 15:51:56.0377 0496 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 15:51:56.0380 0496 avkmgr - ok 15:51:56.0423 0496 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll 15:51:56.0429 0496 AxInstSV - ok 15:51:56.0541 0496 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 15:51:56.0608 0496 b06bdrv - ok 15:51:56.0751 0496 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 15:51:56.0778 0496 b57nd60a - ok 15:51:56.0849 0496 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 15:51:56.0854 0496 BDESVC - ok 15:51:56.0916 0496 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 15:51:56.0918 0496 Beep - ok 15:51:57.0033 0496 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll 15:51:57.0042 0496 BITS - ok 15:51:57.0089 0496 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 15:51:57.0094 0496 blbdrive - ok 15:51:57.0201 0496 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 15:51:57.0203 0496 Bonjour Service - ok 15:51:57.0278 0496 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys 15:51:57.0283 0496 bowser - ok 15:51:57.0319 0496 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:51:57.0322 0496 BrFiltLo - ok 15:51:57.0337 0496 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:51:57.0340 0496 BrFiltUp - ok 15:51:57.0409 0496 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll 15:51:57.0414 0496 Browser - ok 15:51:57.0502 0496 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 15:51:57.0527 0496 Brserid - ok 15:51:57.0602 0496 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 15:51:57.0606 0496 BrSerWdm - ok 15:51:57.0624 0496 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 15:51:57.0627 0496 BrUsbMdm - ok 15:51:57.0642 0496 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 15:51:57.0644 0496 BrUsbSer - ok 15:51:57.0702 0496 BTATH_A2DP (227c8f308de4af4808e587465ceab838) C:\Windows\system32\drivers\btath_a2dp.sys 15:51:57.0707 0496 BTATH_A2DP - ok 15:51:57.0767 0496 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\Windows\system32\DRIVERS\btath_bus.sys 15:51:57.0768 0496 BTATH_BUS - ok 15:51:57.0805 0496 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\Windows\system32\DRIVERS\btath_hcrp.sys 15:51:57.0809 0496 BTATH_HCRP - ok 15:51:57.0824 0496 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\Windows\system32\DRIVERS\btath_lwflt.sys 15:51:57.0827 0496 BTATH_LWFLT - ok 15:51:57.0860 0496 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\Windows\system32\DRIVERS\btath_rcp.sys 15:51:57.0864 0496 BTATH_RCP - ok 15:51:57.0904 0496 BtFilter (486720da2b3bb13d1080c83140c18b56) C:\Windows\system32\DRIVERS\btfilter.sys 15:51:57.0906 0496 BtFilter - ok 15:51:57.0955 0496 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 15:51:57.0959 0496 BthEnum - ok 15:51:58.0002 0496 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 15:51:58.0007 0496 BTHMODEM - ok 15:51:58.0036 0496 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 15:51:58.0037 0496 BthPan - ok 15:51:58.0098 0496 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys 15:51:58.0123 0496 BTHPORT - ok 15:51:58.0178 0496 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 15:51:58.0182 0496 bthserv - ok 15:51:58.0203 0496 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys 15:51:58.0208 0496 BTHUSB - ok 15:51:58.0259 0496 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 15:51:58.0264 0496 cdfs - ok 15:51:58.0305 0496 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 15:51:58.0328 0496 cdrom - ok 15:51:58.0379 0496 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 15:51:58.0383 0496 CertPropSvc - ok 15:51:58.0407 0496 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 15:51:58.0412 0496 circlass - ok 15:51:58.0468 0496 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 15:51:58.0479 0496 CLFS - ok 15:51:58.0624 0496 CLKMSVC10_38F51D56 (fe1c81a049e5c5d67c4ab7c31c899f6f) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe 15:51:58.0626 0496 CLKMSVC10_38F51D56 - ok 15:51:58.0717 0496 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:51:58.0717 0496 clr_optimization_v2.0.50727_32 - ok 15:51:58.0763 0496 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:51:58.0764 0496 clr_optimization_v2.0.50727_64 - ok 15:51:58.0847 0496 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:51:58.0848 0496 clr_optimization_v4.0.30319_32 - ok 15:51:58.0898 0496 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:51:58.0913 0496 clr_optimization_v4.0.30319_64 - ok 15:51:59.0060 0496 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 15:51:59.0063 0496 CmBatt - ok 15:51:59.0080 0496 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 15:51:59.0083 0496 cmdide - ok 15:51:59.0178 0496 CNG (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys 15:51:59.0190 0496 CNG - ok 15:51:59.0210 0496 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 15:51:59.0213 0496 Compbatt - ok 15:51:59.0244 0496 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 15:51:59.0248 0496 CompositeBus - ok 15:51:59.0255 0496 COMSysApp - ok 15:51:59.0274 0496 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 15:51:59.0279 0496 crcdisk - ok 15:51:59.0329 0496 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll 15:51:59.0335 0496 CryptSvc - ok 15:51:59.0386 0496 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys 15:51:59.0390 0496 dc3d - ok 15:51:59.0489 0496 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 15:51:59.0494 0496 DcomLaunch - ok 15:51:59.0551 0496 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 15:51:59.0574 0496 defragsvc - ok 15:51:59.0613 0496 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys 15:51:59.0618 0496 DfsC - ok 15:51:59.0665 0496 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll 15:51:59.0673 0496 Dhcp - ok 15:51:59.0696 0496 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 15:51:59.0700 0496 discache - ok 15:51:59.0731 0496 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 15:51:59.0736 0496 Disk - ok 15:51:59.0778 0496 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll 15:51:59.0785 0496 Dnscache - ok 15:51:59.0826 0496 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll 15:51:59.0854 0496 dot3svc - ok 15:51:59.0887 0496 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll 15:51:59.0888 0496 DPS - ok 15:51:59.0913 0496 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 15:51:59.0915 0496 drmkaud - ok 15:51:59.0977 0496 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 15:51:59.0979 0496 dtsoftbus01 - ok 15:52:00.0129 0496 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys 15:52:00.0138 0496 DXGKrnl - ok 15:52:00.0161 0496 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 15:52:00.0162 0496 EapHost - ok 15:52:00.0422 0496 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 15:52:00.0547 0496 ebdrv - ok 15:52:00.0697 0496 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe 15:52:00.0698 0496 EFS - ok 15:52:00.0800 0496 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe 15:52:00.0806 0496 ehRecvr - ok 15:52:00.0834 0496 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 15:52:00.0835 0496 ehSched - ok 15:52:00.0972 0496 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 15:52:00.0999 0496 elxstor - ok 15:52:01.0015 0496 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 15:52:01.0018 0496 ErrDev - ok 15:52:01.0079 0496 ETD (05b0dcda418e297a1b4cd8d7b8ade403) C:\Windows\system32\DRIVERS\ETD.sys 15:52:01.0100 0496 ETD - ok 15:52:01.0160 0496 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 15:52:01.0169 0496 EventSystem - ok 15:52:01.0217 0496 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 15:52:01.0246 0496 exfat - ok 15:52:01.0282 0496 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 15:52:01.0310 0496 fastfat - ok 15:52:01.0402 0496 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe 15:52:01.0408 0496 Fax - ok 15:52:01.0437 0496 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 15:52:01.0441 0496 fdc - ok 15:52:01.0454 0496 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 15:52:01.0456 0496 fdPHost - ok 15:52:01.0471 0496 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 15:52:01.0474 0496 FDResPub - ok 15:52:01.0495 0496 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 15:52:01.0499 0496 FileInfo - ok 15:52:01.0516 0496 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 15:52:01.0520 0496 Filetrace - ok 15:52:01.0551 0496 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 15:52:01.0554 0496 flpydisk - ok 15:52:01.0600 0496 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 15:52:01.0610 0496 FltMgr - ok 15:52:01.0676 0496 FLxHCIc (d0adbcf2a5316d23ef67dfaa02d5d544) C:\Windows\system32\DRIVERS\FLxHCIc.sys 15:52:01.0704 0496 FLxHCIc - ok 15:52:01.0745 0496 FLxHCIh (f9b6db9727ad2f14ecf84e43eb5279f7) C:\Windows\system32\DRIVERS\FLxHCIh.sys 15:52:01.0750 0496 FLxHCIh - ok 15:52:01.0879 0496 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll 15:52:01.0892 0496 FontCache - ok 15:52:01.0980 0496 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:52:01.0981 0496 FontCache3.0.0.0 - ok 15:52:02.0019 0496 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 15:52:02.0024 0496 FsDepends - ok 15:52:02.0078 0496 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 15:52:02.0083 0496 fssfltr - ok 15:52:02.0330 0496 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 15:52:02.0343 0496 fsssvc - ok 15:52:02.0504 0496 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys 15:52:02.0507 0496 Fs_Rec - ok 15:52:02.0574 0496 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys 15:52:02.0586 0496 fvevol - ok 15:52:02.0622 0496 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 15:52:02.0627 0496 gagp30kx - ok 15:52:02.0685 0496 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:52:02.0688 0496 GEARAspiWDM - ok 15:52:02.0769 0496 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll 15:52:02.0781 0496 gpsvc - ok 15:52:02.0870 0496 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:52:02.0871 0496 gupdate - ok 15:52:02.0928 0496 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:52:02.0928 0496 gupdatem - ok 15:52:02.0962 0496 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 15:52:02.0963 0496 gusvc - ok 15:52:03.0003 0496 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys 15:52:03.0006 0496 hamachi - ok 15:52:03.0260 0496 Hamachi2Svc (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 15:52:03.0308 0496 Hamachi2Svc - ok 15:52:03.0479 0496 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 15:52:03.0483 0496 hcw85cir - ok 15:52:03.0550 0496 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 15:52:03.0580 0496 HdAudAddService - ok 15:52:03.0630 0496 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 15:52:03.0631 0496 HDAudBus - ok 15:52:03.0646 0496 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 15:52:03.0650 0496 HidBatt - ok 15:52:03.0677 0496 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 15:52:03.0682 0496 HidBth - ok 15:52:03.0716 0496 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 15:52:03.0721 0496 HidIr - ok 15:52:03.0755 0496 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 15:52:03.0759 0496 hidserv - ok 15:52:03.0770 0496 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 15:52:03.0774 0496 HidUsb - ok 15:52:03.0837 0496 HiPatchService (7388756bc5f9fe857c400e340b878af2) D:\Tribes Ascend\HiPatchService.exe 15:52:03.0838 0496 HiPatchService - ok 15:52:03.0880 0496 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll 15:52:03.0884 0496 hkmsvc - ok 15:52:03.0916 0496 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll 15:52:03.0919 0496 HomeGroupListener - ok 15:52:03.0968 0496 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll 15:52:03.0975 0496 HomeGroupProvider - ok 15:52:04.0071 0496 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 15:52:04.0076 0496 HpSAMD - ok 15:52:04.0163 0496 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 15:52:04.0170 0496 HTTP - ok 15:52:04.0217 0496 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 15:52:04.0219 0496 hwpolicy - ok 15:52:04.0256 0496 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 15:52:04.0262 0496 i8042prt - ok 15:52:04.0369 0496 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys 15:52:04.0371 0496 iaStor - ok 15:52:04.0449 0496 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys 15:52:04.0481 0496 iaStorV - ok 15:52:04.0641 0496 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:52:04.0648 0496 idsvc - ok 15:52:05.0339 0496 igfx (0ac9e321d604be48a0d72b69ba484bdc) C:\Windows\system32\DRIVERS\igdkmd64.sys 15:52:05.0623 0496 igfx - ok 15:52:05.0788 0496 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 15:52:05.0792 0496 iirsp - ok 15:52:05.0908 0496 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll 15:52:05.0921 0496 IKEEXT - ok 15:52:06.0161 0496 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys 15:52:06.0178 0496 IntcAzAudAddService - ok 15:52:06.0383 0496 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 15:52:06.0413 0496 IntcDAud - ok 15:52:06.0453 0496 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 15:52:06.0456 0496 intelide - ok 15:52:06.0495 0496 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 15:52:06.0496 0496 intelppm - ok 15:52:06.0552 0496 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 15:52:06.0559 0496 IPBusEnum - ok 15:52:06.0580 0496 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:52:06.0584 0496 IpFilterDriver - ok 15:52:06.0606 0496 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 15:52:06.0611 0496 IPMIDRV - ok 15:52:06.0655 0496 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 15:52:06.0679 0496 IPNAT - ok 15:52:06.0841 0496 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 15:52:06.0846 0496 iPod Service - ok 15:52:06.0874 0496 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 15:52:06.0877 0496 IRENUM - ok 15:52:06.0908 0496 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 15:52:06.0912 0496 isapnp - ok 15:52:06.0953 0496 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 15:52:06.0981 0496 iScsiPrt - ok 15:52:07.0014 0496 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 15:52:07.0018 0496 kbdclass - ok 15:52:07.0030 0496 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 15:52:07.0034 0496 kbdhid - ok 15:52:07.0079 0496 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 15:52:07.0081 0496 kbfiltr - ok 15:52:07.0109 0496 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 15:52:07.0110 0496 KeyIso - ok 15:52:07.0160 0496 KSecDD (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys 15:52:07.0165 0496 KSecDD - ok 15:52:07.0195 0496 KSecPkg (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys 15:52:07.0202 0496 KSecPkg - ok 15:52:07.0217 0496 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 15:52:07.0220 0496 ksthunk - ok 15:52:07.0288 0496 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 15:52:07.0317 0496 KtmRm - ok 15:52:07.0389 0496 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll 15:52:07.0396 0496 LanmanServer - ok 15:52:07.0421 0496 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll 15:52:07.0423 0496 LanmanWorkstation - ok 15:52:07.0460 0496 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 15:52:07.0465 0496 lltdio - ok 15:52:07.0518 0496 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 15:52:07.0542 0496 lltdsvc - ok 15:52:07.0569 0496 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 15:52:07.0574 0496 lmhosts - ok 15:52:07.0709 0496 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 15:52:07.0711 0496 LMS - ok 15:52:07.0774 0496 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 15:52:07.0798 0496 LSI_FC - ok 15:52:07.0822 0496 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 15:52:07.0828 0496 LSI_SAS - ok 15:52:07.0844 0496 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:52:07.0849 0496 LSI_SAS2 - ok 15:52:07.0883 0496 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:52:07.0907 0496 LSI_SCSI - ok 15:52:07.0946 0496 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 15:52:07.0952 0496 luafv - ok 15:52:07.0985 0496 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll 15:52:07.0991 0496 Mcx2Svc - ok 15:52:08.0009 0496 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 15:52:08.0014 0496 megasas - ok 15:52:08.0054 0496 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 15:52:08.0081 0496 MegaSR - ok 15:52:08.0113 0496 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys 15:52:08.0116 0496 MEIx64 - ok 15:52:08.0134 0496 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:52:08.0136 0496 MMCSS - ok 15:52:08.0150 0496 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 15:52:08.0154 0496 Modem - ok 15:52:08.0179 0496 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 15:52:08.0180 0496 monitor - ok 15:52:08.0219 0496 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 15:52:08.0223 0496 mouclass - ok 15:52:08.0254 0496 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 15:52:08.0258 0496 mouhid - ok 15:52:08.0296 0496 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 15:52:08.0302 0496 mountmgr - ok 15:52:08.0447 0496 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 15:52:08.0448 0496 MozillaMaintenance - ok 15:52:08.0474 0496 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 15:52:08.0499 0496 mpio - ok 15:52:08.0562 0496 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 15:52:08.0567 0496 mpsdrv - ok 15:52:08.0593 0496 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 15:52:08.0616 0496 MRxDAV - ok 15:52:08.0694 0496 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys 15:52:08.0737 0496 mrxsmb - ok 15:52:08.0820 0496 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:52:08.0843 0496 mrxsmb10 - ok 15:52:08.0865 0496 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:52:08.0888 0496 mrxsmb20 - ok 15:52:08.0903 0496 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 15:52:08.0906 0496 msahci - ok 15:52:08.0937 0496 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 15:52:08.0960 0496 msdsm - ok 15:52:09.0002 0496 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 15:52:09.0004 0496 MSDTC - ok 15:52:09.0027 0496 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 15:52:09.0030 0496 Msfs - ok 15:52:09.0058 0496 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 15:52:09.0060 0496 mshidkmdf - ok 15:52:09.0076 0496 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 15:52:09.0078 0496 msisadrv - ok 15:52:09.0121 0496 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 15:52:09.0142 0496 MSiSCSI - ok 15:52:09.0144 0496 msiserver - ok 15:52:09.0162 0496 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 15:52:09.0165 0496 MSKSSRV - ok 15:52:09.0181 0496 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 15:52:09.0184 0496 MSPCLOCK - ok 15:52:09.0201 0496 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 15:52:09.0204 0496 MSPQM - ok 15:52:09.0253 0496 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 15:52:09.0262 0496 MsRPC - ok 15:52:09.0277 0496 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 15:52:09.0278 0496 mssmbios - ok 15:52:09.0294 0496 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 15:52:09.0297 0496 MSTEE - ok 15:52:09.0307 0496 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 15:52:09.0310 0496 MTConfig - ok 15:52:09.0336 0496 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 15:52:09.0340 0496 Mup - ok 15:52:09.0417 0496 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll 15:52:09.0426 0496 napagent - ok 15:52:09.0480 0496 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 15:52:09.0505 0496 NativeWifiP - ok 15:52:09.0623 0496 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 15:52:09.0630 0496 NDIS - ok 15:52:09.0654 0496 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 15:52:09.0658 0496 NdisCap - ok 15:52:09.0705 0496 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 15:52:09.0708 0496 NdisTapi - ok 15:52:09.0725 0496 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 15:52:09.0730 0496 Ndisuio - ok 15:52:09.0755 0496 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 15:52:09.0776 0496 NdisWan - ok 15:52:09.0810 0496 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 15:52:09.0814 0496 NDProxy - ok 15:52:09.0819 0496 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 15:52:09.0823 0496 NetBIOS - ok 15:52:09.0859 0496 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 15:52:09.0885 0496 NetBT - ok 15:52:09.0919 0496 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 15:52:09.0920 0496 Netlogon - ok 15:52:09.0993 0496 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 15:52:09.0997 0496 Netman - ok 15:52:10.0123 0496 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:52:10.0124 0496 NetMsmqActivator - ok 15:52:10.0127 0496 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:52:10.0128 0496 NetPipeActivator - ok 15:52:10.0219 0496 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 15:52:10.0230 0496 netprofm - ok 15:52:10.0232 0496 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:52:10.0233 0496 NetTcpActivator - ok 15:52:10.0236 0496 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:52:10.0236 0496 NetTcpPortSharing - ok 15:52:10.0319 0496 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 15:52:10.0325 0496 nfrd960 - ok 15:52:10.0387 0496 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll 15:52:10.0391 0496 NlaSvc - ok 15:52:10.0409 0496 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 15:52:10.0413 0496 Npfs - ok 15:52:10.0424 0496 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 15:52:10.0425 0496 nsi - ok 15:52:10.0443 0496 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 15:52:10.0447 0496 nsiproxy - ok 15:52:10.0667 0496 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys 15:52:10.0707 0496 Ntfs - ok 15:52:10.0872 0496 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys 15:52:10.0875 0496 NuidFltr - ok 15:52:10.0902 0496 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 15:52:10.0904 0496 Null - ok 15:52:11.0629 0496 nvlddmkm (4fb60f36d13eabe95ce60a0d97d1a022) C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:52:11.0693 0496 nvlddmkm - ok 15:52:11.0790 0496 nvpciflt (8952d53483f690bcce3d51654afe0892) C:\Windows\system32\DRIVERS\nvpciflt.sys 15:52:11.0792 0496 nvpciflt - ok 15:52:11.0850 0496 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys 15:52:11.0871 0496 nvraid - ok 15:52:11.0907 0496 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys 15:52:11.0928 0496 nvstor - ok 15:52:12.0051 0496 NVSvc (6eadb29447941304ceecc7270892f572) C:\Windows\system32\nvvsvc.exe 15:52:12.0057 0496 NVSvc - ok 15:52:12.0309 0496 nvUpdatusService (7e0780027dd61424655c1a44ddc94686) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 15:52:12.0354 0496 nvUpdatusService - ok 15:52:12.0501 0496 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 15:52:12.0507 0496 nv_agp - ok 15:52:12.0524 0496 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 15:52:12.0529 0496 ohci1394 - ok 15:52:12.0592 0496 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:52:12.0599 0496 p2pimsvc - ok 15:52:12.0645 0496 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 15:52:12.0678 0496 p2psvc - ok 15:52:12.0709 0496 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 15:52:12.0714 0496 Parport - ok 15:52:12.0753 0496 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys 15:52:12.0758 0496 partmgr - ok 15:52:12.0790 0496 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 15:52:12.0797 0496 PcaSvc - ok 15:52:12.0824 0496 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 15:52:12.0831 0496 pci - ok 15:52:12.0854 0496 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 15:52:12.0856 0496 pciide - ok 15:52:12.0893 0496 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 15:52:12.0922 0496 pcmcia - ok 15:52:12.0944 0496 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 15:52:12.0947 0496 pcw - ok 15:52:13.0015 0496 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 15:52:13.0047 0496 PEAUTH - ok 15:52:13.0142 0496 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 15:52:13.0143 0496 PerfHost - ok 15:52:13.0317 0496 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll 15:52:13.0385 0496 pla - ok 15:52:13.0462 0496 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll 15:52:13.0472 0496 PlugPlay - ok 15:52:13.0493 0496 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 15:52:13.0498 0496 PNRPAutoReg - ok 15:52:13.0547 0496 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 15:52:13.0549 0496 PNRPsvc - ok 15:52:13.0596 0496 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 15:52:13.0599 0496 Point64 - ok 15:52:13.0680 0496 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll 15:52:13.0714 0496 PolicyAgent - ok 15:52:13.0766 0496 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 15:52:13.0772 0496 Power - ok 15:52:13.0820 0496 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 15:52:13.0844 0496 PptpMiniport - ok 15:52:13.0864 0496 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 15:52:13.0869 0496 Processor - ok 15:52:13.0928 0496 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll 15:52:13.0932 0496 ProfSvc - ok 15:52:13.0963 0496 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 15:52:13.0964 0496 ProtectedStorage - ok 15:52:13.0993 0496 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 15:52:14.0000 0496 Psched - ok 15:52:14.0166 0496 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 15:52:14.0235 0496 ql2300 - ok 15:52:14.0403 0496 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 15:52:14.0404 0496 ql40xx - ok 15:52:14.0455 0496 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 15:52:14.0462 0496 QWAVE - ok 15:52:14.0481 0496 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 15:52:14.0485 0496 QWAVEdrv - ok 15:52:14.0502 0496 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 15:52:14.0505 0496 RasAcd - ok 15:52:14.0545 0496 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 15:52:14.0549 0496 RasAgileVpn - ok 15:52:14.0577 0496 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 15:52:14.0583 0496 RasAuto - ok 15:52:14.0610 0496 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 15:52:14.0633 0496 Rasl2tp - ok 15:52:14.0687 0496 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll 15:52:14.0717 0496 RasMan - ok 15:52:14.0740 0496 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 15:52:14.0745 0496 RasPppoe - ok 15:52:14.0769 0496 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 15:52:14.0774 0496 RasSstp - ok 15:52:14.0820 0496 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 15:52:14.0842 0496 rdbss - ok 15:52:14.0860 0496 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 15:52:14.0864 0496 rdpbus - ok 15:52:14.0912 0496 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 15:52:14.0914 0496 RDPCDD - ok 15:52:14.0924 0496 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 15:52:14.0927 0496 RDPENCDD - ok 15:52:14.0944 0496 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 15:52:14.0944 0496 RDPREFMP - ok 15:52:14.0997 0496 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys 15:52:15.0026 0496 RDPWD - ok 15:52:15.0072 0496 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys 15:52:15.0079 0496 rdyboost - ok 15:52:15.0128 0496 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 15:52:15.0133 0496 RemoteAccess - ok 15:52:15.0173 0496 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 15:52:15.0195 0496 RemoteRegistry - ok 15:52:15.0228 0496 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 15:52:15.0249 0496 RFCOMM - ok 15:52:15.0377 0496 RichVideo (616f6e52cae254727a886ba8eda1beea) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 15:52:15.0379 0496 RichVideo - ok 15:52:15.0394 0496 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 15:52:15.0399 0496 RpcEptMapper - ok 15:52:15.0431 0496 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 15:52:15.0432 0496 RpcLocator - ok 15:52:15.0517 0496 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll 15:52:15.0521 0496 RpcSs - ok 15:52:15.0564 0496 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 15:52:15.0569 0496 rspndr - ok 15:52:15.0645 0496 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys 15:52:15.0650 0496 RTL8167 - ok 15:52:15.0674 0496 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 15:52:15.0676 0496 SamSs - ok 15:52:15.0710 0496 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 15:52:15.0716 0496 sbp2port - ok 15:52:15.0770 0496 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 15:52:15.0801 0496 SCardSvr - ok 15:52:15.0816 0496 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 15:52:15.0821 0496 scfilter - ok 15:52:15.0923 0496 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll 15:52:15.0982 0496 Schedule - ok 15:52:16.0046 0496 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll 15:52:16.0047 0496 SCPolicySvc - ok 15:52:16.0076 0496 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll 15:52:16.0109 0496 SDRSVC - ok 15:52:16.0213 0496 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 15:52:16.0215 0496 SeaPort - ok 15:52:16.0278 0496 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 15:52:16.0282 0496 secdrv - ok 15:52:16.0308 0496 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll 15:52:16.0312 0496 seclogon - ok 15:52:16.0339 0496 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 15:52:16.0341 0496 SENS - ok 15:52:16.0361 0496 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 15:52:16.0366 0496 SensrSvc - ok 15:52:16.0390 0496 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 15:52:16.0394 0496 Serenum - ok 15:52:16.0426 0496 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 15:52:16.0431 0496 Serial - ok 15:52:16.0458 0496 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 15:52:16.0461 0496 sermouse - ok 15:52:16.0489 0496 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll 15:52:16.0495 0496 SessionEnv - ok 15:52:16.0509 0496 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 15:52:16.0511 0496 sffdisk - ok 15:52:16.0527 0496 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 15:52:16.0530 0496 sffp_mmc - ok 15:52:16.0543 0496 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys 15:52:16.0546 0496 sffp_sd - ok 15:52:16.0565 0496 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 15:52:16.0568 0496 sfloppy - ok 15:52:16.0622 0496 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll 15:52:16.0629 0496 ShellHWDetection - ok 15:52:16.0653 0496 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 15:52:16.0657 0496 SiSGbeLH - ok 15:52:16.0697 0496 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:52:16.0702 0496 SiSRaid2 - ok 15:52:16.0725 0496 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 15:52:16.0731 0496 SiSRaid4 - ok 15:52:16.0764 0496 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 15:52:16.0769 0496 Smb - ok 15:52:16.0801 0496 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 15:52:16.0803 0496 SNMPTRAP - ok 15:52:16.0821 0496 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 15:52:16.0824 0496 spldr - ok 15:52:16.0887 0496 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe 15:52:16.0890 0496 Spooler - ok 15:52:17.0148 0496 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe 15:52:17.0207 0496 sppsvc - ok 15:52:17.0336 0496 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 15:52:17.0341 0496 sppuinotify - ok 15:52:17.0426 0496 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys 15:52:17.0457 0496 srv - ok 15:52:17.0509 0496 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys 15:52:17.0538 0496 srv2 - ok 15:52:17.0568 0496 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys 15:52:17.0589 0496 srvnet - ok 15:52:17.0652 0496 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 15:52:17.0659 0496 SSDPSRV - ok 15:52:17.0681 0496 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 15:52:17.0687 0496 SstpSvc - ok 15:52:17.0709 0496 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 15:52:17.0713 0496 stexstor - ok 15:52:17.0793 0496 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll 15:52:17.0799 0496 stisvc - ok 15:52:17.0809 0496 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 15:52:17.0812 0496 swenum - ok 15:52:18.0047 0496 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 15:52:18.0050 0496 SwitchBoard - ok 15:52:18.0121 0496 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 15:52:18.0149 0496 swprv - ok 15:52:18.0350 0496 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll 15:52:18.0367 0496 SysMain - ok 15:52:18.0532 0496 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll 15:52:18.0539 0496 TabletInputService - ok 15:52:18.0599 0496 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll 15:52:18.0650 0496 TapiSrv - ok 15:52:18.0675 0496 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 15:52:18.0679 0496 TBS - ok 15:52:18.0904 0496 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys 15:52:18.0969 0496 Tcpip - ok 15:52:19.0244 0496 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys 15:52:19.0252 0496 TCPIP6 - ok 15:52:19.0377 0496 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 15:52:19.0380 0496 tcpipreg - ok 15:52:19.0405 0496 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 15:52:19.0407 0496 TDPIPE - ok 15:52:19.0445 0496 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys 15:52:19.0448 0496 TDTCP - ok 15:52:19.0472 0496 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 15:52:19.0477 0496 tdx - ok 15:52:19.0512 0496 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 15:52:19.0515 0496 TermDD - ok 15:52:19.0609 0496 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll 15:52:19.0621 0496 TermService - ok 15:52:19.0629 0496 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 15:52:19.0634 0496 Themes - ok 15:52:19.0667 0496 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 15:52:19.0668 0496 THREADORDER - ok 15:52:19.0695 0496 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 15:52:19.0701 0496 TrkWks - ok 15:52:19.0790 0496 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe 15:52:19.0792 0496 TrustedInstaller - ok 15:52:19.0807 0496 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 15:52:19.0812 0496 tssecsrv - ok 15:52:19.0868 0496 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 15:52:19.0892 0496 tunnel - ok 15:52:19.0934 0496 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys 15:52:19.0937 0496 TurboB - ok 15:52:19.0992 0496 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 15:52:19.0993 0496 TurboBoost - ok 15:52:20.0014 0496 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 15:52:20.0019 0496 uagp35 - ok 15:52:20.0065 0496 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 15:52:20.0112 0496 udfs - ok 15:52:20.0151 0496 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 15:52:20.0153 0496 UI0Detect - ok 15:52:20.0187 0496 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 15:52:20.0192 0496 uliagpkx - ok 15:52:20.0240 0496 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 15:52:20.0244 0496 umbus - ok 15:52:20.0266 0496 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 15:52:20.0269 0496 UmPass - ok 15:52:20.0566 0496 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 15:52:20.0616 0496 UNS - ok 15:52:20.0800 0496 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 15:52:20.0804 0496 upnphost - ok 15:52:20.0926 0496 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 15:52:20.0930 0496 USBAAPL64 - ok 15:52:20.0977 0496 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys 15:52:20.0982 0496 usbccgp - ok 15:52:21.0031 0496 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 15:52:21.0038 0496 usbcir - ok 15:52:21.0080 0496 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys 15:52:21.0084 0496 usbehci - ok 15:52:21.0128 0496 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys 15:52:21.0182 0496 usbhub - ok 15:52:21.0225 0496 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys 15:52:21.0229 0496 usbohci - ok 15:52:21.0272 0496 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 15:52:21.0276 0496 usbprint - ok 15:52:21.0307 0496 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 15:52:21.0311 0496 usbscan - ok 15:52:21.0344 0496 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:52:21.0349 0496 USBSTOR - ok 15:52:21.0381 0496 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys 15:52:21.0385 0496 usbuhci - ok 15:52:21.0436 0496 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys 15:52:21.0467 0496 usbvideo - ok 15:52:21.0521 0496 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 15:52:21.0526 0496 UxSms - ok 15:52:21.0553 0496 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe 15:52:21.0554 0496 VaultSvc - ok 15:52:21.0579 0496 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 15:52:21.0583 0496 vdrvroot - ok 15:52:21.0645 0496 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe 15:52:21.0650 0496 vds - ok 15:52:21.0690 0496 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 15:52:21.0694 0496 vga - ok 15:52:21.0715 0496 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 15:52:21.0719 0496 VgaSave - ok 15:52:21.0759 0496 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 15:52:21.0788 0496 vhdmp - ok 15:52:21.0832 0496 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 15:52:21.0835 0496 viaide - ok 15:52:21.0892 0496 VideAceWindowsService (0adf410187b71c9b855721c8d59cec7a) C:\ExpressGateUtil\VAWinService.exe 15:52:21.0893 0496 VideAceWindowsService - ok 15:52:21.0915 0496 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 15:52:21.0920 0496 volmgr - ok 15:52:21.0954 0496 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 15:52:21.0965 0496 volmgrx - ok 15:52:22.0023 0496 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 15:52:22.0032 0496 volsnap - ok 15:52:22.0095 0496 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 15:52:22.0149 0496 vsmraid - ok 15:52:22.0315 0496 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe 15:52:22.0357 0496 VSS - ok 15:52:22.0563 0496 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 15:52:22.0567 0496 vwifibus - ok 15:52:22.0582 0496 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 15:52:22.0587 0496 vwififlt - ok 15:52:22.0641 0496 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 15:52:22.0649 0496 W32Time - ok 15:52:22.0697 0496 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 15:52:22.0700 0496 WacomPen - ok 15:52:22.0741 0496 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:52:22.0746 0496 WANARP - ok 15:52:22.0748 0496 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 15:52:22.0749 0496 Wanarpv6 - ok 15:52:22.0880 0496 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 15:52:22.0890 0496 WatAdminSvc - ok 15:52:23.0119 0496 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe 15:52:23.0174 0496 wbengine - ok 15:52:23.0366 0496 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 15:52:23.0442 0496 WbioSrvc - ok 15:52:23.0505 0496 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll 15:52:23.0528 0496 wcncsvc - ok 15:52:23.0546 0496 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 15:52:23.0551 0496 WcsPlugInService - ok 15:52:23.0586 0496 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 15:52:23.0591 0496 Wd - ok 15:52:23.0673 0496 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 15:52:23.0686 0496 Wdf01000 - ok 15:52:23.0763 0496 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:52:23.0769 0496 WdiServiceHost - ok 15:52:23.0770 0496 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 15:52:23.0772 0496 WdiSystemHost - ok 15:52:23.0852 0496 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll 15:52:23.0911 0496 WebClient - ok 15:52:23.0993 0496 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 15:52:24.0019 0496 Wecsvc - ok 15:52:24.0070 0496 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 15:52:24.0072 0496 wercplsupport - ok 15:52:24.0106 0496 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 15:52:24.0111 0496 WerSvc - ok 15:52:24.0169 0496 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 15:52:24.0172 0496 WfpLwf - ok 15:52:24.0229 0496 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 15:52:24.0251 0496 WimFltr - ok 15:52:24.0312 0496 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 15:52:24.0316 0496 WIMMount - ok 15:52:24.0321 0496 WinHttpAutoProxySvc - ok 15:52:24.0405 0496 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 15:52:24.0413 0496 Winmgmt - ok 15:52:24.0633 0496 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll 15:52:24.0691 0496 WinRM - ok 15:52:24.0910 0496 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys 15:52:24.0915 0496 WinUsb - ok 15:52:25.0043 0496 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 15:52:25.0055 0496 Wlansvc - ok 15:52:25.0170 0496 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 15:52:25.0171 0496 wlcrasvc - ok 15:52:25.0374 0496 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:52:25.0409 0496 wlidsvc - ok 15:52:25.0536 0496 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 15:52:25.0537 0496 WmiAcpi - ok 15:52:25.0611 0496 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 15:52:25.0613 0496 wmiApSrv - ok 15:52:25.0648 0496 WMPNetworkSvc - ok 15:52:25.0680 0496 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 15:52:25.0685 0496 WPCSvc - ok 15:52:25.0718 0496 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll 15:52:25.0724 0496 WPDBusEnum - ok 15:52:25.0779 0496 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 15:52:25.0783 0496 ws2ifsl - ok 15:52:25.0785 0496 WSearch - ok 15:52:26.0028 0496 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 15:52:26.0083 0496 wuauserv - ok 15:52:26.0276 0496 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 15:52:26.0301 0496 WudfPf - ok 15:52:26.0373 0496 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 15:52:26.0402 0496 WUDFRd - ok 15:52:26.0489 0496 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll 15:52:26.0491 0496 wudfsvc - ok 15:52:26.0531 0496 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 15:52:26.0590 0496 WwanSvc - ok 15:52:26.0884 0496 ytpUpdater (88596ac939a4bcd347c5d360dfd0846e) C:\Program Files (x86)\updater\updater.exe 15:52:26.0892 0496 ytpUpdater - ok 15:52:26.0931 0496 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 15:52:27.0283 0496 \Device\Harddisk0\DR0 - ok 15:52:27.0285 0496 Boot (0x1200) (0e40da09bd1b76594ed6e7ef3fa4d76e) \Device\Harddisk0\DR0\Partition0 15:52:27.0286 0496 \Device\Harddisk0\DR0\Partition0 - ok 15:52:27.0308 0496 Boot (0x1200) (59f44e60677c265c083d95eeac04aed3) \Device\Harddisk0\DR0\Partition1 15:52:27.0310 0496 \Device\Harddisk0\DR0\Partition1 - ok 15:52:27.0310 0496 ============================================================ 15:52:27.0310 0496 Scan finished 15:52:27.0310 0496 ============================================================ 15:52:27.0318 6864 Detected object count: 0 15:52:27.0318 6864 Actual detected object count: 0
aswMBR log:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-07-18 15:56:24 ----------------------------- 15:56:24.790 OS Version: Windows x64 6.1.7600 15:56:24.790 Number of processors: 8 586 0x2A07 15:56:24.791 ComputerName: NICK-NOTEBOOK UserName: Nick 15:56:26.682 Initialize success 15:57:46.606 AVAST engine defs: 12071701 15:57:58.475 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 15:57:58.477 Disk 0 Vendor: WDC_WD75 01.0 Size: 715404MB BusType: 3 15:57:58.496 Disk 0 MBR read successfully 15:57:58.498 Disk 0 MBR scan 15:57:58.522 Disk 0 Windows 7 default MBR code 15:57:58.525 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63 15:57:58.538 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 178848 MB offset 45062325 15:57:58.543 Disk 0 Partition - 00 0F Extended LBA 514551 MB offset 411344896 15:57:58.573 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 514550 MB offset 411346944 15:57:58.597 Disk 0 scanning C:\Windows\system32\drivers 15:58:10.186 Service scanning 15:58:38.576 Modules scanning 15:58:38.583 Disk 0 trace - called modules: 15:58:38.605 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 15:58:38.815 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800e2ae060] 15:58:38.819 3 CLASSPNP.SYS[fffff880013b743f] -> nt!IofCallDriver -> [0xfffffa800dbb9480] 15:58:38.823 5 ACPI.sys[fffff88000fb3781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800dbbe050] 15:58:40.654 AVAST engine scan C:\Windows 15:58:42.799 AVAST engine scan C:\Windows\system32 16:02:26.434 AVAST engine scan C:\Windows\system32\drivers 16:02:37.535 AVAST engine scan C:\Users\Nick 16:03:30.761 Disk 0 MBR has been saved successfully to "C:\Users\Nick\Downloads\MBR.dat" 16:03:30.761 The log file has been saved successfully to "C:\Users\Nick\Downloads\aswMBR.txt"
Last one is scanning atm
#4
tri21
-
- Members
-
- 8 posts
New Member
Posted 18 July 2012 - 02:48 AM
and here's the ESET scan results:
Some of those threats might be cracks so are maybe false positives?
C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\solidcore32.dll a variant of Win32/Kryptik.FM trojan cleaned by deleting - quarantined
C:\Users\Nick\AppData\Local\Temp\VidSaver15_20120508.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\Users\Nick\AppData\Local\Temp\ICReinstall\cnet2_FLVPlayerSetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\That_Mitchell_and_Webb_Look_Series_1_Complete.exe Win32/Adware.1ClickDownload.C application cleaned by deleting - quarantined
C:\Users\Nick\Downloads\Men.of.War.Assault.Squad.Update.v2.05.13-RELOADED\rld-mwas20513\Crack\mow_assault_squad.exe probably a variant of Win32/Obfuscated.HRJTKTQ trojan cleaned by deleting - quarantined
C:\Users\Nick\Downloads\Men.of.War.Assault.Squad.Update.v2.05.13-RELOADED\rld-mwas20513\Crack\mow_assault_squad_ed.exe probably a variant of Win32/Obfuscated.HYASPMF trojan cleaned by deleting - quarantined
C:\Users\Nick\Downloads\Men.of.War.Assault.Squad.Update.v2.05.13-RELOADED\rld-mwas20513\Crack\rld.dll a variant of Win32/Packed.VMProtect.AAH trojan cleaned by deleting - quarantined
C:\Users\Nick\Downloads\Men.of.War.Assault.Squad.Update.v2.05.13-RELOADED\rld-mwas20513\Update\mow-as-update-setup-en-2.05.13-full.exe a variant of MSIL/Injector.AGK trojan deleted - quarantined
C:\Windows\Installer\{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
D:\1C Company\Men of War. Assault Squad\mow_assault_squad.exe probably a variant of Win32/Obfuscated.HRJTKTQ trojan cleaned by deleting - quarantined
D:\1C Company\Men of War. Assault Squad\mow_assault_squad_ed.exe probably a variant of Win32/Obfuscated.HYASPMF trojan cleaned by deleting - quarantined
D:\1C Company\Men of War. Assault Squad\rld.dll a variant of Win32/Packed.VMProtect.AAH trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan
Some of those threats might be cracks so are maybe false positives?
Edited by tri21, 18 July 2012 - 02:48 AM.
#5
narenxp
-
- BC Advisor
-
- 16,365 posts
Forum Addict
- Gender:Male
- Location:India
Posted 18 July 2012 - 03:04 AM
Download
systemlook
Launch it and copy this script and paste in the BOX
Click on LOOK,post the generated log
Download
http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html
Install,update and run a full scan
Click on SHOW results.Select all infections and remove it
Reboot the PC and scan MBAM once in regular mode until you get a clean log
Download
mini toolbox
Checkmark following boxes:
Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
Click Go and post the result.
-Download
FSS
Checkmark all the boxes
Click on "Scan".
Please copy and paste the log to your reply.
systemlook
Launch it and copy this script and paste in the BOX
:filefind
services.exe
:folderfind
{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}Click on LOOK,post the generated log
Download
http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html
Install,update and run a full scan
Click on SHOW results.Select all infections and remove it
Reboot the PC and scan MBAM once in regular mode until you get a clean log
Download
mini toolbox
Checkmark following boxes:
Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
Click Go and post the result.
-Download
FSS
Checkmark all the boxes
Click on "Scan".
Please copy and paste the log to your reply.
#6
tri21
-
- Members
-
- 8 posts
New Member
Posted 18 July 2012 - 04:57 AM
Hi, thanks for your replies.
Systemlook log:
Malwarebytes log:
This virus popped up the other two times I tried malwarebytes before.
Mini Toolbox log:
FSS log:
Systemlook log:
SystemLook 30.07.11 by jpshortstuff
Log created at 18:06 on 18/07/2012 by Nick
Administrator - Elevation successful
========== filefind ==========
Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 329216 bytes [23:19 13/07/2009] [01:39 14/07/2009] (Unable to calculate MD5)
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
========== folderfind ==========
Searching for "{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}"
C:\Windows\Installer\{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06} d--hs-- [23:56 10/01/2012]
Malwarebytes log:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.07.18.02
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Nick :: NICK-NOTEBOOK [administrator]
18/07/2012 6:11:52 PM
mbam-log-2012-07-18 (19-42-40).txt
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 558904
Time elapsed: 1 hour(s), 28 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Windows\Installer\{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.
(end)
This virus popped up the other two times I tried malwarebytes before.
Mini Toolbox log:
MiniToolBox by Farbar Version: 15-07-2012
Ran by Nick (administrator) on 18-07-2012 at 19:53:12
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
The following helper DLL cannot be loaded: WSHELPER.DLL.
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : Nick-Notebook
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : BigPond
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : E0-B9-A5-6A-69-88
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F4-6D-04-27-27-77
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : BigPond
Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
Physical Address. . . . . . . . . : E0-B9-A5-6A-32-46
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::409c:23df:1eb7:63c9%11(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, 18 July 2012 7:44:03 PM
Lease Expires . . . . . . . . . . : Thursday, 19 July 2012 7:44:07 PM
Default Gateway . . . . . . . . . : 10.0.0.138
DHCP Server . . . . . . . . . . . : 10.0.0.138
DHCPv6 IAID . . . . . . . . . . . : 249608613
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-4B-FE-15-E0-B9-A5-6A-32-46
DNS Servers . . . . . . . . . . . : 10.0.0.138
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Hamachi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-87-F4-FA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::587:f4fa(Preferred)
Link-local IPv6 Address . . . . . : fe80::6c99:b483:b1f9:8368%16(Preferred)
IPv4 Address. . . . . . . . . . . : 5.135.244.250(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Wednesday, 18 July 2012 7:44:01 PM
Lease Expires . . . . . . . . . . : Thursday, 18 July 2013 7:46:08 PM
Default Gateway . . . . . . . . . : 5.0.0.1
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 444234211
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-4B-FE-15-E0-B9-A5-6A-32-46
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.BigPond:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{B044B027-D8EC-41A8-8A3E-F3AA28AB7AAA}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Pinging google.com [74.125.237.2] with 32 bytes of data:
Reply from 74.125.237.2: bytes=32 time=26ms TTL=52
Reply from 74.125.237.2: bytes=32 time=26ms TTL=52
Ping statistics for 74.125.237.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 26ms, Average = 26ms
Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=258ms TTL=46
Reply from 209.191.122.70: bytes=32 time=260ms TTL=46
Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 258ms, Maximum = 260ms, Average = 259ms
Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.
Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...e0 b9 a5 6a 69 88 ......Bluetooth Device (Personal Area Network)
12...f4 6d 04 27 27 77 ......Realtek PCIe GBE Family Controller
11...e0 b9 a5 6a 32 46 ......Atheros AR9002WB-1NG Wireless Network Adapter
16...7a 79 05 87 f4 fa ......Hamachi Network Interface
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.135.244.250 9256
0.0.0.0 0.0.0.0 10.0.0.138 10.0.0.5 25
5.0.0.0 255.0.0.0 On-link 5.135.244.250 9256
5.135.244.250 255.255.255.255 On-link 5.135.244.250 9256
5.255.255.255 255.255.255.255 On-link 5.135.244.250 9256
10.0.0.0 255.255.255.0 On-link 10.0.0.5 281
10.0.0.5 255.255.255.255 On-link 10.0.0.5 281
10.0.0.255 255.255.255.255 On-link 10.0.0.5 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 5.135.244.250 9256
224.0.0.0 240.0.0.0 On-link 10.0.0.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 5.135.244.250 9256
255.255.255.255 255.255.255.255 On-link 10.0.0.5 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
16 276 2620:9b::/96 On-link
16 276 2620:9b::587:f4fa/128 On-link
16 276 fe80::/64 On-link
11 281 fe80::/64 On-link
11 281 fe80::409c:23df:1eb7:63c9/128
On-link
16 276 fe80::6c99:b483:b1f9:8368/128
On-link
1 306 ff00::/8 On-link
16 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================
Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog9 12 mswsock.dll [File Not found] ()
x64-Catalog9 13 mswsock.dll [File Not found] ()
x64-Catalog9 14 mswsock.dll [File Not found] ()
x64-Catalog9 15 mswsock.dll [File Not found] ()
x64-Catalog9 16 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/18/2012 07:53:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7502c9f1
Faulting process id: 0x19f8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:52:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7502c9f1
Faulting process id: 0x1a34
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:51:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7502c9f1
Faulting process id: 0x1b0c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:50:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7502c9f1
Faulting process id: 0x1798
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:49:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x7502c9f1
Faulting process id: 0x11c4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:43:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x749bc9f1
Faulting process id: 0x6a0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:43:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x749bc9f1
Faulting process id: 0x8d4
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:42:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x749bc9f1
Faulting process id: 0xe70
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:42:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x749bc9f1
Faulting process id: 0x9ec
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Error: (07/18/2012 07:42:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x749bc9f1
Faulting process id: 0x1474
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
System errors:
=============
Error: (07/18/2012 07:48:25 PM) (Source: Service Control Manager) (User: )
Description: HomeGroup ProviderFunction Discovery Resource Publication%%-2147024891
Error: (07/18/2012 07:48:25 PM) (Source: Service Control Manager) (User: )
Description: Function Discovery Resource Publication%%-2147024891
Error: (07/18/2012 07:48:22 PM) (Source: Service Control Manager) (User: )
Description: iPod Service%%1053
Error: (07/18/2012 07:48:22 PM) (Source: Service Control Manager) (User: )
Description: 30000iPod Service
Error: (07/18/2012 07:48:22 PM) (Source: DCOM) (User: )
Description: 1053iPod Service{063D34A4-BF84-4B8D-B699-E8CA06504DDE}
Error: (07/18/2012 07:44:12 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060
Error: (07/18/2012 07:44:12 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy AgentBFE
Error: (07/18/2012 07:44:11 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying ModulesBFE
Error: (07/18/2012 07:44:08 PM) (Source: Service Control Manager) (User: )
Description: Function Discovery Resource Publication%%-2147024891
Error: (07/18/2012 03:36:07 PM) (Source: Service Control Manager) (User: )
Description: HomeGroup ProviderFunction Discovery Resource Publication%%-2147024891
Microsoft Office Sessions:
=========================
Error: (07/18/2012 07:53:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057502c9f119f801cd64cb27472e27C:\Windows\SysWOW64\svchost.exeunknown64f7994e-d0be-11e1-bb2e-e0b9a56a6988
Error: (07/18/2012 07:52:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057502c9f11a3401cd64cb0369942eC:\Windows\SysWOW64\svchost.exeunknown4117673c-d0be-11e1-bb2e-e0b9a56a6988
Error: (07/18/2012 07:51:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057502c9f11b0c01cd64cadf83f001C:\Windows\SysWOW64\svchost.exeunknown1d37b695-d0be-11e1-bb2e-e0b9a56a6988
Error: (07/18/2012 07:50:15 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057502c9f1179801cd64cabba3290eC:\Windows\SysWOW64\svchost.exeunknownf951232c-d0bd-11e1-bb2e-e0b9a56a6988
Error: (07/18/2012 07:49:10 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c00000057502c9f111c401cd64ca8f44e8deC:\Windows\SysWOW64\svchost.exeunknownd25e334d-d0bd-11e1-bb2e-e0b9a56a6988
Error: (07/18/2012 07:43:05 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005749bc9f16a001cd64c9bb34febaC:\Windows\SysWOW64\svchost.exeunknownf8e2d1c8-d0bc-11e1-ad9e-e0b9a56a6988
Error: (07/18/2012 07:43:05 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005749bc9f18d401cd64c9bb09a858C:\Windows\SysWOW64\svchost.exeunknownf8b83eb9-d0bc-11e1-ad9e-e0b9a56a6988
Error: (07/18/2012 07:42:56 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005749bc9f1e7001cd64c9b5acbeeeC:\Windows\SysWOW64\svchost.exeunknownf35a91fb-d0bc-11e1-ad9e-e0b9a56a6988
Error: (07/18/2012 07:42:05 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005749bc9f19ec01cd64c99760267dC:\Windows\SysWOW64\svchost.exeunknownd51091a5-d0bc-11e1-ad9e-e0b9a56a6988
Error: (07/18/2012 07:42:05 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005749bc9f1147401cd64c997378f45C:\Windows\SysWOW64\svchost.exeunknownd4e56253-d0bc-11e1-ad9e-e0b9a56a6988
=========================== Installed Programs ============================
??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
1ClickDownloader (Version: 2.1 Build 26473)
7-Zip 9.20
Ace of Spades (Version: 0.70.017)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 10 Plugin (Version: 10.3.181.14)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader 9.5.1 (Version: 9.5.1)
Alcor Micro USB Card Reader (Version: 1.8.17.26026)
ANNO 2070 (Version: 1.0.0.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.13)
ASUS FancyStart (Version: 1.1.0)
ASUS LifeFrame3 (Version: 3.0.21)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.43)
ASUS SmartLogon (Version: 1.0.0010)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0031)
ASUS Video Magic (Version: 6.0.4710)
ASUS Virtual Camera (Version: 1.0.21)
ASUS WebStorage (Version: 2.0.46.1429)
ASUS_Screensaver
AsusVibe2.0 (Version: 2.0.3.585)
Atheros WLAN and Bluetooth Client Installation Program (Version: 9.0)
ATK Package (Version: 1.0.0007)
µTorrent (Version: 3.1.3)
Avira Antivirus Premium 2012 (Version: 12.0.0.1145)
Bing Bar (Version: 6.0.2282.0)
Bing Bar Platform (Version: 6.0.2282.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bluetooth Win7 Suite (64) (Version: 7.2.0.45)
Bonjour (Version: 3.0.0.10)
Bookworm Deluxe
BOSS (Version: 2.0.0)
Canon MG5200 series MP Drivers
CodeBlocks (Version: 10.05)
Complemento Messenger (Version: 15.4.3502.0922)
Complément Messenger (Version: 15.4.3502.0922)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
Cooking Dash
Counter-Strike 1.6
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink MediaEspresso (Version: 6.0.1115_32476)
CyberLink Power2Go (Version: 6.1.3602c)
CyberLink PowerDirector (Version: 8.0.2609a)
CyberLink PowerDVD 10 (Version: 10.0.2025)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.1.0236)
Diablo II
ESET Online Scanner v3
ETDWare PS/2-x64 7.0.5.16_WHQL (Version: 7.0.5.16)
Evernote v. 4.5.2 (Version: 4.5.2.5904)
ExpressGate Cloud (Version: 2.1.76.380)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Fast Boot (Version: 1.0.8)
Fresco Logic USB3.0 Host Controller (Version: 3.0.110.12)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Game Park Console (Version: 6.2.1.1)
GameRanger
Google Chrome (Version: 20.0.1132.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.115)
Governor of Poker
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Hotel Dash Suite Success
Intel(R) Control Center (Version: 1.2.1.1007)
Intel(R) Management Engine Components (Version: 7.0.0.1144)
Intel(R) Processor Graphics (Version: 8.15.10.2253)
Intel(R) Turbo Boost Technology Monitor (Version: 1.0.400.4)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java(TM) 7 Update 3 (64-bit) (Version: 7.0.30)
Java(TM) 7 Update 4 (Version: 7.0.40)
Java(TM) SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30)
JavaFX 2.1.0 (Version: 2.1.0)
Jewel Quest 3
Junk Mail filter update (Version: 15.4.3502.0922)
LibreOffice 3.4 (Version: 3.4.402)
LogMeIn Hamachi (Version: 2.1.0.210)
Luxor 3
Magicka
Mahjongg dimensions
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mass Effect (Version: 1.00)
Mass Effect 2 (Version: 1.00)
Medieval II Total War (Version: 1.03.000)
Medieval II Total War : Kingdoms : Americas (Version: 1.03.000)
Medieval II Total War : Kingdoms : Britannia (Version: 1.03.000)
Medieval II Total War : Kingdoms : Crusades (Version: 1.03.000)
Medieval II Total War : Kingdoms : Teutonic (Version: 1.03.000)
Men of War: Assault Squad (Remove Only) (Version: 1.80.1.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Minecraft Cracked
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nexus Mod Manager (Version: 0.18.9)
Notepad++ (Version: 5.9.8)
Nuance PDF Reader (Version: 6.00.0041)
NVIDIA Control Panel 266.01 (Version: 266.01)
NVIDIA Graphics Driver 266.01 (Version: 266.01)
NVIDIA Install Application (Version: 2.265.33.0)
NVIDIA Optimus 1.0.11 (Version: 1.0.11)
NVIDIA PhysX (Version: 9.09.0814)
NVIDIA Update Components (Version: 1.0.11)
Origin (Version: 8.4.1.210)
PDF Settings CS5 (Version: 10.0)
Plants vs Zombies
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6257)
SonicMaster (Version: 1.00.0000)
SweetIM for Messenger 3.6 (Version: 3.6.0008)
SweetPacks Toolbar for Internet Explorer 4.6 (Version: 4.6.0002)
syncables desktop SE (Version: 5.5.746.11492)
Terraria 1.1.2 (Version: 1.1.2)
The Elder Scrolls V Skyrim version 1.5.26.0.5 (Version: 1.5.26.0.5)
The Sims™ 3 (Version: 1.33.2)
Titan Quest (Version: 1.00.0000)
TrackMania 2 (Version: RePack)
Tribes Ascend Open Beta (Version: 1.0.1016.7)
Ubisoft Game Launcher (Version: 1.0.0.0)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Manager for SweetPacks 1.0 (Version: 1.0.0005)
uTorrentBar Toolbar (Version: 6.8.2.0)
Vid-Saver (Version: 1.18.149.149)
VideoPad Video Editor
VLC media player 1.1.11 (Version: 1.1.11)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinFlash (Version: 2.31.1)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Wireless Console 3 (Version: 3.0.19)
World of Goo
wxDownload Fast 0.6.0
YoutubePlus
========================= Memory info: ===================================
Percentage of memory in use: 18%
Total physical RAM: 16295.07 MB
Available physical RAM: 13209.53 MB
Total Pagefile: 32588.29 MB
Available Pagefile: 29217.31 MB
Total Virtual: 4095.88 MB
Available Virtual: 3951.09 MB
========================= Partitions: =====================================
1 Drive c: (OS) (Fixed) (Total:174.66 GB) (Free:12.44 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:502.49 GB) (Free:392.28 GB) NTFS
3 Drive e: (TheYearMyVoiceBroke) (CDROM) (Total:7.84 GB) (Free:0 GB) UDF
========================= Users: ========================================
User accounts for \\NICK-NOTEBOOK
Administrator ASPNET Guest
Nick UpdatusUser
**** End of log ****
FSS log:
Farbar Service Scanner Version: 08-07-2012 Ran by Nick (administrator) on 18-07-2012 at 19:55:53 Running from "C:\Users\Nick\Downloads" Microsoft Windows 7 Home Premium (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= mpsdrv Service is not running. Checking service configuration: The start type of mpsdrv service is OK. The ImagePath of mpsdrv service is OK. MpsSvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist. bfe Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist. Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist. File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2012-02-16 17:49] - [2011-12-28 13:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2012-05-12 21:43] - [2012-03-30 21:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0 C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll [2009-07-14 10:09] - [2009-07-14 11:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3 C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll [2009-07-14 09:36] - [2009-07-14 11:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5 C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll [2012-06-13 13:59] - [2012-04-24 15:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
#7
narenxp
-
- BC Advisor
-
- 16,365 posts
Forum Addict
- Gender:Male
- Location:India
Posted 18 July 2012 - 06:42 AM
C:\Windows\Installer\{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}\U\00000008.@ (Trojan.Dropper.BCMiner) -> No action taken.
Run MBAM again and remove the infection,restart the PC
Press Windows+R key and type
notepad and click ok
copy this script and paste in notepad
@echo off cd c:\windows\system32 takeown /a /f services.exe cacls services.exe /g administrators:f ren services.exe services.exe.old COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32 DEL %0
Click on FILE>> save as
filename:sevices.bat
Save as type:All types
Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER
Open your C drive
On top,click on Organize-folder and search options
Click on View tab and scroll down
Check mark Show hidden files
Uncheck Hide operating system files
Click ok,now go to
C:\Windows\Installer\{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}
delete the folder,run system look again and post the log
Create a restore point before trying this
Download
MpsSvc
BFE
wscsvc
defender
Launch them ,click YES when you get UAC prompt
Restart the PC ,post the new FSS log
#8
tri21
-
- Members
-
- 8 posts
New Member
Posted 19 July 2012 - 01:38 AM
Hi,
I ran Malbytes again, then did the bat file thing but it won't let me delete the folder as it says another program is using it.
I ran Malbytes again, then did the bat file thing but it won't let me delete the folder as it says another program is using it.
#9
narenxp
-
- BC Advisor
-
- 16,365 posts
Forum Addict
- Gender:Male
- Location:India
#10
tri21
-
- Members
-
- 8 posts
New Member
Posted 19 July 2012 - 03:51 PM
Hi,
Here's the new FSS log:
Here's the new FSS log:
Farbar Service Scanner Version: 08-07-2012 Ran by Nick (administrator) on 20-07-2012 at 06:49:53 Running from "C:\Users\Nick\Downloads" Microsoft Windows 7 Home Premium (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= MpsSvc Service is not running. Checking service configuration: The start type of MpsSvc service is OK. The ImagePath of MpsSvc service is OK. The ServiceDll of MpsSvc service is OK. bfe Service is not running. Checking service configuration: The start type of bfe service is OK. The ImagePath of bfe service is OK. The ServiceDll of bfe service is OK. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is OK. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll". File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2012-02-16 17:49] - [2011-12-28 13:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2012-05-12 21:43] - [2012-03-30 21:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0 C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll [2009-07-14 10:09] - [2009-07-14 11:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3 C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll [2009-07-14 09:36] - [2009-07-14 11:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5 C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll [2012-06-13 13:59] - [2012-04-24 15:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
#11
narenxp
-
- BC Advisor
-
- 16,365 posts
Forum Addict
- Gender:Male
- Location:India
Posted 19 July 2012 - 04:01 PM
Download
Windows repair tool
Extract and launch the Repair_Windows.exe file
Click on Start repairs tab-click on Start
check mark following options alone
Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts
Checkmark Restart System When Finished option
click the Start button
System should restart after repair
Post the FSS log
Download
systemlook
Launch it and copy this script and paste in the BOX
Click on LOOK,post the generated log
Windows repair tool
Extract and launch the Repair_Windows.exe file
Click on Start repairs tab-click on Start
check mark following options alone
Reset registry permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts
Checkmark Restart System When Finished option
click the Start button
System should restart after repair
Post the FSS log
Download
systemlook
Launch it and copy this script and paste in the BOX
:filefind
services.exe
:folderfind
{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}Click on LOOK,post the generated log
#12
tri21
-
- Members
-
- 8 posts
New Member
Posted 20 July 2012 - 04:18 AM
Hi,
Avira isn't detecting the virus anymore so I assume that's good?
Here's the FSS log:
Here's the systemlook log:
Avira isn't detecting the virus anymore so I assume that's good?
Here's the FSS log:
Farbar Service Scanner Version: 08-07-2012 Ran by Nick (administrator) on 20-07-2012 at 19:09:58 Running from "C:\Users\Nick\Downloads" Microsoft Windows 7 Home Premium (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is OK. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll". File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2012-02-16 17:49] - [2011-12-28 13:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys [2012-05-12 21:43] - [2012-03-30 21:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0 C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll [2009-07-14 10:09] - [2009-07-14 11:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3 C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll [2009-07-14 09:36] - [2009-07-14 11:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5 C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll [2012-06-13 13:59] - [2012-04-24 15:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
Here's the systemlook log:
SystemLook 30.07.11 by jpshortstuff
Log created at 19:11 on 20/07/2012 by Nick
Administrator - Elevation successful
========== filefind ==========
Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
========== folderfind ==========
Searching for "{52f71f4a-d2d4-e6c0-0b0a-03732b7a7a06}"
No folders found.
-= EOF =-
#13
narenxp
-
- BC Advisor
-
- 16,365 posts
Forum Addict
- Gender:Male
- Location:India
Posted 20 July 2012 - 07:53 AM
Delete this file
C:\windows\system32\services.exe.old
That looks good
Download
TFC
Launch it,it will close all running programs
click on START,it should ask for reboot
Turn off your system restore,restart the PC,create a new restore point
http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off
Update your flash player
Update your JAVA from here
http://java.com/en/download/inc/windows_upgrade_xpi.jsp
Update your antivirus frequently,do not click on suspicious links
Safe surfing
C:\windows\system32\services.exe.old
That looks good
Download
TFC
Launch it,it will close all running programs
click on START,it should ask for reboot
Turn off your system restore,restart the PC,create a new restore point
http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off
Update your flash player
Update your JAVA from here
http://java.com/en/download/inc/windows_upgrade_xpi.jsp
Update your antivirus frequently,do not click on suspicious links
Safe surfing
#14
tri21
-
- Members
-
- 8 posts
New Member
#15
narenxp
-
- BC Advisor
-
- 16,365 posts
Forum Addict
- Gender:Male
- Location:India
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
