Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ping.exe going crazy redirecting IE


  • Please log in to reply
22 replies to this topic

#1 LordSlizzurp

LordSlizzurp

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 22 January 2012 - 08:30 AM

I dont know what to do about ping.exe going crazy on my network, im pretty sure its malware or a rootkit maybe because i always use resource monitor to view my network activiity and starting yesterday i noticed my browser redirecting to pay sites like gimmeanswers.com and also popups were occuring too, also some of the redirects wouldnt let me press the back button and i had to start iexplore over =(. I have put a bandaid on the problem by suspending the process, this has worked for now to stop the problem, but i know the rootkit or whatever is still there, if i restart computer or unsuspend ping, it will start goin again, at times ping.exe is transfering over 100kb a second so i know its doing more than pinging me lol, keeps using ip address deploy.akamaitechnologies.com or whatever too

(Moderator edit: post moved to more appropriate forum. jgw)

Edited by jgweed, 22 January 2012 - 10:17 AM.


BC AdBot (Login to Remove)

 


#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:02:02 PM

Posted 23 January 2012 - 01:30 PM

Hi LordSlizzurp,

:welcome: to Bleeping Computer.

My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.

Some things to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.

Click on the Watch Topic button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.

 

:step1: Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

:step2: Please download Malwarebytes Anti-Malware and save it to your desktop.
Download Link 1
Download Link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
    For instructions with screenshots, please refer to the How to use Malwarebytes' Anti-Malware Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

Troubleshoot Malwarebytes' Anti-Malware

:step3: Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.


In your next reply, please include:
  • MiniToolBox log
  • Malwarebytes log
  • GMER log
  • How's your computer running now?

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#3 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 24 January 2012 - 02:32 AM

Hi Jason, since I originally posted I have run multiple scanners on my comp and gotten a lot of results, I have run MB antimal, norton power eraser, tdss killer, eset online, kaspersky virus removal tool, microsoft saftey scanner, fix tdss and aswMBR. I then installed kaspersky complete protection and ran the full scan. ESET, kaspersky removal tool, safety scanner and the kaspersky av full scan all found infected files but each time it was a unique infection that each of the other scanners had overlooked or bypassed. I ran the full scan whenever I had the option. After applying all reccomendations my browser redirect issues dissapeared and ping.exe also dissapeared from processes, but i still have the residual effects of the infections: no win defender or win firewall, the virus actually deleted my windows defender files, and when i went to microsoft to try to download defender again, the installer told me that i already had defender on my vista system (im running win7) im getting the usual 80070424 error or whatever, the common one that everyone else on the internet is getting, its amazing how prevalent this exact problem is right now. So should i still go ahead with your recomended steps??? also i think gmer wont run on win7 but im not sure?? Thank you so much for your time and help, your website and its team are really amazing, ive used the info from others posts to learn and get as far as I have already and I just wanted to say how awesome a weapon it is against malicious software and its creators

#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:02:02 PM

Posted 24 January 2012 - 09:02 AM

LordSlizzurp,

GMER will run on Windows 7 32-Bit, however it will not run on Windows 7 64-Bit.

So, if you have Windows 7 64-Bit, you can skip GMER and move on to MiniToolBox and rerun Malwarebytes (make sure it's updated by clicking on the Update tab before scanning.)
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#5 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 25 January 2012 - 12:54 AM

Malwarebytes log:

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
The Ownerer :: THEOWNERER-PC [administrator]

1/24/2012 8:16:48 PM
mbam-log-2012-01-24 (20-16-48).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 495874
Time elapsed: 1 hour(s), 27 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Minitoolbox Log:

MiniToolBox by Farbar Version: 18-01-2012
Ran by The Ownerer (administrator) on 24-01-2012 at 21:49:16
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6250 AGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Intel® Centrino® WiMAX 6250 = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : TheOwnerer-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 64-80-99-1D-B1-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 64-80-99-1D-B1-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6250 AGN
Physical Address. . . . . . . . . : 64-80-99-1D-B1-20
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4984:1bcd:ac95:f836%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.34(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, January 24, 2012 7:59:37 PM
Lease Expires . . . . . . . . . . : Saturday, March 02, 2148 4:18:09 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 375685273
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-F3-AC-6B-E8-11-32-22-C9-8A
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® WiMAX 6250
Physical Address. . . . . . . . . : 64-D4-DA-27-BC-79
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E8-11-32-4A-6C-E4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{293FA72F-9C8F-4D54-8400-26309CA67D93}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{43627429-C8C4-4807-9C60-CA6F69651BE2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2287089B-49F8-4E14-BB90-FADA8A77A34C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BE1436E0-679B-473F-B90A-A605F2C9F089}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.224.113
74.125.224.116
74.125.224.112
74.125.224.114
74.125.224.115


Pinging google.com [74.125.224.116] with 32 bytes of data:
Reply from 74.125.224.116: bytes=32 time=27ms TTL=53
Reply from 74.125.224.116: bytes=32 time=27ms TTL=53

Ping statistics for 74.125.224.116:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 27ms, Average = 27ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.2.43
98.137.149.56
98.139.180.149


Pinging yahoo.com [72.30.2.43] with 32 bytes of data:
Reply from 72.30.2.43: bytes=32 time=28ms TTL=50
Reply from 72.30.2.43: bytes=32 time=33ms TTL=50

Ping statistics for 72.30.2.43:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 33ms, Average = 30ms
Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...64 80 99 1d b1 21 ......Microsoft Virtual WiFi Miniport Adapter #2
13...64 80 99 1d b1 21 ......Microsoft Virtual WiFi Miniport Adapter
12...64 80 99 1d b1 20 ......Intel® Centrino® Advanced-N 6250 AGN
11...64 d4 da 27 bc 79 ......Intel® Centrino® WiMAX 6250
10...e8 11 32 4a 6c e4 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.34 40
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.34 296
192.168.2.34 255.255.255.255 On-link 192.168.2.34 296
192.168.2.255 255.255.255.255 On-link 192.168.2.34 296
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.34 296
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.34 296
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 296 fe80::/64 On-link
12 296 fe80::4984:1bcd:ac95:f836/128
On-link
1 306 ff00::/8 On-link
12 296 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/24/2012 09:01:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: left4dead.exe, version: 0.0.0.0, time stamp: 0x491a4be1
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x0002e8f6
Faulting process id: 0x15e68
Faulting application start time: 0xleft4dead.exe0
Faulting application path: left4dead.exe1
Faulting module path: left4dead.exe2
Report Id: left4dead.exe3

Error: (01/24/2012 05:21:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/24/2012 05:21:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/24/2012 05:21:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (01/24/2012 02:17:59 AM) (Source: Application Hang) (User: )
Description: The program FarCry2.exe version 0.1.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1fd6c

Start Time: 01ccda6f64f9b43e

Termination Time: 2269

Application Path: C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe

Report Id:

Error: (01/23/2012 09:41:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 08:08:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:03:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/23/2012 07:03:20 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (01/23/2012 05:03:52 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/24/2012 09:46:33 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/24/2012 09:46:27 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/24/2012 08:17:23 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/24/2012 07:59:39 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/24/2012 07:59:37 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (01/24/2012 07:58:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
29974017

Error: (01/24/2012 07:58:51 PM) (Source: Service Control Manager) (User: )
Description: The Intel® PROSet/Wireless WiMAX Red Bend Device Management Service service hung on starting.

Error: (01/24/2012 07:57:27 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (01/24/2012 07:57:27 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (01/24/2012 07:57:25 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (01/24/2012 09:01:14 PM) (Source: Application Error)(User: )
Description: left4dead.exe0.0.0.0491a4be1ntdll.dll6.1.7601.177254ec49b8fc00000050002e8f615e6801ccdb1e1a3c6312C:\Left 4 dead\Left 4 Dead\left4dead.exeC:\Windows\SysWOW64\ntdll.dll9b160e21-4711-11e1-9208-e811324a6ce4

Error: (01/24/2012 05:21:55 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\esetsmartinstaller_enu.exe

Error: (01/24/2012 05:21:55 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/24/2012 05:21:53 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/24/2012 02:17:59 AM) (Source: Application Hang)(User: )
Description: FarCry2.exe0.1.0.11fd6c01ccda6f64f9b43e2269C:\Program Files (x86)\Ubisoft\Far Cry 2\bin\FarCry2.exe

Error: (01/23/2012 09:41:11 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\esetsmartinstaller_enu.exe

Error: (01/23/2012 08:08:00 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\The Ownerer\Desktop\Security\esetsmartinstaller_enu.exe

Error: (01/23/2012 07:03:21 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/23/2012 07:03:20 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (01/23/2012 05:03:52 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe


=========================== Installed Programs ============================

???? ??? Windows Live (Version: 15.4.3502.0922)
???? Windows Live (Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (Version: 15.4.3502.0922)
???????? ?? Messenger (Version: 15.4.3502.0922)
???????? ?????????? Windows Live (Version: 15.4.3502.0922)
????????? Messenger (Version: 15.4.3502.0922)
?????????? Windows Live (Version: 15.4.3502.0922)
??????????? ?? Windows Live (Version: 15.4.3502.0922)
Adobe AIR (Version: 1.5.2.8870)
Adobe Flash Player 10 ActiveX (Version: 10.1.53.64)
Adobe Reader 9.1 (Version: 9.1.0)
Age of Empires III (Version: 1.00.0000)
„Messenger“ pagalbine priemone (Version: 15.4.3502.0922)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
„Windows Live Essentials“ (Version: 15.4.3502.0922)
„Windows Live Mail“ (Version: 15.4.3502.0922)
„Windows Live Messenger“ (Version: 15.4.3502.0922)
„Windows Live“ fotogalerija (Version: 15.4.3502.0922)
BatteryLifeExtender (Version: 1.0.11)
Best Buy pc app (Version: 3.0.0.0)
Bing Bar (Version: 6.0.2282.0)
Bing Bar Platform (Version: 6.0.2282.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
ChargeableUSB (Version: 1.0.0.0)
Complemento Messenger (Version: 15.4.3502.0922)
Complément Messenger (Version: 15.4.3502.0922)
CyberLink Media Suite (Version: 8.0.2227)
CyberLink MediaShow (Version: 5.0.1130a)
CyberLink Power2Go (Version: 6.1.3802)
CyberLink PowerDirector (Version: 8.0.3306)
CyberLink PowerDVD 10 (Version: 10.0.2310.52)
CyberLink YouCam (Version: 3.1.3509)
D3DX10 (Version: 15.4.2368.0902)
Doplnok programu Messenger (Version: 15.4.3502.0922)
Easy Content Share (Version: 1.0)
Easy Display Manager (Version: 3.2)
Easy Migration (Version: 1.0)
Easy Network Manager (Version: 4.4.7)
Easy SpeedUp Manager (Version: 2.1.1.1)
EasyBatteryManager (Version: 4.0.0.4)
EasyFileShare (Version: 1.0.11)
ESET Online Scanner v3
ETDWare PS/2-X64 8.0.7.2_WHQL (Version: 8.0.7.2)
Fable III (Version: 1.0.0001.131)
Fallout New Vegas
Far Cry 2 (Version: 1.00.00)
Fast Start (Version: 2.2.0.0)
Fotogalerija Windows Live (Version: 15.4.3502.0922)
Freecorder 5 (Version: 5.05)
Freecorder Toolbar (Version: 5.0.0.0)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galerie foto Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 16.0.912.75)
Intel PROSet Wireless
Intel WiMAX Tutorial (Version: 1.5.3.1)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2253)
Intel® PROSet/Wireless WiFi Software (Version: 14.0.2000)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.0.82.0)
Intel® Wireless Display
Intel® Wireless Display (Version: 2.0.27.0)
Intel® PROSet/Wireless WiMAX Software (Version: 2.03.2000)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Anti-Virus 2011 (Version: 11.0.2.556)
Magicka
Malwarebytes Anti-Malware version 1.60.0.1800 (Version: 1.60.0.1800)
Mesh Runtime (Version: 15.4.5722.2)
Messenger-kumppani (Version: 15.4.3502.0922)
Messenger ??? ?? (Version: 15.4.3502.0922)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Assistent (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Messenger kíséro (Version: 15.4.3502.0922)
Messenger Pratilac (Version: 15.4.3502.0922)
Messenger Suradnik (Version: 15.4.3502.0922)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Games for Windows - LIVE (Version: 3.3.24.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.2.3.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Movie Color Enhancer (Version: 1.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia POP (Version: 1.1)
Network Play System (Patching)
NOOK for PC (Version: 2.5.4.7070)
Norton Online Backup (Version: 2.1.17869)
NVIDIA Control Panel 266.10 (Version: 266.10)
NVIDIA Graphics Driver 266.10 (Version: 266.10)
NVIDIA Install Application (Version: 2.265.34.0)
NVIDIA Optimus 1.0.11 (Version: 1.0.11)
NVIDIA PhysX (Version: 9.10.0513)
NVIDIA Update Components (Version: 1.0.11)
Poczta uslugi Windows Live (Version: 15.4.3502.0922)
Podstawowe programy Windows Live (Version: 15.4.3502.0922)
Pomocnik Messenger (Version: 15.4.3502.0922)
Pošta Windows Live (Version: 15.4.3502.0922)
QuickTime (Version: 7.69.80.9)
Raccolta foto di Windows Live (Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (Version: 7.33.1125.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6257)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.26.0)
S?????? f?t???af??? t?? Windows Live (Version: 15.4.3502.0922)
Samsung AnyWeb Print (Version: 1.0)
Samsung AnyWeb Print (Version: 1.1.21.0)
Samsung Recovery Solution 5 (Version: 5.0.0.8)
Samsung Support Center (Version: 1.1.21)
Samsung Universal Print Driver (Version: 2.01.06.00:16)
Samsung Universal Scan Driver (Version: 1.2.1.0)
Skype™ 4.2 (Version: 4.2.169)
Spremljevalec Messenger (Version: 15.4.3502.0922)
SRS Premium Sound Control Panel (Version: 1.10.1000)
System Requirements Lab
User Guide (Version: 1.0)
VirtualCloneDrive
Vuze (Version: 4.7)
Wild Tangent - Fate
Windows Live ?? (Version: 15.4.3502.0922)
Windows Live ?? ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ??? (Version: 15.4.3508.1109)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Fotótár (Version: 15.4.3502.0922)
Windows Live Foto-galerija (Version: 15.4.3502.0922)
Windows Live fotoattelu galerija (Version: 15.4.3502.0922)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live Fotogaléria (Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (Version: 15.4.3502.0922)
Windows Live Galerija fotografija (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Pošta (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Temel Parçalar (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Liven asennustyökalu (Version: 15.4.3502.0922)
Windows Liven sähköposti (Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922)
WinRAR 4.01 (64-bit) (Version: 4.01.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 6055.12 MB
Available physical RAM: 3903.7 MB
Total Pagefile: 12108.43 MB
Available Pagefile: 9888.03 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.51 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:677.16 GB) (Free:525.21 GB) NTFS

========================= Users: ========================================

User accounts for \\THEOWNERER-PC

Administrator Amy Gun Guest
The Ownerer UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#6 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 27 January 2012 - 04:24 PM

Dont know why I havent gotten a reply........

#7 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:02:02 PM

Posted 27 January 2012 - 04:26 PM

LordSlizzurp,

My apologies for the delay. I was conferring with a colleague on where to proceed from here.



Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
Be sure to print out and follow the instructions for performing a scan. Alternate instructions can be found here.

  • Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
  • Alternatively, you can download TDSSKiller.exe and use that instead.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • When the program opens, click the Start Scan button.

    Posted Image
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found, will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

    Posted Image
  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

    Posted Image
  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

-- For any files detected as 'Suspicious' (except those identified as Forged to be cured after reboot) get a second opinion by submitting to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.

Edited by jntkwx, 27 January 2012 - 04:34 PM.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#8 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 27 January 2012 - 04:39 PM

I mentioned i my onirignal post that I already ran tdss killer, since then I have ran it probably 6 or 7 times, do you want me to do it again? also would you like those logs?

#9 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:02:02 PM

Posted 27 January 2012 - 04:42 PM

LordSlizzurp,

Download and run a new version of TDSSkiller (it's updated often), and just post the log from that.

In addition, please download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
When asked to update, click Yes.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

Edited by jntkwx, 27 January 2012 - 04:42 PM.

Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#10 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 27 January 2012 - 04:52 PM

Here is TDSS log, doing aswMBR right now:

13:45:52.0092 50360 TDSS rootkit removing tool 2.7.7.0 Jan 24 2012 16:44:27
13:45:53.0714 50360 ============================================================
13:45:53.0714 50360 Current date / time: 2012/01/27 13:45:53.0714
13:45:53.0714 50360 SystemInfo:
13:45:53.0714 50360
13:45:53.0714 50360 OS Version: 6.1.7601 ServicePack: 1.0
13:45:53.0714 50360 Product type: Workstation
13:45:53.0715 50360 ComputerName: THEOWNERER-PC
13:45:53.0715 50360 UserName: The Ownerer
13:45:53.0715 50360 Windows directory: C:\Windows
13:45:53.0715 50360 System windows directory: C:\Windows
13:45:53.0715 50360 Running under WOW64
13:45:53.0715 50360 Processor architecture: Intel x64
13:45:53.0715 50360 Number of processors: 8
13:45:53.0715 50360 Page size: 0x1000
13:45:53.0715 50360 Boot type: Normal boot
13:45:53.0715 50360 ============================================================
13:45:54.0534 50360 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:45:54.0576 50360 Initialize success
13:49:14.0716 55164 ============================================================
13:49:14.0716 55164 Scan started
13:49:14.0716 55164 Mode: Manual;
13:49:14.0716 55164 ============================================================
13:49:15.0952 55164 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:49:15.0964 55164 1394ohci - ok
13:49:16.0156 55164 29974017 - ok
13:49:16.0216 55164 46006200 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\46006200.sys
13:49:16.0237 55164 46006200 - ok
13:49:16.0541 55164 56414066 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\56414066.sys
13:49:16.0553 55164 56414066 - ok
13:49:16.0658 55164 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:49:16.0665 55164 ACPI - ok
13:49:16.0768 55164 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:49:16.0775 55164 AcpiPmi - ok
13:49:16.0919 55164 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:49:16.0941 55164 adp94xx - ok
13:49:17.0047 55164 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:49:17.0057 55164 adpahci - ok
13:49:17.0155 55164 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:49:17.0161 55164 adpu320 - ok
13:49:17.0293 55164 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
13:49:17.0304 55164 AFD - ok
13:49:17.0403 55164 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:49:17.0408 55164 agp440 - ok
13:49:17.0532 55164 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:49:17.0536 55164 aliide - ok
13:49:17.0634 55164 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:49:17.0638 55164 amdide - ok
13:49:17.0730 55164 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:49:17.0735 55164 AmdK8 - ok
13:49:17.0819 55164 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:49:17.0823 55164 AmdPPM - ok
13:49:17.0938 55164 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:49:17.0945 55164 amdsata - ok
13:49:18.0065 55164 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:49:18.0072 55164 amdsbs - ok
13:49:18.0200 55164 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:49:18.0204 55164 amdxata - ok
13:49:18.0380 55164 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:49:18.0386 55164 AppID - ok
13:49:18.0591 55164 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:49:18.0596 55164 arc - ok
13:49:18.0692 55164 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:49:18.0697 55164 arcsas - ok
13:49:18.0795 55164 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:49:18.0807 55164 AsyncMac - ok
13:49:18.0915 55164 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:49:18.0918 55164 atapi - ok
13:49:19.0044 55164 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:49:19.0058 55164 b06bdrv - ok
13:49:19.0150 55164 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:49:19.0159 55164 b57nd60a - ok
13:49:19.0260 55164 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:49:19.0270 55164 Beep - ok
13:49:19.0366 55164 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:49:19.0370 55164 blbdrive - ok
13:49:19.0555 55164 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:49:19.0560 55164 bowser - ok
13:49:19.0658 55164 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys
13:49:19.0667 55164 bpenum - ok
13:49:19.0760 55164 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys
13:49:19.0771 55164 bpmp - ok
13:49:19.0862 55164 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys
13:49:19.0872 55164 bpusb - ok
13:49:19.0965 55164 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:49:19.0968 55164 BrFiltLo - ok
13:49:20.0060 55164 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:49:20.0064 55164 BrFiltUp - ok
13:49:20.0159 55164 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:49:20.0168 55164 Brserid - ok
13:49:20.0304 55164 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:49:20.0309 55164 BrSerWdm - ok
13:49:20.0453 55164 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:49:20.0457 55164 BrUsbMdm - ok
13:49:20.0544 55164 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:49:20.0548 55164 BrUsbSer - ok
13:49:20.0643 55164 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:49:20.0648 55164 BTHMODEM - ok
13:49:20.0770 55164 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:49:20.0786 55164 cdfs - ok
13:49:20.0903 55164 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
13:49:20.0912 55164 cdrom - ok
13:49:21.0010 55164 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:49:21.0015 55164 circlass - ok
13:49:21.0115 55164 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:49:21.0124 55164 CLFS - ok
13:49:21.0246 55164 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
13:49:21.0249 55164 clwvd - ok
13:49:21.0345 55164 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:49:21.0349 55164 CmBatt - ok
13:49:21.0440 55164 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:49:21.0443 55164 cmdide - ok
13:49:21.0569 55164 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:49:21.0583 55164 CNG - ok
13:49:21.0677 55164 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:49:21.0687 55164 Compbatt - ok
13:49:21.0806 55164 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:49:21.0812 55164 CompositeBus - ok
13:49:21.0908 55164 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:49:21.0911 55164 crcdisk - ok
13:49:22.0081 55164 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:49:22.0091 55164 DfsC - ok
13:49:22.0228 55164 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:49:22.0230 55164 discache - ok
13:49:22.0424 55164 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:49:22.0435 55164 Disk - ok
13:49:22.0553 55164 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:49:22.0556 55164 drmkaud - ok
13:49:22.0681 55164 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:49:22.0705 55164 DXGKrnl - ok
13:49:22.0879 55164 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:49:22.0971 55164 ebdrv - ok
13:49:23.0103 55164 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
13:49:23.0111 55164 ElbyCDIO - ok
13:49:23.0220 55164 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:49:23.0234 55164 elxstor - ok
13:49:23.0338 55164 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:49:23.0341 55164 ErrDev - ok
13:49:23.0437 55164 ETD (9d8739a2a2173c9d27c499a3fc6eda3f) C:\Windows\system32\DRIVERS\ETD.sys
13:49:23.0442 55164 ETD - ok
13:49:23.0556 55164 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:49:23.0575 55164 exfat - ok
13:49:23.0659 55164 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:49:23.0674 55164 fastfat - ok
13:49:23.0875 55164 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:49:23.0879 55164 fdc - ok
13:49:24.0104 55164 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:49:24.0116 55164 FileInfo - ok
13:49:24.0218 55164 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:49:24.0230 55164 Filetrace - ok
13:49:24.0322 55164 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:49:24.0326 55164 flpydisk - ok
13:49:24.0423 55164 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:49:24.0440 55164 FltMgr - ok
13:49:24.0543 55164 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:49:24.0554 55164 FsDepends - ok
13:49:24.0628 55164 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:49:24.0639 55164 Fs_Rec - ok
13:49:24.0793 55164 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:49:24.0799 55164 fvevol - ok
13:49:24.0887 55164 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:49:24.0892 55164 gagp30kx - ok
13:49:25.0001 55164 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:49:25.0006 55164 GEARAspiWDM - ok
13:49:25.0099 55164 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:49:25.0103 55164 hcw85cir - ok
13:49:25.0252 55164 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:49:25.0264 55164 HdAudAddService - ok
13:49:25.0380 55164 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:49:25.0383 55164 HDAudBus - ok
13:49:25.0474 55164 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:49:25.0478 55164 HidBatt - ok
13:49:25.0570 55164 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:49:25.0576 55164 HidBth - ok
13:49:25.0684 55164 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:49:25.0688 55164 HidIr - ok
13:49:25.0795 55164 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
13:49:25.0800 55164 HidUsb - ok
13:49:25.0919 55164 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:49:25.0927 55164 HpSAMD - ok
13:49:26.0047 55164 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:49:26.0063 55164 HTTP - ok
13:49:26.0152 55164 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:49:26.0153 55164 hwpolicy - ok
13:49:26.0281 55164 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:49:26.0286 55164 i8042prt - ok
13:49:26.0504 55164 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
13:49:26.0512 55164 iaStor - ok
13:49:26.0623 55164 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:49:26.0638 55164 iaStorV - ok
13:49:27.0072 55164 igfx (0ac9e321d604be48a0d72b69ba484bdc) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:49:27.0393 55164 igfx - ok
13:49:27.0504 55164 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:49:27.0508 55164 iirsp - ok
13:49:27.0676 55164 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys
13:49:27.0721 55164 IntcAzAudAddService - ok
13:49:27.0837 55164 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
13:49:27.0847 55164 IntcDAud - ok
13:49:27.0949 55164 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:49:27.0952 55164 intelide - ok
13:49:28.0047 55164 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:49:28.0049 55164 intelppm - ok
13:49:28.0147 55164 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:49:28.0152 55164 IpFilterDriver - ok
13:49:28.0349 55164 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:49:28.0355 55164 IPMIDRV - ok
13:49:28.0480 55164 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:49:28.0494 55164 IPNAT - ok
13:49:28.0618 55164 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:49:28.0629 55164 IRENUM - ok
13:49:28.0718 55164 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:49:28.0722 55164 isapnp - ok
13:49:28.0848 55164 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:49:28.0860 55164 iScsiPrt - ok
13:49:28.0961 55164 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:49:28.0964 55164 kbdclass - ok
13:49:29.0067 55164 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:49:29.0074 55164 kbdhid - ok
13:49:29.0206 55164 KL1 (8d7120743a0973ceab548b475c9d4289) C:\Windows\system32\DRIVERS\kl1.sys
13:49:29.0219 55164 KL1 - ok
13:49:29.0319 55164 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\Windows\system32\DRIVERS\kl2.sys
13:49:29.0323 55164 kl2 - ok
13:49:29.0443 55164 KLIF (c1786c2f8de0f62e076f7ef8dea4e87a) C:\Windows\system32\DRIVERS\klif.sys
13:49:29.0456 55164 KLIF - ok
13:49:29.0562 55164 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\Windows\system32\DRIVERS\klim6.sys
13:49:29.0567 55164 KLIM6 - ok
13:49:29.0657 55164 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
13:49:29.0662 55164 klmouflt - ok
13:49:29.0758 55164 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:49:29.0764 55164 KSecDD - ok
13:49:29.0878 55164 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:49:29.0885 55164 KSecPkg - ok
13:49:29.0981 55164 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:49:29.0994 55164 ksthunk - ok
13:49:30.0106 55164 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:49:30.0118 55164 lltdio - ok
13:49:30.0270 55164 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:49:30.0276 55164 LSI_FC - ok
13:49:30.0377 55164 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:49:30.0382 55164 LSI_SAS - ok
13:49:30.0519 55164 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:49:30.0524 55164 LSI_SAS2 - ok
13:49:30.0628 55164 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:49:30.0634 55164 LSI_SCSI - ok
13:49:30.0741 55164 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:49:30.0759 55164 luafv - ok
13:49:30.0848 55164 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:49:30.0852 55164 megasas - ok
13:49:30.0979 55164 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:49:30.0988 55164 MegaSR - ok
13:49:31.0085 55164 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
13:49:31.0088 55164 MEIx64 - ok
13:49:31.0190 55164 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:49:31.0202 55164 Modem - ok
13:49:31.0287 55164 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:49:31.0289 55164 monitor - ok
13:49:31.0403 55164 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
13:49:31.0406 55164 mouclass - ok
13:49:31.0507 55164 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:49:31.0519 55164 mouhid - ok
13:49:31.0616 55164 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:49:31.0619 55164 mountmgr - ok
13:49:31.0704 55164 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:49:31.0713 55164 mpio - ok
13:49:31.0809 55164 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:49:31.0821 55164 mpsdrv - ok
13:49:31.0920 55164 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:49:31.0929 55164 MRxDAV - ok
13:49:32.0032 55164 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:49:32.0038 55164 mrxsmb - ok
13:49:32.0146 55164 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:49:32.0155 55164 mrxsmb10 - ok
13:49:32.0274 55164 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:49:32.0279 55164 mrxsmb20 - ok
13:49:32.0350 55164 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:49:32.0353 55164 msahci - ok
13:49:32.0432 55164 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:49:32.0442 55164 msdsm - ok
13:49:32.0537 55164 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:49:32.0549 55164 Msfs - ok
13:49:32.0647 55164 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:49:32.0658 55164 mshidkmdf - ok
13:49:32.0756 55164 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:49:32.0759 55164 msisadrv - ok
13:49:32.0873 55164 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:49:32.0884 55164 MSKSSRV - ok
13:49:32.0979 55164 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:49:32.0990 55164 MSPCLOCK - ok
13:49:33.0121 55164 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:49:33.0133 55164 MSPQM - ok
13:49:33.0223 55164 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:49:33.0241 55164 MsRPC - ok
13:49:33.0339 55164 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:49:33.0340 55164 mssmbios - ok
13:49:33.0438 55164 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:49:33.0451 55164 MSTEE - ok
13:49:33.0540 55164 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:49:33.0543 55164 MTConfig - ok
13:49:33.0635 55164 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:49:33.0646 55164 Mup - ok
13:49:33.0790 55164 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:49:33.0809 55164 NativeWifiP - ok
13:49:34.0036 55164 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
13:49:34.0055 55164 NDIS - ok
13:49:34.0166 55164 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:49:34.0178 55164 NdisCap - ok
13:49:34.0309 55164 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:49:34.0321 55164 NdisTapi - ok
13:49:34.0425 55164 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:49:34.0434 55164 Ndisuio - ok
13:49:34.0561 55164 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:49:34.0571 55164 NdisWan - ok
13:49:34.0667 55164 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:49:34.0675 55164 NDProxy - ok
13:49:34.0765 55164 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:49:34.0777 55164 NetBIOS - ok
13:49:34.0872 55164 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:49:34.0879 55164 NetBT - ok
13:49:35.0197 55164 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\Windows\system32\DRIVERS\NETwNs64.sys
13:49:35.0421 55164 NETwNs64 - ok
13:49:35.0518 55164 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:49:35.0522 55164 nfrd960 - ok
13:49:35.0625 55164 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:49:35.0638 55164 Npfs - ok
13:49:35.0728 55164 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:49:35.0730 55164 nsiproxy - ok
13:49:35.0866 55164 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:49:35.0902 55164 Ntfs - ok
13:49:35.0987 55164 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:49:35.0999 55164 Null - ok
13:49:36.0084 55164 nusb3hub (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
13:49:36.0089 55164 nusb3hub - ok
13:49:36.0207 55164 nusb3xhc (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
13:49:36.0214 55164 nusb3xhc - ok
13:49:36.0703 55164 nvlddmkm (35afe139f5caae2c54ac3daf2f0da525) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:49:36.0894 55164 nvlddmkm - ok
13:49:36.0986 55164 nvpciflt (07a4df15e49f0875b633c39cbefae4ec) C:\Windows\system32\DRIVERS\nvpciflt.sys
13:49:36.0991 55164 nvpciflt - ok
13:49:37.0103 55164 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:49:37.0111 55164 nvraid - ok
13:49:37.0222 55164 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:49:37.0231 55164 nvstor - ok
13:49:37.0369 55164 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:49:37.0374 55164 nv_agp - ok
13:49:37.0477 55164 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:49:37.0484 55164 ohci1394 - ok
13:49:37.0602 55164 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:49:37.0607 55164 Parport - ok
13:49:37.0711 55164 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:49:37.0718 55164 partmgr - ok
13:49:37.0822 55164 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:49:37.0828 55164 pci - ok
13:49:37.0918 55164 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:49:37.0921 55164 pciide - ok
13:49:38.0020 55164 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:49:38.0028 55164 pcmcia - ok
13:49:38.0111 55164 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:49:38.0123 55164 pcw - ok
13:49:38.0317 55164 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:49:38.0341 55164 PEAUTH - ok
13:49:38.0543 55164 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:49:38.0550 55164 PptpMiniport - ok
13:49:38.0636 55164 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:49:38.0641 55164 Processor - ok
13:49:38.0761 55164 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:49:38.0765 55164 Psched - ok
13:49:38.0928 55164 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:49:38.0961 55164 ql2300 - ok
13:49:39.0186 55164 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:49:39.0192 55164 ql40xx - ok
13:49:39.0218 55164 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:49:39.0220 55164 QWAVEdrv - ok
13:49:39.0309 55164 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:49:39.0321 55164 RasAcd - ok
13:49:39.0414 55164 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:49:39.0425 55164 RasAgileVpn - ok
13:49:39.0535 55164 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:49:39.0545 55164 Rasl2tp - ok
13:49:39.0663 55164 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:49:39.0677 55164 RasPppoe - ok
13:49:39.0781 55164 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:49:39.0794 55164 RasSstp - ok
13:49:39.0887 55164 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:49:39.0906 55164 rdbss - ok
13:49:39.0990 55164 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:49:39.0994 55164 rdpbus - ok
13:49:40.0114 55164 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:49:40.0116 55164 RDPCDD - ok
13:49:40.0292 55164 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:49:40.0293 55164 RDPENCDD - ok
13:49:40.0392 55164 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:49:40.0393 55164 RDPREFMP - ok
13:49:40.0493 55164 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
13:49:40.0504 55164 RDPWD - ok
13:49:40.0606 55164 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:49:40.0623 55164 rdyboost - ok
13:49:40.0758 55164 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:49:40.0771 55164 rspndr - ok
13:49:40.0862 55164 RTL8167 (bfe0ef0c4c15820698f50ad73af5e35f) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:49:40.0872 55164 RTL8167 - ok
13:49:40.0951 55164 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\Windows\SysWOW64\drivers\rtport.sys
13:49:40.0956 55164 rtport - ok
13:49:41.0057 55164 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
13:49:41.0061 55164 SABI - ok
13:49:41.0167 55164 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:49:41.0175 55164 sbp2port - ok
13:49:41.0274 55164 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:49:41.0276 55164 scfilter - ok
13:49:41.0416 55164 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:49:41.0420 55164 secdrv - ok
13:49:41.0537 55164 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:49:41.0542 55164 Serenum - ok
13:49:41.0648 55164 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:49:41.0653 55164 Serial - ok
13:49:41.0766 55164 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:49:41.0770 55164 sermouse - ok
13:49:41.0883 55164 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:49:41.0890 55164 sffdisk - ok
13:49:41.0995 55164 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:49:42.0002 55164 sffp_mmc - ok
13:49:42.0096 55164 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:49:42.0103 55164 sffp_sd - ok
13:49:42.0237 55164 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:49:42.0241 55164 sfloppy - ok
13:49:42.0344 55164 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:49:42.0349 55164 SiSRaid2 - ok
13:49:42.0445 55164 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:49:42.0450 55164 SiSRaid4 - ok
13:49:42.0584 55164 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:49:42.0598 55164 Smb - ok
13:49:42.0704 55164 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:49:42.0715 55164 spldr - ok
13:49:42.0846 55164 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:49:42.0858 55164 srv - ok
13:49:42.0964 55164 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:49:42.0976 55164 srv2 - ok
13:49:43.0077 55164 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:49:43.0084 55164 srvnet - ok
13:49:43.0193 55164 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:49:43.0197 55164 stexstor - ok
13:49:43.0288 55164 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
13:49:43.0292 55164 StillCam - ok
13:49:43.0389 55164 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:49:43.0391 55164 swenum - ok
13:49:43.0579 55164 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:49:43.0621 55164 Tcpip - ok
13:49:43.0767 55164 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:49:43.0796 55164 TCPIP6 - ok
13:49:43.0886 55164 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:49:43.0898 55164 tcpipreg - ok
13:49:44.0019 55164 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:49:44.0031 55164 TDPIPE - ok
13:49:44.0114 55164 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:49:44.0126 55164 TDTCP - ok
13:49:44.0315 55164 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:49:44.0322 55164 tdx - ok
13:49:44.0417 55164 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:49:44.0421 55164 TermDD - ok
13:49:44.0574 55164 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:49:44.0583 55164 tssecsrv - ok
13:49:44.0673 55164 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:49:44.0679 55164 TsUsbFlt - ok
13:49:44.0782 55164 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:49:44.0788 55164 tunnel - ok
13:49:44.0898 55164 TurboB (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
13:49:44.0903 55164 TurboB - ok
13:49:45.0017 55164 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:49:45.0022 55164 uagp35 - ok
13:49:45.0120 55164 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:49:45.0132 55164 udfs - ok
13:49:45.0256 55164 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:49:45.0260 55164 uliagpkx - ok
13:49:45.0375 55164 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:49:45.0382 55164 umbus - ok
13:49:45.0497 55164 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:49:45.0501 55164 UmPass - ok
13:49:45.0607 55164 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:49:45.0611 55164 USBAAPL64 - ok
13:49:45.0715 55164 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:49:45.0722 55164 usbccgp - ok
13:49:45.0827 55164 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:49:45.0836 55164 usbcir - ok
13:49:45.0922 55164 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:49:45.0929 55164 usbehci - ok
13:49:46.0033 55164 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:49:46.0046 55164 usbhub - ok
13:49:46.0139 55164 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:49:46.0146 55164 usbohci - ok
13:49:46.0296 55164 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:49:46.0300 55164 usbprint - ok
13:49:46.0406 55164 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
13:49:46.0415 55164 USBSTOR - ok
13:49:46.0521 55164 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:49:46.0528 55164 usbuhci - ok
13:49:46.0641 55164 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
13:49:46.0651 55164 usbvideo - ok
13:49:46.0751 55164 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
13:49:46.0759 55164 VClone - ok
13:49:46.0868 55164 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:49:46.0871 55164 vdrvroot - ok
13:49:46.0978 55164 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:49:46.0982 55164 vga - ok
13:49:47.0068 55164 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:49:47.0079 55164 VgaSave - ok
13:49:47.0176 55164 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:49:47.0186 55164 vhdmp - ok
13:49:47.0286 55164 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:49:47.0289 55164 viaide - ok
13:49:47.0400 55164 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:49:47.0405 55164 volmgr - ok
13:49:47.0505 55164 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:49:47.0513 55164 volmgrx - ok
13:49:47.0609 55164 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:49:47.0618 55164 volsnap - ok
13:49:47.0717 55164 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:49:47.0733 55164 vsmraid - ok
13:49:47.0845 55164 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:49:47.0857 55164 vwifibus - ok
13:49:47.0939 55164 VWiFiFlt (13a0decd1794de60a8427862c8669d27) C:\Windows\system32\DRIVERS\vwififlt.sys
13:49:47.0943 55164 VWiFiFlt - ok
13:49:48.0039 55164 vwifimp (49003b357d101cdc474937437ecf5abc) C:\Windows\system32\DRIVERS\vwifimp.sys
13:49:48.0043 55164 vwifimp - ok
13:49:48.0154 55164 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:49:48.0167 55164 WacomPen - ok
13:49:48.0284 55164 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:49:48.0291 55164 WANARP - ok
13:49:48.0313 55164 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:49:48.0315 55164 Wanarpv6 - ok
13:49:48.0424 55164 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:49:48.0437 55164 Wd - ok
13:49:48.0555 55164 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:49:48.0580 55164 Wdf01000 - ok
13:49:48.0693 55164 wdkmd (94dc2bf6cbaaa95e369c3756d3115a76) C:\Windows\system32\DRIVERS\WDKMD.sys
13:49:48.0702 55164 wdkmd - ok
13:49:48.0833 55164 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:49:48.0846 55164 WfpLwf - ok
13:49:48.0951 55164 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:49:48.0963 55164 WIMMount - ok
13:49:49.0248 55164 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:49:49.0255 55164 WinUsb - ok
13:49:49.0383 55164 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:49:49.0384 55164 WmiAcpi - ok
13:49:49.0510 55164 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:49:49.0527 55164 ws2ifsl - ok
13:49:49.0640 55164 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:49:49.0646 55164 WudfPf - ok
13:49:49.0746 55164 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:49:49.0752 55164 WUDFRd - ok
13:49:49.0833 55164 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
13:49:50.0303 55164 \Device\Harddisk0\DR0 - ok
13:49:50.0320 55164 Boot (0x1200) (14ee1d9b767b8dca6e7adb960e470cb5) \Device\Harddisk0\DR0\Partition0
13:49:50.0322 55164 \Device\Harddisk0\DR0\Partition0 - ok
13:49:50.0338 55164 Boot (0x1200) (0d59d6025900bcd3f3ce24618fe9920f) \Device\Harddisk0\DR0\Partition1
13:49:50.0340 55164 \Device\Harddisk0\DR0\Partition1 - ok
13:49:50.0341 55164 ============================================================
13:49:50.0342 55164 Scan finished
13:49:50.0342 55164 ============================================================
13:49:50.0362 55156 Detected object count: 0
13:49:50.0362 55156 Actual detected object count: 0
13:49:57.0042 47360 Deinitialize success

#11 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 27 January 2012 - 04:56 PM

crap that one is from the 24th let me try and find the new one lol they all save to c:\

#12 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 27 January 2012 - 04:57 PM

oh wait that is just the date of the version lol

#13 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:02:02 PM

Posted 27 January 2012 - 04:59 PM

oh wait that is just the date of the version lol

Yes. :lol:
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#14 LordSlizzurp

LordSlizzurp
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:01:02 PM

Posted 27 January 2012 - 05:06 PM

DLing avast virus defintions

quick scan option?

#15 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:02:02 PM

Posted 27 January 2012 - 05:06 PM

Yes, use the quick scan.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users