Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware problem, rootkit? Trojan keeps coming back.


  • Please log in to reply
9 replies to this topic

#1 brknlappy

brknlappy

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 19 April 2012 - 04:05 PM

Seems like I am infected with some sort of malware, I've gone as far as I can alone, and I'm no expert with computers. Reformated my system after initial crash now still infected (or more likely reinfected), keeps making my system attempt to connect to 206.161.121.2,3,4,5 etc. , my research so far yields this is not a new problem in the virusphere, though no one seems to be saying anything more about it other than that they have the infection. Start ups and restarts often very buggy and crash a significant number of times, though when running mbam it just restarts to remove it and it comes right back after restart. mbam has gotten it down to one trojan and its memory process each time, though they come right back. Anyway I can be helped would be wonderful, thanks. Windows 7 OS. If I see any more crash logs, I'll try to catch the errors and add them in.

Edited by brknlappy, 19 April 2012 - 04:07 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 19 April 2012 - 04:22 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 brknlappy

brknlappy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 20 April 2012 - 03:23 PM

14:17:08.0774 5608 TDSS rootkit removing tool 2.7.30.0 Apr 19 2012 15:10:31
14:17:09.0264 5608 ============================================================
14:17:09.0264 5608 Current date / time: 2012/04/20 14:17:09.0264
14:17:09.0264 5608 SystemInfo:
14:17:09.0264 5608
14:17:09.0264 5608 OS Version: 6.1.7600 ServicePack: 0.0
14:17:09.0264 5608 Product type: Workstation
14:17:09.0264 5608 ComputerName: SEAN-PC
14:17:09.0264 5608 UserName: sean
14:17:09.0264 5608 Windows directory: C:\Windows
14:17:09.0264 5608 System windows directory: C:\Windows
14:17:09.0264 5608 Running under WOW64
14:17:09.0264 5608 Processor architecture: Intel x64
14:17:09.0264 5608 Number of processors: 4
14:17:09.0264 5608 Page size: 0x1000
14:17:09.0264 5608 Boot type: Normal boot
14:17:09.0264 5608 ============================================================
14:17:11.0174 5608 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:17:11.0184 5608 \Device\Harddisk0\DR0:
14:17:11.0184 5608 MBR partitions:
14:17:11.0184 5608 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:17:11.0184 5608 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4A825000
14:17:11.0194 5608 C: <-> \Device\Harddisk0\DR0\Partition1
14:17:11.0194 5608 Initialize success
14:17:11.0194 5608 ============================================================
14:17:55.0084 1760 ============================================================
14:17:55.0084 1760 Scan started
14:17:55.0084 1760 Mode: Manual; TDLFS;
14:17:55.0084 1760 ============================================================
14:17:56.0434 1760 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
14:17:56.0444 1760 !SASCORE - ok
14:17:56.0644 1760 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
14:17:56.0654 1760 1394ohci - ok
14:17:56.0674 1760 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
14:17:56.0684 1760 ACPI - ok
14:17:56.0704 1760 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
14:17:56.0704 1760 AcpiPmi - ok
14:17:56.0894 1760 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:17:56.0894 1760 AdobeFlashPlayerUpdateSvc - ok
14:17:56.0994 1760 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:17:57.0004 1760 adp94xx - ok
14:17:57.0034 1760 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:17:57.0044 1760 adpahci - ok
14:17:57.0054 1760 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:17:57.0054 1760 adpu320 - ok
14:17:57.0104 1760 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:17:57.0104 1760 AeLookupSvc - ok
14:17:57.0194 1760 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
14:17:57.0204 1760 AFD - ok
14:17:57.0284 1760 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
14:17:57.0284 1760 agp440 - ok
14:17:57.0334 1760 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:17:57.0344 1760 ALG - ok
14:17:57.0394 1760 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
14:17:57.0394 1760 aliide - ok
14:17:57.0404 1760 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
14:17:57.0404 1760 amdide - ok
14:17:57.0454 1760 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:17:57.0454 1760 AmdK8 - ok
14:17:57.0484 1760 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:17:57.0494 1760 AmdPPM - ok
14:17:57.0574 1760 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
14:17:57.0584 1760 amdsata - ok
14:17:57.0614 1760 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:17:57.0624 1760 amdsbs - ok
14:17:57.0704 1760 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
14:17:57.0704 1760 amdxata - ok
14:17:57.0764 1760 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:17:57.0764 1760 AppID - ok
14:17:57.0824 1760 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:17:57.0834 1760 AppIDSvc - ok
14:17:57.0854 1760 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
14:17:57.0854 1760 Appinfo - ok
14:17:57.0924 1760 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:17:57.0934 1760 AppMgmt - ok
14:17:57.0994 1760 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:17:58.0004 1760 arc - ok
14:17:58.0014 1760 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:17:58.0014 1760 arcsas - ok
14:17:58.0264 1760 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:17:58.0274 1760 aspnet_state - ok
14:17:58.0324 1760 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:17:58.0324 1760 AsyncMac - ok
14:17:58.0334 1760 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
14:17:58.0334 1760 atapi - ok
14:17:58.0414 1760 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:17:58.0434 1760 AudioEndpointBuilder - ok
14:17:58.0444 1760 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:17:58.0454 1760 AudioSrv - ok
14:17:58.0494 1760 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
14:17:58.0504 1760 AxInstSV - ok
14:17:58.0594 1760 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:17:58.0604 1760 b06bdrv - ok
14:17:58.0664 1760 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:17:58.0674 1760 b57nd60a - ok
14:17:58.0754 1760 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:17:58.0764 1760 BDESVC - ok
14:17:58.0784 1760 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:17:58.0784 1760 Beep - ok
14:17:58.0864 1760 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
14:17:58.0874 1760 BFE - ok
14:17:58.0924 1760 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
14:17:58.0934 1760 BITS - ok
14:17:59.0054 1760 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:17:59.0054 1760 blbdrive - ok
14:17:59.0124 1760 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:17:59.0124 1760 bowser - ok
14:17:59.0194 1760 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:17:59.0204 1760 BrFiltLo - ok
14:17:59.0214 1760 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:17:59.0214 1760 BrFiltUp - ok
14:17:59.0374 1760 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
14:17:59.0384 1760 Browser - ok
14:17:59.0484 1760 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:17:59.0494 1760 Brserid - ok
14:17:59.0504 1760 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:17:59.0514 1760 BrSerWdm - ok
14:17:59.0524 1760 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:17:59.0524 1760 BrUsbMdm - ok
14:17:59.0534 1760 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:17:59.0534 1760 BrUsbSer - ok
14:17:59.0544 1760 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:17:59.0554 1760 BTHMODEM - ok
14:17:59.0614 1760 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:17:59.0614 1760 bthserv - ok
14:17:59.0644 1760 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:17:59.0654 1760 cdfs - ok
14:17:59.0724 1760 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:17:59.0724 1760 cdrom - ok
14:17:59.0794 1760 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:17:59.0804 1760 CertPropSvc - ok
14:17:59.0834 1760 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:17:59.0844 1760 circlass - ok
14:17:59.0894 1760 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:17:59.0904 1760 CLFS - ok
14:18:00.0034 1760 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:18:00.0034 1760 clr_optimization_v2.0.50727_32 - ok
14:18:00.0134 1760 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:18:00.0144 1760 clr_optimization_v2.0.50727_64 - ok
14:18:00.0294 1760 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:18:00.0304 1760 clr_optimization_v4.0.30319_32 - ok
14:18:00.0414 1760 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:18:00.0414 1760 clr_optimization_v4.0.30319_64 - ok
14:18:00.0574 1760 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:18:00.0574 1760 CmBatt - ok
14:18:00.0594 1760 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
14:18:00.0594 1760 cmdide - ok
14:18:00.0654 1760 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
14:18:00.0664 1760 CNG - ok
14:18:00.0704 1760 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:18:00.0704 1760 Compbatt - ok
14:18:00.0734 1760 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:18:00.0744 1760 CompositeBus - ok
14:18:00.0754 1760 COMSysApp - ok
14:18:00.0794 1760 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:18:00.0794 1760 crcdisk - ok
14:18:00.0864 1760 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
14:18:00.0864 1760 CryptSvc - ok
14:18:00.0894 1760 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
14:18:00.0904 1760 CSC - ok
14:18:00.0934 1760 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
14:18:00.0944 1760 CscService - ok
14:18:01.0034 1760 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:18:01.0044 1760 DcomLaunch - ok
14:18:01.0114 1760 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:18:01.0124 1760 defragsvc - ok
14:18:01.0224 1760 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:18:01.0224 1760 DfsC - ok
14:18:01.0284 1760 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
14:18:01.0294 1760 Dhcp - ok
14:18:01.0344 1760 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:18:01.0344 1760 discache - ok
14:18:01.0404 1760 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:18:01.0404 1760 Disk - ok
14:18:01.0474 1760 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
14:18:01.0474 1760 Dnscache - ok
14:18:01.0534 1760 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
14:18:01.0544 1760 dot3svc - ok
14:18:01.0584 1760 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
14:18:01.0584 1760 DPS - ok
14:18:01.0714 1760 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:18:01.0714 1760 drmkaud - ok
14:18:01.0794 1760 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
14:18:01.0804 1760 DXGKrnl - ok
14:18:01.0864 1760 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:18:01.0864 1760 EapHost - ok
14:18:02.0034 1760 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:18:02.0064 1760 ebdrv - ok
14:18:02.0164 1760 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
14:18:02.0164 1760 EFS - ok
14:18:02.0244 1760 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
14:18:02.0254 1760 ehRecvr - ok
14:18:02.0314 1760 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:18:02.0334 1760 ehSched - ok
14:18:02.0454 1760 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:18:02.0474 1760 elxstor - ok
14:18:02.0494 1760 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
14:18:02.0494 1760 ErrDev - ok
14:18:02.0534 1760 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:18:02.0544 1760 EventSystem - ok
14:18:02.0734 1760 EvtEng (64d25284a4e9d11ca0722af3f30fd970) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:18:02.0744 1760 EvtEng - ok
14:18:02.0854 1760 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:18:02.0864 1760 exfat - ok
14:18:02.0884 1760 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:18:02.0894 1760 fastfat - ok
14:18:02.0964 1760 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
14:18:02.0984 1760 Fax - ok
14:18:02.0994 1760 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:18:02.0994 1760 fdc - ok
14:18:03.0044 1760 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:18:03.0044 1760 fdPHost - ok
14:18:03.0064 1760 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:18:03.0064 1760 FDResPub - ok
14:18:03.0074 1760 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:18:03.0074 1760 FileInfo - ok
14:18:03.0094 1760 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:18:03.0094 1760 Filetrace - ok
14:18:03.0104 1760 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:18:03.0104 1760 flpydisk - ok
14:18:03.0134 1760 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:18:03.0144 1760 FltMgr - ok
14:18:03.0214 1760 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
14:18:03.0224 1760 FontCache - ok
14:18:03.0384 1760 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:18:03.0384 1760 FontCache3.0.0.0 - ok
14:18:03.0444 1760 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:18:03.0454 1760 FsDepends - ok
14:18:03.0524 1760 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
14:18:03.0524 1760 Fs_Rec - ok
14:18:03.0554 1760 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:18:03.0564 1760 fvevol - ok
14:18:03.0624 1760 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:18:03.0624 1760 gagp30kx - ok
14:18:03.0674 1760 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
14:18:03.0694 1760 gpsvc - ok
14:18:03.0704 1760 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:18:03.0714 1760 hcw85cir - ok
14:18:03.0784 1760 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:18:03.0794 1760 HdAudAddService - ok
14:18:03.0834 1760 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:18:03.0844 1760 HDAudBus - ok
14:18:03.0874 1760 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:18:03.0874 1760 HidBatt - ok
14:18:03.0884 1760 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:18:03.0894 1760 HidBth - ok
14:18:03.0904 1760 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:18:03.0914 1760 HidIr - ok
14:18:03.0934 1760 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
14:18:03.0944 1760 hidserv - ok
14:18:03.0964 1760 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:18:03.0964 1760 HidUsb - ok
14:18:04.0014 1760 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
14:18:04.0014 1760 hkmsvc - ok
14:18:04.0044 1760 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
14:18:04.0054 1760 HomeGroupListener - ok
14:18:04.0084 1760 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
14:18:04.0084 1760 HomeGroupProvider - ok
14:18:04.0104 1760 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:18:04.0104 1760 HpSAMD - ok
14:18:04.0154 1760 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:18:04.0164 1760 HTTP - ok
14:18:04.0174 1760 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:18:04.0174 1760 hwpolicy - ok
14:18:04.0204 1760 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:18:04.0204 1760 i8042prt - ok
14:18:04.0274 1760 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
14:18:04.0284 1760 iaStorV - ok
14:18:04.0434 1760 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:18:04.0454 1760 idsvc - ok
14:18:04.0804 1760 igfx (10bb0dc3361c9420cc1b0b2128bb89db) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:18:05.0074 1760 igfx - ok
14:18:05.0304 1760 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:18:05.0314 1760 iirsp - ok
14:18:05.0504 1760 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
14:18:05.0534 1760 IKEEXT - ok
14:18:05.0754 1760 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys
14:18:05.0794 1760 IntcAzAudAddService - ok
14:18:05.0904 1760 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
14:18:05.0914 1760 IntcDAud - ok
14:18:05.0944 1760 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:18:05.0944 1760 intelide - ok
14:18:05.0974 1760 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:18:05.0974 1760 intelppm - ok
14:18:06.0024 1760 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:18:06.0034 1760 IPBusEnum - ok
14:18:06.0054 1760 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:18:06.0054 1760 IpFilterDriver - ok
14:18:06.0084 1760 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
14:18:06.0094 1760 iphlpsvc - ok
14:18:06.0104 1760 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:18:06.0114 1760 IPMIDRV - ok
14:18:06.0114 1760 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:18:06.0124 1760 IPNAT - ok
14:18:06.0174 1760 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:18:06.0174 1760 IRENUM - ok
14:18:06.0194 1760 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:18:06.0194 1760 isapnp - ok
14:18:06.0234 1760 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:18:06.0234 1760 iScsiPrt - ok
14:18:06.0264 1760 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:18:06.0264 1760 kbdclass - ok
14:18:06.0294 1760 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:18:06.0294 1760 kbdhid - ok
14:18:06.0344 1760 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:18:06.0344 1760 KeyIso - ok
14:18:06.0364 1760 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
14:18:06.0364 1760 KSecDD - ok
14:18:06.0404 1760 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
14:18:06.0414 1760 KSecPkg - ok
14:18:06.0424 1760 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:18:06.0424 1760 ksthunk - ok
14:18:06.0454 1760 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:18:06.0454 1760 KtmRm - ok
14:18:06.0554 1760 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
14:18:06.0574 1760 LanmanServer - ok
14:18:06.0654 1760 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
14:18:06.0654 1760 LanmanWorkstation - ok
14:18:06.0784 1760 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:18:06.0784 1760 lltdio - ok
14:18:06.0814 1760 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:18:06.0824 1760 lltdsvc - ok
14:18:06.0844 1760 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:18:06.0854 1760 lmhosts - ok
14:18:06.0884 1760 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:18:06.0894 1760 LSI_FC - ok
14:18:06.0904 1760 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:18:06.0904 1760 LSI_SAS - ok
14:18:06.0914 1760 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:18:06.0914 1760 LSI_SAS2 - ok
14:18:06.0954 1760 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:18:06.0954 1760 LSI_SCSI - ok
14:18:06.0984 1760 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:18:06.0984 1760 luafv - ok
14:18:07.0054 1760 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
14:18:07.0054 1760 MBAMProtector - ok
14:18:07.0164 1760 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:18:07.0174 1760 MBAMService - ok
14:18:07.0214 1760 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
14:18:07.0214 1760 Mcx2Svc - ok
14:18:07.0254 1760 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:18:07.0254 1760 megasas - ok
14:18:07.0264 1760 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:18:07.0274 1760 MegaSR - ok
14:18:07.0294 1760 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:18:07.0304 1760 MMCSS - ok
14:18:07.0324 1760 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:18:07.0324 1760 Modem - ok
14:18:07.0354 1760 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:18:07.0354 1760 monitor - ok
14:18:07.0374 1760 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:18:07.0374 1760 mouclass - ok
14:18:07.0434 1760 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:18:07.0434 1760 mouhid - ok
14:18:07.0474 1760 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:18:07.0474 1760 mountmgr - ok
14:18:07.0484 1760 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:18:07.0494 1760 mpio - ok
14:18:07.0524 1760 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:18:07.0534 1760 mpsdrv - ok
14:18:07.0564 1760 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
14:18:07.0584 1760 MpsSvc - ok
14:18:07.0614 1760 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:18:07.0614 1760 MRxDAV - ok
14:18:07.0664 1760 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:18:07.0674 1760 mrxsmb - ok
14:18:07.0734 1760 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:18:07.0744 1760 mrxsmb10 - ok
14:18:07.0764 1760 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:18:07.0774 1760 mrxsmb20 - ok
14:18:07.0824 1760 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
14:18:07.0824 1760 msahci - ok
14:18:07.0844 1760 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:18:07.0844 1760 msdsm - ok
14:18:07.0864 1760 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:18:07.0864 1760 MSDTC - ok
14:18:07.0914 1760 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:18:07.0914 1760 Msfs - ok
14:18:07.0974 1760 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:18:07.0974 1760 mshidkmdf - ok
14:18:07.0984 1760 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:18:07.0984 1760 msisadrv - ok
14:18:08.0044 1760 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:18:08.0054 1760 MSiSCSI - ok
14:18:08.0064 1760 msiserver - ok
14:18:08.0104 1760 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:18:08.0104 1760 MSKSSRV - ok
14:18:08.0164 1760 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:18:08.0164 1760 MSPCLOCK - ok
14:18:08.0184 1760 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:18:08.0184 1760 MSPQM - ok
14:18:08.0204 1760 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:18:08.0204 1760 MsRPC - ok
14:18:08.0224 1760 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:18:08.0224 1760 mssmbios - ok
14:18:08.0244 1760 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:18:08.0244 1760 MSTEE - ok
14:18:08.0254 1760 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:18:08.0254 1760 MTConfig - ok
14:18:08.0264 1760 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:18:08.0264 1760 Mup - ok
14:18:08.0494 1760 MyWiFiDHCPDNS (e3b58e3011b207c5289d11173b30e298) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:18:08.0494 1760 MyWiFiDHCPDNS - ok
14:18:08.0584 1760 NanoServiceMain (a830e59f98827943686e90bf79fc96fa) C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
14:18:08.0584 1760 NanoServiceMain - ok
14:18:08.0684 1760 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
14:18:08.0684 1760 napagent - ok
14:18:08.0784 1760 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:18:08.0784 1760 NativeWifiP - ok
14:18:08.0854 1760 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:18:08.0864 1760 NDIS - ok
14:18:08.0974 1760 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:18:09.0014 1760 NdisCap - ok
14:18:09.0074 1760 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:18:09.0084 1760 NdisTapi - ok
14:18:09.0144 1760 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:18:09.0144 1760 Ndisuio - ok
14:18:09.0154 1760 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:18:09.0164 1760 NdisWan - ok
14:18:09.0174 1760 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:18:09.0174 1760 NDProxy - ok
14:18:09.0174 1760 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:18:09.0184 1760 NetBIOS - ok
14:18:09.0194 1760 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:18:09.0194 1760 NetBT - ok
14:18:09.0264 1760 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:18:09.0264 1760 Netlogon - ok
14:18:09.0334 1760 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:18:09.0344 1760 Netman - ok
14:18:09.0624 1760 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:09.0624 1760 NetMsmqActivator - ok
14:18:09.0654 1760 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:09.0654 1760 NetPipeActivator - ok
14:18:09.0714 1760 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:18:09.0724 1760 netprofm - ok
14:18:09.0734 1760 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:09.0734 1760 NetTcpActivator - ok
14:18:09.0744 1760 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:18:09.0744 1760 NetTcpPortSharing - ok
14:18:10.0084 1760 NETwNs64 (b51e9ad4f4e4f8dbe0ab882756bc5dab) C:\Windows\system32\DRIVERS\NETwNs64.sys
14:18:10.0344 1760 NETwNs64 - ok
14:18:10.0494 1760 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:18:10.0494 1760 nfrd960 - ok
14:18:10.0574 1760 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
14:18:10.0584 1760 NlaSvc - ok
14:18:10.0604 1760 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:18:10.0604 1760 Npfs - ok
14:18:10.0614 1760 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:18:10.0624 1760 nsi - ok
14:18:10.0624 1760 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:18:10.0634 1760 nsiproxy - ok
14:18:10.0724 1760 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
14:18:10.0754 1760 Ntfs - ok
14:18:10.0774 1760 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:18:10.0784 1760 Null - ok
14:18:10.0844 1760 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
14:18:10.0844 1760 nvraid - ok
14:18:10.0884 1760 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
14:18:10.0894 1760 nvstor - ok
14:18:10.0944 1760 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
14:18:10.0944 1760 nv_agp - ok
14:18:10.0964 1760 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:18:10.0974 1760 ohci1394 - ok
14:18:11.0004 1760 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:18:11.0014 1760 p2pimsvc - ok
14:18:11.0054 1760 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:18:11.0064 1760 p2psvc - ok
14:18:11.0094 1760 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:18:11.0104 1760 Parport - ok
14:18:11.0114 1760 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
14:18:11.0124 1760 partmgr - ok
14:18:11.0144 1760 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:18:11.0154 1760 PcaSvc - ok
14:18:11.0164 1760 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:18:11.0164 1760 pci - ok
14:18:11.0174 1760 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:18:11.0174 1760 pciide - ok
14:18:11.0194 1760 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:18:11.0204 1760 pcmcia - ok
14:18:11.0214 1760 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:18:11.0214 1760 pcw - ok
14:18:11.0244 1760 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:18:11.0254 1760 PEAUTH - ok
14:18:11.0294 1760 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:18:11.0304 1760 PeerDistSvc - ok
14:18:11.0364 1760 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:18:11.0374 1760 PerfHost - ok
14:18:11.0544 1760 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
14:18:11.0574 1760 pla - ok
14:18:11.0714 1760 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
14:18:11.0724 1760 PlugPlay - ok
14:18:11.0774 1760 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:18:11.0774 1760 PNRPAutoReg - ok
14:18:11.0814 1760 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:18:11.0824 1760 PNRPsvc - ok
14:18:11.0874 1760 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
14:18:11.0884 1760 PolicyAgent - ok
14:18:11.0934 1760 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:18:11.0934 1760 Power - ok
14:18:12.0024 1760 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:18:12.0034 1760 PptpMiniport - ok
14:18:12.0084 1760 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:18:12.0084 1760 Processor - ok
14:18:12.0134 1760 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
14:18:12.0134 1760 ProfSvc - ok
14:18:12.0194 1760 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:18:12.0194 1760 ProtectedStorage - ok
14:18:12.0254 1760 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:18:12.0254 1760 Psched - ok
14:18:12.0304 1760 PSINAflt (bf6b640239be2c28a6bb43adc658fb7f) C:\Windows\system32\DRIVERS\PSINAflt.sys
14:18:12.0314 1760 PSINAflt - ok
14:18:12.0334 1760 PSINFile (2377f49c39725ed0021d75136fb0f746) C:\Windows\system32\DRIVERS\PSINFile.sys
14:18:12.0334 1760 PSINFile - ok
14:18:12.0344 1760 PSINKNC (a90f546b4f49122115768bc94bc81c04) C:\Windows\system32\DRIVERS\psinknc.sys
14:18:12.0344 1760 PSINKNC - ok
14:18:12.0354 1760 PSINProc (f8d7465cdd2a4ecae761ba8a0577d151) C:\Windows\system32\DRIVERS\PSINProc.sys
14:18:12.0354 1760 PSINProc - ok
14:18:12.0384 1760 PSINProt (076254556b4b03ade385619ff33e2f6b) C:\Windows\system32\DRIVERS\PSINProt.sys
14:18:12.0384 1760 PSINProt - ok
14:18:12.0434 1760 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:18:12.0454 1760 ql2300 - ok
14:18:12.0464 1760 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:18:12.0464 1760 ql40xx - ok
14:18:12.0504 1760 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:18:12.0514 1760 QWAVE - ok
14:18:12.0534 1760 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:18:12.0544 1760 QWAVEdrv - ok
14:18:12.0554 1760 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:18:12.0554 1760 RasAcd - ok
14:18:12.0614 1760 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:18:12.0624 1760 RasAgileVpn - ok
14:18:12.0654 1760 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:18:12.0654 1760 RasAuto - ok
14:18:12.0674 1760 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:18:12.0684 1760 Rasl2tp - ok
14:18:12.0744 1760 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
14:18:12.0744 1760 RasMan - ok
14:18:12.0754 1760 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:18:12.0764 1760 RasPppoe - ok
14:18:12.0784 1760 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:18:12.0784 1760 RasSstp - ok
14:18:12.0804 1760 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:18:12.0814 1760 rdbss - ok
14:18:12.0824 1760 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:18:12.0824 1760 rdpbus - ok
14:18:12.0844 1760 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:18:12.0844 1760 RDPCDD - ok
14:18:12.0864 1760 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
14:18:12.0874 1760 RDPDR - ok
14:18:12.0894 1760 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:18:12.0904 1760 RDPENCDD - ok
14:18:12.0914 1760 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:18:12.0914 1760 RDPREFMP - ok
14:18:12.0964 1760 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
14:18:12.0964 1760 RDPWD - ok
14:18:13.0004 1760 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:18:13.0004 1760 rdyboost - ok
14:18:13.0164 1760 RegSrvc (f3af2b43f35dbb3a0eb9feeec7d62217) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:18:13.0164 1760 RegSrvc - ok
14:18:13.0194 1760 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:18:13.0194 1760 RemoteAccess - ok
14:18:13.0234 1760 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:18:13.0244 1760 RemoteRegistry - ok
14:18:13.0264 1760 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:18:13.0264 1760 RpcEptMapper - ok
14:18:13.0294 1760 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:18:13.0294 1760 RpcLocator - ok
14:18:13.0314 1760 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:18:13.0324 1760 RpcSs - ok
14:18:13.0414 1760 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:18:13.0414 1760 rspndr - ok
14:18:13.0504 1760 RTL8167 (ea5532868ba76923d75bcb2a1448d810) C:\Windows\system32\DRIVERS\Rt64win7.sys
14:18:13.0514 1760 RTL8167 - ok
14:18:13.0544 1760 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
14:18:13.0544 1760 s3cap - ok
14:18:13.0614 1760 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:18:13.0614 1760 SamSs - ok
14:18:13.0744 1760 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
14:18:13.0744 1760 SASDIFSV - ok
14:18:13.0764 1760 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
14:18:13.0764 1760 SASKUTIL - ok
14:18:13.0824 1760 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
14:18:13.0824 1760 sbp2port - ok
14:18:13.0854 1760 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:18:13.0864 1760 SCardSvr - ok
14:18:13.0864 1760 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:18:13.0874 1760 scfilter - ok
14:18:13.0954 1760 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
14:18:13.0974 1760 Schedule - ok
14:18:14.0004 1760 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:18:14.0004 1760 SCPolicySvc - ok
14:18:14.0194 1760 ScrybeUpdater (b60e9769655ddee8368e3abb6668e076) C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
14:18:14.0214 1760 ScrybeUpdater - ok
14:18:14.0294 1760 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
14:18:14.0304 1760 SDRSVC - ok
14:18:14.0384 1760 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:18:14.0394 1760 secdrv - ok
14:18:14.0404 1760 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
14:18:14.0414 1760 seclogon - ok
14:18:14.0464 1760 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
14:18:14.0464 1760 SENS - ok
14:18:14.0474 1760 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:18:14.0484 1760 SensrSvc - ok
14:18:14.0514 1760 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:18:14.0514 1760 Serenum - ok
14:18:14.0554 1760 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:18:14.0554 1760 Serial - ok
14:18:14.0574 1760 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:18:14.0574 1760 sermouse - ok
14:18:14.0594 1760 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
14:18:14.0594 1760 SessionEnv - ok
14:18:14.0604 1760 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
14:18:14.0604 1760 sffdisk - ok
14:18:14.0614 1760 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:18:14.0614 1760 sffp_mmc - ok
14:18:14.0654 1760 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:18:14.0654 1760 sffp_sd - ok
14:18:14.0664 1760 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:18:14.0664 1760 sfloppy - ok
14:18:14.0714 1760 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:18:14.0724 1760 SharedAccess - ok
14:18:14.0754 1760 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
14:18:14.0764 1760 ShellHWDetection - ok
14:18:14.0824 1760 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:18:14.0824 1760 SiSRaid2 - ok
14:18:14.0834 1760 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:18:14.0844 1760 SiSRaid4 - ok
14:18:14.0904 1760 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:18:14.0904 1760 Smb - ok
14:18:14.0964 1760 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:18:14.0964 1760 SNMPTRAP - ok
14:18:14.0984 1760 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:18:14.0984 1760 spldr - ok
14:18:15.0034 1760 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
14:18:15.0044 1760 Spooler - ok
14:18:15.0174 1760 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
14:18:15.0254 1760 sppsvc - ok
14:18:15.0334 1760 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:18:15.0334 1760 sppuinotify - ok
14:18:15.0384 1760 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:18:15.0394 1760 srv - ok
14:18:15.0414 1760 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:18:15.0424 1760 srv2 - ok
14:18:15.0474 1760 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:18:15.0474 1760 srvnet - ok
14:18:15.0554 1760 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:18:15.0564 1760 SSDPSRV - ok
14:18:15.0584 1760 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:18:15.0584 1760 SstpSvc - ok
14:18:15.0644 1760 Steam Client Service - ok
14:18:15.0694 1760 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:18:15.0694 1760 stexstor - ok
14:18:15.0764 1760 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
14:18:15.0784 1760 stisvc - ok
14:18:15.0824 1760 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
14:18:15.0834 1760 storflt - ok
14:18:15.0844 1760 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
14:18:15.0844 1760 storvsc - ok
14:18:15.0854 1760 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:18:15.0854 1760 swenum - ok
14:18:15.0894 1760 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:18:15.0894 1760 swprv - ok
14:18:16.0024 1760 SynTP (8df6c536ece3b538978b53c223ab905d) C:\Windows\system32\DRIVERS\SynTP.sys
14:18:16.0054 1760 SynTP - ok
14:18:16.0124 1760 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
14:18:16.0144 1760 SysMain - ok
14:18:16.0154 1760 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
14:18:16.0164 1760 TabletInputService - ok
14:18:16.0184 1760 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
14:18:16.0194 1760 TapiSrv - ok
14:18:16.0214 1760 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:18:16.0224 1760 TBS - ok
14:18:16.0314 1760 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
14:18:16.0334 1760 Tcpip - ok
14:18:16.0484 1760 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
14:18:16.0494 1760 TCPIP6 - ok
14:18:16.0604 1760 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:18:16.0604 1760 tcpipreg - ok
14:18:16.0634 1760 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:18:16.0634 1760 TDPIPE - ok
14:18:16.0684 1760 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
14:18:16.0684 1760 TDTCP - ok
14:18:16.0694 1760 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:18:16.0704 1760 tdx - ok
14:18:16.0704 1760 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
14:18:16.0714 1760 TermDD - ok
14:18:16.0774 1760 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
14:18:16.0774 1760 TermService - ok
14:18:16.0794 1760 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:18:16.0794 1760 Themes - ok
14:18:16.0814 1760 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:18:16.0814 1760 THREADORDER - ok
14:18:16.0834 1760 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:18:16.0844 1760 TrkWks - ok
14:18:16.0894 1760 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
14:18:16.0894 1760 TrustedInstaller - ok
14:18:16.0964 1760 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:18:16.0964 1760 tssecsrv - ok
14:18:17.0024 1760 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:18:17.0024 1760 tunnel - ok
14:18:17.0044 1760 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:18:17.0044 1760 uagp35 - ok
14:18:17.0064 1760 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
14:18:17.0074 1760 udfs - ok
14:18:17.0114 1760 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:18:17.0124 1760 UI0Detect - ok
14:18:17.0174 1760 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:18:17.0174 1760 uliagpkx - ok
14:18:17.0204 1760 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:18:17.0214 1760 umbus - ok
14:18:17.0224 1760 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:18:17.0234 1760 UmPass - ok
14:18:17.0264 1760 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
14:18:17.0274 1760 UmRdpService - ok
14:18:17.0294 1760 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:18:17.0304 1760 upnphost - ok
14:18:17.0364 1760 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
14:18:17.0374 1760 usbccgp - ok
14:18:17.0394 1760 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
14:18:17.0394 1760 usbcir - ok
14:18:17.0434 1760 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
14:18:17.0454 1760 usbehci - ok
14:18:17.0504 1760 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
14:18:17.0514 1760 usbhub - ok
14:18:17.0574 1760 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
14:18:17.0584 1760 usbohci - ok
14:18:17.0644 1760 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:18:17.0644 1760 usbprint - ok
14:18:17.0694 1760 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
14:18:17.0704 1760 USBSTOR - ok
14:18:17.0734 1760 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
14:18:17.0744 1760 usbuhci - ok
14:18:17.0804 1760 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
14:18:17.0814 1760 usbvideo - ok
14:18:17.0834 1760 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:18:17.0844 1760 UxSms - ok
14:18:17.0904 1760 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:18:17.0904 1760 VaultSvc - ok
14:18:17.0974 1760 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:18:17.0984 1760 vdrvroot - ok
14:18:18.0014 1760 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
14:18:18.0034 1760 vds - ok
14:18:18.0044 1760 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:18:18.0044 1760 vga - ok
14:18:18.0054 1760 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:18:18.0064 1760 VgaSave - ok
14:18:18.0084 1760 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
14:18:18.0084 1760 vhdmp - ok
14:18:18.0094 1760 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
14:18:18.0094 1760 viaide - ok
14:18:18.0114 1760 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
14:18:18.0114 1760 vmbus - ok
14:18:18.0124 1760 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
14:18:18.0124 1760 VMBusHID - ok
14:18:18.0144 1760 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
14:18:18.0144 1760 volmgr - ok
14:18:18.0164 1760 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:18:18.0164 1760 volmgrx - ok
14:18:18.0184 1760 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
14:18:18.0184 1760 volsnap - ok
14:18:18.0214 1760 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:18:18.0214 1760 vsmraid - ok
14:18:18.0294 1760 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
14:18:18.0314 1760 VSS - ok
14:18:18.0334 1760 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:18:18.0334 1760 vwifibus - ok
14:18:18.0464 1760 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:18:18.0474 1760 vwififlt - ok
14:18:18.0484 1760 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:18:18.0484 1760 vwifimp - ok
14:18:18.0544 1760 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:18:18.0554 1760 W32Time - ok
14:18:18.0584 1760 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:18:18.0584 1760 WacomPen - ok
14:18:18.0644 1760 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:18:18.0654 1760 WANARP - ok
14:18:18.0664 1760 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:18:18.0664 1760 Wanarpv6 - ok
14:18:18.0724 1760 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
14:18:18.0734 1760 WatAdminSvc - ok
14:18:18.0794 1760 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
14:18:18.0814 1760 wbengine - ok
14:18:18.0824 1760 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:18:18.0824 1760 WbioSrvc - ok
14:18:18.0884 1760 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
14:18:18.0884 1760 wcncsvc - ok
14:18:18.0894 1760 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:18:18.0894 1760 WcsPlugInService - ok
14:18:18.0954 1760 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:18:18.0954 1760 Wd - ok
14:18:18.0994 1760 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:18:19.0004 1760 Wdf01000 - ok
14:18:19.0024 1760 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:18:19.0024 1760 WdiServiceHost - ok
14:18:19.0034 1760 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:18:19.0044 1760 WdiSystemHost - ok
14:18:19.0094 1760 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
14:18:19.0094 1760 WebClient - ok
14:18:19.0134 1760 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:18:19.0144 1760 Wecsvc - ok
14:18:19.0164 1760 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:18:19.0164 1760 wercplsupport - ok
14:18:19.0214 1760 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:18:19.0214 1760 WerSvc - ok
14:18:19.0304 1760 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:18:19.0304 1760 WfpLwf - ok
14:18:19.0344 1760 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:18:19.0344 1760 WIMMount - ok
14:18:19.0404 1760 WinDefend - ok
14:18:19.0424 1760 WinHttpAutoProxySvc - ok
14:18:19.0504 1760 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:18:19.0504 1760 Winmgmt - ok
14:18:19.0584 1760 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
14:18:19.0604 1760 WinRM - ok
14:18:19.0694 1760 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:18:19.0704 1760 Wlansvc - ok
14:18:19.0944 1760 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:18:19.0974 1760 wlidsvc - ok
14:18:20.0044 1760 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:18:20.0054 1760 WmiAcpi - ok
14:18:20.0104 1760 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:18:20.0114 1760 wmiApSrv - ok
14:18:20.0154 1760 WMPNetworkSvc - ok
14:18:20.0184 1760 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:18:20.0194 1760 WPCSvc - ok
14:18:20.0234 1760 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
14:18:20.0234 1760 WPDBusEnum - ok
14:18:20.0374 1760 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:18:20.0394 1760 ws2ifsl - ok
14:18:20.0614 1760 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
14:18:20.0624 1760 wscsvc - ok
14:18:20.0774 1760 WSearch - ok
14:18:20.0944 1760 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
14:18:20.0974 1760 wuauserv - ok
14:18:21.0224 1760 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:18:21.0234 1760 WudfPf - ok
14:18:21.0344 1760 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:18:21.0344 1760 WUDFRd - ok
14:18:21.0394 1760 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
14:18:21.0404 1760 wudfsvc - ok
14:18:21.0424 1760 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:18:21.0454 1760 WwanSvc - ok
14:18:21.0944 1760 ZeroConfigService (74713cb32792f9c7632daa7da22ca974) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
14:18:21.0954 1760 ZeroConfigService - ok
14:18:22.0104 1760 MBR (0x1B8) (0f84f2562620c40d8a3e1908c8075675) \Device\Harddisk0\DR0
14:18:22.0214 1760 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
14:18:22.0214 1760 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
14:18:22.0274 1760 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:18:22.0274 1760 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:18:22.0284 1760 Boot (0x1200) (30cb99260b6660a687259c811bf18959) \Device\Harddisk0\DR0\Partition0
14:18:22.0284 1760 \Device\Harddisk0\DR0\Partition0 - ok
14:18:22.0304 1760 Boot (0x1200) (09a1feeaea5393de6444aa03e78b49f9) \Device\Harddisk0\DR0\Partition1
14:18:22.0314 1760 \Device\Harddisk0\DR0\Partition1 - ok
14:18:22.0314 1760 ============================================================
14:18:22.0314 1760 Scan finished
14:18:22.0314 1760 ============================================================
14:18:22.0324 4732 Detected object count: 2
14:18:22.0324 4732 Actual detected object count: 2
14:18:55.0134 4732 \Device\Harddisk0\DR0\# - copied to quarantine
14:18:55.0134 4732 \Device\Harddisk0\DR0 - copied to quarantine
14:18:55.0174 4732 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
14:18:55.0174 4732 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
14:18:55.0214 4732 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
14:18:55.0224 4732 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
14:18:55.0224 4732 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
14:18:55.0234 4732 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
14:18:55.0234 4732 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
14:18:55.0234 4732 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
14:18:55.0244 4732 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
14:18:55.0244 4732 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
14:18:55.0254 4732 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
14:18:55.0254 4732 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
14:18:55.0284 4732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
14:18:55.0284 4732 \Device\Harddisk0\DR0 - ok
14:18:55.0324 4732 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
14:18:55.0334 4732 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:18:55.0334 4732 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
14:18:59.0444 3204 Deinitialize success

#4 brknlappy

brknlappy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 20 April 2012 - 03:36 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-20 14:24:16
-----------------------------
14:24:16.804 OS Version: Windows x64 6.1.7600
14:24:16.804 Number of processors: 4 586 0x2A07
14:24:16.804 ComputerName: SEAN-PC UserName: sean
14:24:18.504 Initialize success
14:25:07.366 AVAST engine defs: 12042001
14:25:24.324 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
14:25:24.324 Disk 0 Vendor: SAMSUNG_HM641JI 2AJ10002 Size: 610480MB BusType: 11
14:25:24.339 Disk 0 MBR read successfully
14:25:24.355 Disk 0 MBR scan
14:25:24.355 Disk 0 Windows 7 default MBR code
14:25:24.370 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:25:24.386 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 610378 MB offset 206848
14:25:24.417 Disk 0 scanning C:\Windows\system32\drivers
14:25:35.380 Service scanning
14:25:56.754 Modules scanning
14:25:56.770 Disk 0 trace - called modules:
14:25:56.816 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
14:25:56.826 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800475c060]
14:25:57.167 3 CLASSPNP.SYS[fffff8800188743f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004173060]
14:25:58.649 AVAST engine scan C:\Windows
14:26:03.616 AVAST engine scan C:\Windows\system32
14:29:58.653 AVAST engine scan C:\Windows\system32\drivers
14:30:17.778 AVAST engine scan C:\Users\sean
14:33:58.568 AVAST engine scan C:\ProgramData
14:34:17.089 Scan finished successfully
14:35:38.162 Disk 0 MBR has been saved successfully to "C:\Users\sean\Desktop\MBR.dat"
14:35:38.168 The log file has been saved successfully to "C:\Users\sean\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 20 April 2012 - 08:14 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#6 brknlappy

brknlappy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 20 April 2012 - 09:55 PM

C:\TDSSKiller_Quarantine\20.04.2012_14.17.09\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.04.2012_14.17.09\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.04.2012_14.17.09\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.04.2012_14.17.09\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AF trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.04.2012_14.17.09\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\20.04.2012_14.17.09\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache6742783526870047136.tmp Java/Exploit.CVE-2012-0507.O trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache9020324465131860732.tmp Java/Exploit.CVE-2012-0507.O trojan cleaned by deleting - quarantined
C:\Windows\Temp\jar_cache9072007701059421722.tmp Java/Exploit.CVE-2012-0507.R trojan cleaned by deleting - quarantined

#7 brknlappy

brknlappy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 20 April 2012 - 09:59 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by sean (administrator) on 20-04-2012 at 20:57:04
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 validation.sls.microsoft.com

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 6150 = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : sean-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 40-25-C2-2A-E5-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 40-25-C2-2A-E5-35
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 6150
Physical Address. . . . . . . . . : 40-25-C2-2A-E5-34
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::10aa:6346:e61e:83c2%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, April 20, 2012 2:20:13 PM
Lease Expires . . . . . . . . . . : Saturday, April 21, 2012 7:36:45 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 322971074
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-1B-CC-9C-E8-11-32-5C-28-E7
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E8-11-32-5C-28-E7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3C0EE8AA-5460-4F54-B954-CBC47D6376A8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:208e:1e8a:3f57:fefb(Preferred)
Link-local IPv6 Address . . . . . : fe80::208e:1e8a:3f57:fefb%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{B091F7EE-1F0A-4023-A0A1-09FC52903C8B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E843777F-3BB4-45A5-A208-25A4569A53EC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.105
74.125.227.110
74.125.227.102
74.125.227.97
74.125.227.100
74.125.227.99
74.125.227.101
74.125.227.104
74.125.227.98
74.125.227.96
74.125.227.103


Pinging google.com [74.125.227.110] with 32 bytes of data:
Reply from 74.125.227.110: bytes=32 time=63ms TTL=48
Reply from 74.125.227.110: bytes=32 time=65ms TTL=48

Ping statistics for 74.125.227.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 63ms, Maximum = 65ms, Average = 64ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=51ms TTL=48
Reply from 72.30.38.140: bytes=32 time=75ms TTL=48

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 51ms, Maximum = 75ms, Average = 63ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 4ms, Average = 3ms
===========================================================================
Interface List
15...40 25 c2 2a e5 35 ......Microsoft Virtual WiFi Miniport Adapter #2
14...40 25 c2 2a e5 35 ......Microsoft Virtual WiFi Miniport Adapter
13...40 25 c2 2a e5 34 ......Intel® Centrino® Wireless-N 6150
11...e8 11 32 5c 28 e7 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:208e:1e8a:3f57:fefb/128
On-link
13 281 fe80::/64 On-link
12 306 fe80::/64 On-link
13 281 fe80::10aa:6346:e61e:83c2/128
On-link
12 306 fe80::208e:1e8a:3f57:fefb/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/20/2012 08:17:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/20/2012 08:17:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/20/2012 08:17:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (04/20/2012 07:22:06 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).

Error: (04/19/2012 03:28:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: MSHTML.dll, version: 9.0.8112.16441, time stamp: 0x4ee81830
Exception code: 0xc00000fd
Fault offset: 0x002feb42
Faulting process id: 0x9ec
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (04/19/2012 01:33:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49d10
Exception code: 0xc0000374
Fault offset: 0x000ce903
Faulting process id: 0x1058
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (04/19/2012 01:30:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49d10
Exception code: 0xc0000374
Fault offset: 0x000ce903
Faulting process id: 0xc58
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (04/19/2012 00:26:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49d10
Exception code: 0xc0000374
Fault offset: 0x000ce903
Faulting process id: 0xd94
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (04/19/2012 00:24:21 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c5
Faulting module name: ntdll.dll, version: 6.1.7600.16915, time stamp: 0x4ec49d10
Exception code: 0xc0000374
Fault offset: 0x000ce903
Faulting process id: 0xbe0
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (04/19/2012 10:03:26 AM) (Source: Application Error) (User: )
Description: Faulting application name: ScrybeUpdater.exe, version: 1.0.13.0, time stamp: 0x4cfe6fd7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x72be6a34
Faulting process id: 0x6b8
Faulting application start time: 0xScrybeUpdater.exe0
Faulting application path: ScrybeUpdater.exe1
Faulting module path: ScrybeUpdater.exe2
Report Id: ScrybeUpdater.exe3


System errors:
=============
Error: (04/20/2012 07:22:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2679255).

Error: (04/20/2012 07:22:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2556532).

Error: (04/19/2012 01:50:00 PM) (Source: BugCheck) (User: )
Description: 0x0000000a (0x000000000000268b, 0x0000000000000002, 0x0000000000000001, 0xfffff80002c54045)C:\Windows\MEMORY.DMP041912-46347-01

Error: (04/19/2012 01:49:54 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:47:56 PM on ?4/?19/?2012 was unexpected.

Error: (04/19/2012 01:34:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2679255).

Error: (04/19/2012 01:33:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2556532).

Error: (04/19/2012 10:06:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16405

Error: (04/19/2012 10:03:29 AM) (Source: Service Control Manager) (User: )
Description: The Scrybe Updater service terminated unexpectedly. It has done this 1 time(s).

Error: (04/19/2012 10:01:41 AM) (Source: BugCheck) (User: )
Description: 0x00000050 (0xfffff8a000712000, 0x0000000000000000, 0xfffff80002cc510a, 0x0000000000000000)C:\Windows\MEMORY.DMP041912-28298-01

Error: (04/19/2012 09:27:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.


Microsoft Office Sessions:
=========================
Error: (04/20/2012 08:17:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\sean\Downloads\esetsmartinstaller_enu.exe

Error: (04/20/2012 08:17:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\sean\Downloads\esetsmartinstaller_enu.exe

Error: (04/20/2012 08:17:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\sean\Downloads\esetsmartinstaller_enu.exe

Error: (04/20/2012 07:22:06 AM) (Source: System Restore)(User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (04/19/2012 03:28:58 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5MSHTML.dll9.0.8112.164414ee81830c00000fd002feb429ec01cd1e65bba96eaa\\.\globalroot\systemroot\svchost.exeC:\Windows\system32\MSHTML.dllac3a570a-8a66-11e1-a5bb-e811325c28e7

Error: (04/19/2012 01:33:28 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5ntdll.dll6.1.7600.169154ec49d10c0000374000ce903105801cd1e63112aac5a\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\ntdll.dll89450172-8a56-11e1-9b58-e811325c28e7

Error: (04/19/2012 01:30:24 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5ntdll.dll6.1.7600.169154ec49d10c0000374000ce903c5801cd1e628f531ce8\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\ntdll.dll1b7c6731-8a56-11e1-9b58-e811325c28e7

Error: (04/19/2012 00:26:45 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5ntdll.dll6.1.7600.169154ec49d10c0000374000ce903d9401cd1e59c2333809\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\ntdll.dll37b388d6-8a4d-11e1-b5fa-e811325c28e7

Error: (04/19/2012 00:24:21 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c5ntdll.dll6.1.7600.169154ec49d10c0000374000ce903be001cd1e597905aa5d\\.\globalroot\systemroot\svchost.exeC:\Windows\SysWOW64\ntdll.dlle1602167-8a4c-11e1-b5fa-e811325c28e7

Error: (04/19/2012 10:03:26 AM) (Source: Application Error)(User: )
Description: ScrybeUpdater.exe1.0.13.04cfe6fd7unknown0.0.0.000000000c000000572be6a346b801cd1e45b852169aC:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exeunknown31e76380-8a39-11e1-9d2b-e811325c28e7


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Atheros Client Installation Program (Version: 9.0)
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
Intel PROSet Wireless
Intel® Processor Graphics (Version: 8.15.10.2462)
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642)
Java™ 6 Update 20 (Version: 6.0.200)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
MSVCRT (Version: 15.4.2862.0708)
Panda Cloud Antivirus (Version: 1.05.02.0000)
Panda Cloud Antivirus (Version: 1.5.2)
Realtek Ethernet Controller Driver (Version: 7.40.126.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6400)
Sophos Virus Removal Tool (Version: 2.0)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.0.1146)
Synaptics Gesture Suite featuring SYNAPTICS | Scrybe (Version: 1.6.5.17120)
Synaptics Pointing Device Driver (Version: 15.2.20.0)
Terraria
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 4010.67 MB
Available physical RAM: 2366.85 MB
Total Pagefile: 8019.49 MB
Available Pagefile: 6285.49 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.17 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:596.07 GB) (Free:537.57 GB) NTFS

========================= Users: ========================================

User accounts for \\SEAN-PC

Administrator Guest sean


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 20 April 2012 - 10:55 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 brknlappy

brknlappy
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:49 AM

Posted 21 April 2012 - 10:27 AM

Awesome, I've done everything per your instruction, and I would say things seem to be back to the proper functioning status, thank you so very much, I was dead in the water without your assistance. Keep up the good fight.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 21 April 2012 - 10:51 AM

You're welcome :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users