Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect virus


  • Please log in to reply
16 replies to this topic

#1 chrisstorment

chrisstorment

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 21 April 2012 - 02:45 AM

Hello I'm running windows 7 64bit pro and I recently got a nasty virus that I finally seem to have gotten rid of.
Initially while running IE9 I got numerous windows claiming that I had a hard disk problem funny since I have an SSD, until it completely lock up the computer and lost my entire desktop and link to all of the programs.
In safe mode I ran Malwarebytes anti-malware and next Superantispyware.
This left me to find all of my missing program shortcuts.
Finally got everything working again except that I still have this lingering Google redirect (I even loaded up a new version of firefox and got the same redirect).
Based on several of your posts I fixed my Hosts file and got rid of several added lines so that is now back to normal for win 7 with all line items preceded with a #.
So IE9 works for all of my favorites and links within web sites etc. except when doing a search in google or bing I get the return of the search terms ok but when I link to one of the search items I get redirected to some new site and if I persist in trying this several times IE9 crashes and sometimes the computer reboots.
I use google searching alot and need to get this cleared up.
I have run Hijack this and have the log file but not sure how you need it sent over
Cut and paste
or attach file if so how do I attach the log
Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:21 PM

Posted 21 April 2012 - 08:51 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 21 April 2012 - 07:39 PM

Thank you for you fast reply!

I have run the TDSSkiller
It found 2 trojans and remove one but skipped the other
Rebooted and ran Superantispyware
It found 2 trojans called the Trojan agent/gen-kryptik and remove them and rebooted again
Ran TDSSkiller again save the log file
Ran aswMBR and saved logfile
I now have 2 log files for you to review but can't see how to attach the files
Please let me know how to post an attachment here

#4 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 21 April 2012 - 08:01 PM

Ignore the last question on how to post an attachment looks like everyone just pastes right in to the reply

Here is the log files from TDSSkiller

15:57:30.0781 2500 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
15:57:31.0271 2500 ============================================================
15:57:31.0271 2500 Current date / time: 2012/04/21 15:57:31.0271
15:57:31.0271 2500 SystemInfo:
15:57:31.0271 2500
15:57:31.0271 2500 OS Version: 6.1.7601 ServicePack: 1.0
15:57:31.0271 2500 Product type: Workstation
15:57:31.0271 2500 ComputerName: BLACKMONOLITH
15:57:31.0271 2500 UserName: Chris
15:57:31.0271 2500 Windows directory: C:\Windows
15:57:31.0271 2500 System windows directory: C:\Windows
15:57:31.0271 2500 Running under WOW64
15:57:31.0271 2500 Processor architecture: Intel x64
15:57:31.0271 2500 Number of processors: 8
15:57:31.0271 2500 Page size: 0x1000
15:57:31.0271 2500 Boot type: Normal boot
15:57:31.0271 2500 ============================================================
15:57:31.0401 2500 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:57:31.0421 2500 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:57:31.0451 2500 \Device\Harddisk0\DR0:
15:57:31.0451 2500 MBR partitions:
15:57:31.0451 2500 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:57:31.0451 2500 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCBBAB0
15:57:31.0451 2500 \Device\Harddisk1\DR1:
15:57:31.0451 2500 MBR partitions:
15:57:31.0451 2500 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:57:31.0451 2500 C: <-> \Device\Harddisk0\DR0\Partition1
15:57:31.0471 2500 H: <-> \Device\Harddisk1\DR1\Partition0
15:57:31.0471 2500 Initialize success
15:57:31.0471 2500 ============================================================
15:57:39.0211 0800 ============================================================
15:57:39.0211 0800 Scan started
15:57:39.0211 0800 Mode: Manual; TDLFS;
15:57:39.0211 0800 ============================================================
15:57:39.0431 0800 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
15:57:39.0431 0800 !SASCORE - ok
15:57:39.0451 0800 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
15:57:39.0451 0800 1394ohci - ok
15:57:39.0461 0800 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:57:39.0461 0800 ACDaemon - ok
15:57:39.0481 0800 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:57:39.0481 0800 ACPI - ok
15:57:39.0491 0800 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:57:39.0491 0800 AcpiPmi - ok
15:57:39.0501 0800 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:57:39.0501 0800 Adobe LM Service - ok
15:57:39.0581 0800 Adobe Version Cue CS2 (41d15ead554396bf35b7c5246ad47a28) H:\HDD Program Files\Adobe Version Cue CS2\bin\VersionCueCS2.exe
15:57:39.0581 0800 Adobe Version Cue CS2 - ok
15:57:39.0591 0800 AdobeFlashPlayerUpdateSvc - ok
15:57:39.0611 0800 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:57:39.0621 0800 adp94xx - ok
15:57:39.0641 0800 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:57:39.0641 0800 adpahci - ok
15:57:39.0661 0800 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:57:39.0661 0800 adpu320 - ok
15:57:39.0671 0800 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:57:39.0671 0800 AeLookupSvc - ok
15:57:39.0701 0800 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:57:39.0701 0800 AFD - ok
15:57:39.0721 0800 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:57:39.0721 0800 agp440 - ok
15:57:39.0731 0800 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:57:39.0731 0800 ALG - ok
15:57:39.0751 0800 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:57:39.0751 0800 aliide - ok
15:57:39.0771 0800 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:57:39.0771 0800 amdide - ok
15:57:39.0781 0800 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:57:39.0781 0800 AmdK8 - ok
15:57:39.0801 0800 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:57:39.0801 0800 AmdPPM - ok
15:57:39.0821 0800 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:57:39.0821 0800 amdsata - ok
15:57:39.0841 0800 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:57:39.0841 0800 amdsbs - ok
15:57:39.0861 0800 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:57:39.0861 0800 amdxata - ok
15:57:39.0871 0800 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:57:39.0871 0800 AppID - ok
15:57:39.0891 0800 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:57:39.0891 0800 AppIDSvc - ok
15:57:39.0901 0800 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:57:39.0901 0800 Appinfo - ok
15:57:39.0911 0800 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:57:39.0911 0800 Apple Mobile Device - ok
15:57:39.0932 0800 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
15:57:39.0932 0800 AppMgmt - ok
15:57:39.0942 0800 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:57:39.0952 0800 arc - ok
15:57:39.0962 0800 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:57:39.0962 0800 arcsas - ok
15:57:39.0982 0800 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:57:39.0982 0800 aspnet_state - ok
15:57:39.0992 0800 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:57:39.0992 0800 AsyncMac - ok
15:57:40.0012 0800 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:57:40.0012 0800 atapi - ok
15:57:40.0032 0800 atksgt (09149d03629a44f4773e621c432d1d89) C:\Windows\system32\DRIVERS\atksgt.sys
15:57:40.0032 0800 atksgt - ok
15:57:40.0062 0800 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:57:40.0062 0800 AudioEndpointBuilder - ok
15:57:40.0072 0800 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:57:40.0082 0800 AudioSrv - ok
15:57:40.0092 0800 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:57:40.0092 0800 AxInstSV - ok
15:57:40.0112 0800 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:57:40.0122 0800 b06bdrv - ok
15:57:40.0142 0800 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:57:40.0142 0800 b57nd60a - ok
15:57:40.0162 0800 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:57:40.0162 0800 BDESVC - ok
15:57:40.0172 0800 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:57:40.0172 0800 Beep - ok
15:57:40.0202 0800 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:57:40.0212 0800 BFE - ok
15:57:40.0232 0800 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:57:40.0232 0800 BITS - ok
15:57:40.0252 0800 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:57:40.0252 0800 blbdrive - ok
15:57:40.0252 0800 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:57:40.0262 0800 Bonjour Service - ok
15:57:40.0272 0800 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:57:40.0272 0800 bowser - ok
15:57:40.0282 0800 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:57:40.0292 0800 BrFiltLo - ok
15:57:40.0302 0800 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:57:40.0302 0800 BrFiltUp - ok
15:57:40.0322 0800 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:57:40.0322 0800 Browser - ok
15:57:40.0342 0800 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:57:40.0342 0800 Brserid - ok
15:57:40.0362 0800 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:57:40.0362 0800 BrSerWdm - ok
15:57:40.0372 0800 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:57:40.0372 0800 BrUsbMdm - ok
15:57:40.0392 0800 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:57:40.0392 0800 BrUsbSer - ok
15:57:40.0412 0800 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
15:57:40.0412 0800 BTHMODEM - ok
15:57:40.0422 0800 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:57:40.0422 0800 bthserv - ok
15:57:40.0442 0800 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:57:40.0442 0800 cdfs - ok
15:57:40.0462 0800 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
15:57:40.0462 0800 cdrom - ok
15:57:40.0472 0800 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:57:40.0472 0800 CertPropSvc - ok
15:57:40.0492 0800 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:57:40.0492 0800 circlass - ok
15:57:40.0512 0800 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:57:40.0512 0800 CLFS - ok
15:57:40.0522 0800 CLHNServiceForPowerDVD (43f2e10c73f8b9119ad396830a264fd3) C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
15:57:40.0522 0800 CLHNServiceForPowerDVD - ok
15:57:40.0532 0800 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:57:40.0532 0800 clr_optimization_v2.0.50727_32 - ok
15:57:40.0532 0800 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:57:40.0542 0800 clr_optimization_v2.0.50727_64 - ok
15:57:40.0552 0800 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:57:40.0552 0800 clr_optimization_v4.0.30319_32 - ok
15:57:40.0562 0800 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:57:40.0562 0800 clr_optimization_v4.0.30319_64 - ok
15:57:40.0582 0800 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:57:40.0582 0800 CmBatt - ok
15:57:40.0592 0800 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:57:40.0592 0800 cmdide - ok
15:57:40.0612 0800 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
15:57:40.0612 0800 CNG - ok
15:57:40.0632 0800 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:57:40.0632 0800 Compbatt - ok
15:57:40.0652 0800 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
15:57:40.0652 0800 CompositeBus - ok
15:57:40.0662 0800 COMSysApp - ok
15:57:40.0682 0800 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:57:40.0682 0800 crcdisk - ok
15:57:40.0682 0800 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
15:57:40.0692 0800 Creative ALchemy AL6 Licensing Service - ok
15:57:40.0692 0800 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
15:57:40.0692 0800 Creative Audio Engine Licensing Service - ok
15:57:40.0712 0800 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
15:57:40.0712 0800 CryptSvc - ok
15:57:40.0732 0800 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
15:57:40.0732 0800 CSC - ok
15:57:40.0752 0800 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
15:57:40.0752 0800 CscService - ok
15:57:40.0772 0800 CT20XUT (148c9c111291c41d6b2abfb6fbb43856) C:\Windows\system32\drivers\CT20XUT.SYS
15:57:40.0772 0800 CT20XUT - ok
15:57:40.0792 0800 CT20XUT.SYS (148c9c111291c41d6b2abfb6fbb43856) C:\Windows\System32\drivers\CT20XUT.SYS
15:57:40.0792 0800 CT20XUT.SYS - ok
15:57:40.0802 0800 ctac32k (397fbd4454e5b2fb77e55d1013df548c) C:\Windows\system32\drivers\ctac32k.sys
15:57:40.0812 0800 ctac32k - ok
15:57:40.0832 0800 ctaud2k (50a8cd4df066fe57d0c473a2645988cc) C:\Windows\system32\drivers\ctaud2k.sys
15:57:40.0832 0800 ctaud2k - ok
15:57:40.0842 0800 CTAudSvcService (5ce3d0e1d1b3832ee052cfc442eee0fa) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
15:57:40.0842 0800 CTAudSvcService - ok
15:57:40.0862 0800 CTEXFIFX (6f9c3c6c78f5296f4bc7102fb0f7cb65) C:\Windows\system32\drivers\CTEXFIFX.SYS
15:57:40.0872 0800 CTEXFIFX - ok
15:57:40.0892 0800 CTEXFIFX.SYS (6f9c3c6c78f5296f4bc7102fb0f7cb65) C:\Windows\System32\drivers\CTEXFIFX.SYS
15:57:40.0892 0800 CTEXFIFX.SYS - ok
15:57:40.0912 0800 CTHWIUT (ae78ca7ee865a28ac841211db655acf3) C:\Windows\system32\drivers\CTHWIUT.SYS
15:57:40.0912 0800 CTHWIUT - ok
15:57:40.0932 0800 CTHWIUT.SYS (ae78ca7ee865a28ac841211db655acf3) C:\Windows\System32\drivers\CTHWIUT.SYS
15:57:40.0932 0800 CTHWIUT.SYS - ok
15:57:40.0952 0800 ctprxy2k (757776e207ca5e71e4a16bd1260ae1f2) C:\Windows\system32\drivers\ctprxy2k.sys
15:57:40.0952 0800 ctprxy2k - ok
15:57:40.0972 0800 ctsfm2k (9b111ee2f488a8d9c21a13ed4c777795) C:\Windows\system32\drivers\ctsfm2k.sys
15:57:40.0972 0800 ctsfm2k - ok
15:57:40.0982 0800 CyberLink PowerDVD 11.0 Monitor Service (a5809b65f018a42afe8847135c124b0d) C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
15:57:40.0982 0800 CyberLink PowerDVD 11.0 Monitor Service - ok
15:57:40.0992 0800 CyberLink PowerDVD 11.0 Service (1e3bf6bcecd39809546f3c161e293da2) C:\Program Files (x86)\Cyberlink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
15:57:40.0992 0800 CyberLink PowerDVD 11.0 Service - ok
15:57:41.0052 0800 DAUpdaterSvc (914a7156b0c0f10be645a02e13f576b2) H:\HDD Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
15:57:41.0052 0800 DAUpdaterSvc - ok
15:57:41.0072 0800 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:57:41.0072 0800 DcomLaunch - ok
15:57:41.0092 0800 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:57:41.0092 0800 defragsvc - ok
15:57:41.0102 0800 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:57:41.0102 0800 DfsC - ok
15:57:41.0122 0800 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:57:41.0122 0800 Dhcp - ok
15:57:41.0132 0800 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:57:41.0132 0800 discache - ok
15:57:41.0152 0800 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:57:41.0152 0800 Disk - ok
15:57:41.0162 0800 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
15:57:41.0162 0800 dmvsc - ok
15:57:41.0182 0800 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:57:41.0182 0800 Dnscache - ok
15:57:41.0202 0800 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:57:41.0202 0800 dot3svc - ok
15:57:41.0212 0800 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:57:41.0222 0800 DPS - ok
15:57:41.0232 0800 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:57:41.0232 0800 drmkaud - ok
15:57:41.0262 0800 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:57:41.0262 0800 DXGKrnl - ok
15:57:41.0282 0800 e1cexpress (471612d324d8682b98b267bd091d2219) C:\Windows\system32\DRIVERS\e1c62x64.sys
15:57:41.0282 0800 e1cexpress - ok
15:57:41.0302 0800 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:57:41.0302 0800 EapHost - ok
15:57:41.0352 0800 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:57:41.0362 0800 ebdrv - ok
15:57:41.0382 0800 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:57:41.0382 0800 EFS - ok
15:57:41.0392 0800 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:57:41.0392 0800 ehRecvr - ok
15:57:41.0402 0800 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:57:41.0402 0800 ehSched - ok
15:57:41.0412 0800 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:57:41.0422 0800 elxstor - ok
15:57:41.0432 0800 emupia (683dcaf0d4efc3f95a32e8924849202d) C:\Windows\system32\drivers\emupia2k.sys
15:57:41.0442 0800 emupia - ok
15:57:41.0452 0800 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:57:41.0452 0800 ErrDev - ok
15:57:41.0472 0800 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:57:41.0472 0800 EventSystem - ok
15:57:41.0492 0800 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:57:41.0492 0800 exfat - ok
15:57:41.0502 0800 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:57:41.0512 0800 fastfat - ok
15:57:41.0522 0800 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:57:41.0522 0800 Fax - ok
15:57:41.0542 0800 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:57:41.0542 0800 fdc - ok
15:57:41.0562 0800 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:57:41.0562 0800 fdPHost - ok
15:57:41.0572 0800 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:57:41.0572 0800 FDResPub - ok
15:57:41.0592 0800 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:57:41.0592 0800 FileInfo - ok
15:57:41.0612 0800 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:57:41.0612 0800 Filetrace - ok
15:57:41.0622 0800 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:57:41.0622 0800 flpydisk - ok
15:57:41.0642 0800 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:57:41.0642 0800 FltMgr - ok
15:57:41.0672 0800 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:57:41.0672 0800 FontCache - ok
15:57:41.0682 0800 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:57:41.0682 0800 FontCache3.0.0.0 - ok
15:57:41.0702 0800 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:57:41.0702 0800 FsDepends - ok
15:57:41.0722 0800 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:57:41.0722 0800 Fs_Rec - ok
15:57:41.0742 0800 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:57:41.0742 0800 fvevol - ok
15:57:41.0752 0800 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:57:41.0752 0800 gagp30kx - ok
15:57:41.0772 0800 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:57:41.0772 0800 GEARAspiWDM - ok
15:57:41.0792 0800 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:57:41.0802 0800 gpsvc - ok
15:57:41.0812 0800 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:41.0812 0800 gupdate - ok
15:57:41.0812 0800 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:57:41.0812 0800 gupdatem - ok
15:57:41.0842 0800 ha20x22k (076f366b87575adc7d152c7a34acb3dc) C:\Windows\system32\drivers\ha20x22k.sys
15:57:41.0862 0800 ha20x22k - ok
15:57:41.0892 0800 ha20x2k (4a7533eb52dc9d1847e7f78dee1ce322) C:\Windows\system32\drivers\ha20x2k.sys
15:57:41.0892 0800 ha20x2k - ok
15:57:41.0912 0800 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:57:41.0912 0800 hcw85cir - ok
15:57:41.0932 0800 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:57:41.0932 0800 HdAudAddService - ok
15:57:41.0952 0800 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
15:57:41.0952 0800 HDAudBus - ok
15:57:41.0962 0800 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:57:41.0962 0800 HidBatt - ok
15:57:41.0982 0800 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:57:41.0982 0800 HidBth - ok
15:57:42.0002 0800 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:57:42.0002 0800 HidIr - ok
15:57:42.0012 0800 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:57:42.0012 0800 hidserv - ok
15:57:42.0032 0800 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
15:57:42.0032 0800 HidUsb - ok
15:57:42.0052 0800 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:57:42.0052 0800 hkmsvc - ok
15:57:42.0062 0800 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:57:42.0072 0800 HomeGroupListener - ok
15:57:42.0082 0800 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:57:42.0082 0800 HomeGroupProvider - ok
15:57:42.0102 0800 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:57:42.0102 0800 HpSAMD - ok
15:57:42.0122 0800 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:57:42.0132 0800 HTTP - ok
15:57:42.0152 0800 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:57:42.0152 0800 hwpolicy - ok
15:57:42.0162 0800 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:57:42.0162 0800 i8042prt - ok
15:57:42.0192 0800 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:57:42.0192 0800 iaStorV - ok
15:57:42.0202 0800 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:57:42.0202 0800 IDriverT - ok
15:57:42.0212 0800 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:57:42.0212 0800 idsvc - ok
15:57:42.0332 0800 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:57:42.0362 0800 igfx - ok
15:57:42.0372 0800 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:57:42.0372 0800 iirsp - ok
15:57:42.0392 0800 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:57:42.0392 0800 IKEEXT - ok
15:57:42.0412 0800 IntcAzAudAddService - ok
15:57:42.0422 0800 Intel® PROSet Monitoring Service (7a3f838f2d7c8fd8e8cff480384a798c) C:\Windows\system32\IProsetMonitor.exe
15:57:42.0432 0800 Intel® PROSet Monitoring Service - ok
15:57:42.0442 0800 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:57:42.0442 0800 intelide - ok
15:57:42.0462 0800 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:57:42.0462 0800 intelppm - ok
15:57:42.0472 0800 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:57:42.0482 0800 IPBusEnum - ok
15:57:42.0492 0800 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:57:42.0492 0800 IpFilterDriver - ok
15:57:42.0512 0800 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:57:42.0522 0800 iphlpsvc - ok
15:57:42.0542 0800 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:57:42.0542 0800 IPMIDRV - ok
15:57:42.0552 0800 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:57:42.0552 0800 IPNAT - ok
15:57:42.0572 0800 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
15:57:42.0582 0800 iPod Service - ok
15:57:42.0592 0800 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:57:42.0592 0800 IRENUM - ok
15:57:42.0612 0800 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:57:42.0612 0800 isapnp - ok
15:57:42.0632 0800 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:57:42.0632 0800 iScsiPrt - ok
15:57:42.0652 0800 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:57:42.0652 0800 kbdclass - ok
15:57:42.0672 0800 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
15:57:42.0672 0800 kbdhid - ok
15:57:42.0682 0800 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:42.0682 0800 KeyIso - ok
15:57:42.0702 0800 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
15:57:42.0702 0800 KSecDD - ok
15:57:42.0722 0800 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
15:57:42.0722 0800 KSecPkg - ok
15:57:42.0742 0800 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:57:42.0742 0800 ksthunk - ok
15:57:42.0752 0800 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:57:42.0762 0800 KtmRm - ok
15:57:42.0772 0800 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:57:42.0782 0800 LanmanServer - ok
15:57:42.0792 0800 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:57:42.0802 0800 LanmanWorkstation - ok
15:57:42.0822 0800 Lavasoft Ad-Aware Service (ea38136981c61c571d52c380daad46ef) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
15:57:42.0822 0800 Lavasoft Ad-Aware Service - ok
15:57:42.0832 0800 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
15:57:42.0832 0800 Lavasoft Kernexplorer - ok
15:57:42.0842 0800 LBTServ (19eff704cd16dd0429e128431f1dd631) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
15:57:42.0842 0800 LBTServ - ok
15:57:42.0862 0800 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
15:57:42.0862 0800 LGBusEnum - ok
15:57:42.0882 0800 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
15:57:42.0882 0800 LGVirHid - ok
15:57:42.0892 0800 LHidFilt (1074c77a47835e03c15bf92452f9a750) C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:57:42.0892 0800 LHidFilt - ok
15:57:42.0912 0800 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
15:57:42.0912 0800 lirsgt - ok
15:57:42.0932 0800 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:57:42.0932 0800 lltdio - ok
15:57:42.0942 0800 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:57:42.0952 0800 lltdsvc - ok
15:57:42.0962 0800 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:57:42.0962 0800 lmhosts - ok
15:57:42.0982 0800 LMouFilt (96999c364c649e2866a268f7420a304a) C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:57:42.0982 0800 LMouFilt - ok
15:57:43.0002 0800 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:57:43.0002 0800 LSI_FC - ok
15:57:43.0022 0800 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:57:43.0022 0800 LSI_SAS - ok
15:57:43.0032 0800 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:57:43.0042 0800 LSI_SAS2 - ok
15:57:43.0052 0800 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:57:43.0052 0800 LSI_SCSI - ok
15:57:43.0072 0800 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:57:43.0072 0800 luafv - ok
15:57:43.0082 0800 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:57:43.0092 0800 Mcx2Svc - ok
15:57:43.0102 0800 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:57:43.0102 0800 megasas - ok
15:57:43.0122 0800 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:57:43.0132 0800 MegaSR - ok
15:57:43.0142 0800 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
15:57:43.0142 0800 MEIx64 - ok
15:57:43.0162 0800 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:57:43.0162 0800 MMCSS - ok
15:57:43.0172 0800 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:57:43.0172 0800 Modem - ok
15:57:43.0182 0800 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:57:43.0182 0800 monitor - ok
15:57:43.0202 0800 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:57:43.0202 0800 mouclass - ok
15:57:43.0212 0800 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:57:43.0222 0800 mouhid - ok
15:57:43.0232 0800 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:57:43.0232 0800 mountmgr - ok
15:57:43.0252 0800 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:57:43.0252 0800 mpio - ok
15:57:43.0262 0800 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:57:43.0272 0800 mpsdrv - ok
15:57:43.0292 0800 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:57:43.0302 0800 MpsSvc - ok
15:57:43.0312 0800 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:57:43.0322 0800 MRxDAV - ok
15:57:43.0332 0800 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:57:43.0342 0800 mrxsmb - ok
15:57:43.0352 0800 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:57:43.0362 0800 mrxsmb10 - ok
15:57:43.0372 0800 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:57:43.0372 0800 mrxsmb20 - ok
15:57:43.0392 0800 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:57:43.0392 0800 msahci - ok
15:57:43.0412 0800 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:57:43.0412 0800 msdsm - ok
15:57:43.0422 0800 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:57:43.0432 0800 MSDTC - ok
15:57:43.0452 0800 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:57:43.0452 0800 Msfs - ok
15:57:43.0462 0800 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:57:43.0462 0800 mshidkmdf - ok
15:57:43.0482 0800 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:57:43.0482 0800 msisadrv - ok
15:57:43.0492 0800 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:57:43.0502 0800 MSiSCSI - ok
15:57:43.0512 0800 msiserver - ok
15:57:43.0532 0800 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:57:43.0532 0800 MSKSSRV - ok
15:57:43.0542 0800 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:57:43.0542 0800 MSPCLOCK - ok
15:57:43.0562 0800 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:57:43.0562 0800 MSPQM - ok
15:57:43.0582 0800 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:57:43.0582 0800 MsRPC - ok
15:57:43.0602 0800 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
15:57:43.0602 0800 mssmbios - ok
15:57:43.0622 0800 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:57:43.0622 0800 MSTEE - ok
15:57:43.0642 0800 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:57:43.0642 0800 MTConfig - ok
15:57:43.0652 0800 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:57:43.0652 0800 Mup - ok
15:57:43.0672 0800 mv91cons (baa293f089077fe71f855ba5649648d9) C:\Windows\system32\DRIVERS\mv91cons.sys
15:57:43.0672 0800 mv91cons - ok
15:57:43.0692 0800 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:57:43.0692 0800 napagent - ok
15:57:43.0712 0800 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:57:43.0722 0800 NativeWifiP - ok
15:57:43.0742 0800 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:57:43.0752 0800 NDIS - ok
15:57:43.0762 0800 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:57:43.0762 0800 NdisCap - ok
15:57:43.0782 0800 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:57:43.0782 0800 NdisTapi - ok
15:57:43.0802 0800 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:57:43.0802 0800 Ndisuio - ok
15:57:43.0812 0800 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:57:43.0822 0800 NdisWan - ok
15:57:43.0832 0800 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:57:43.0832 0800 NDProxy - ok
15:57:43.0852 0800 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:57:43.0852 0800 NetBIOS - ok
15:57:43.0872 0800 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:57:43.0872 0800 NetBT - ok
15:57:43.0882 0800 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:43.0892 0800 Netlogon - ok
15:57:43.0902 0800 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:57:43.0912 0800 Netman - ok
15:57:43.0922 0800 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:43.0922 0800 NetMsmqActivator - ok
15:57:43.0922 0800 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:43.0932 0800 NetPipeActivator - ok
15:57:43.0942 0800 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:57:43.0952 0800 netprofm - ok
15:57:43.0962 0800 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:43.0962 0800 NetTcpActivator - ok
15:57:43.0972 0800 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:57:43.0972 0800 NetTcpPortSharing - ok
15:57:43.0982 0800 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:57:43.0982 0800 nfrd960 - ok
15:57:44.0002 0800 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:57:44.0002 0800 NlaSvc - ok
15:57:44.0022 0800 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:57:44.0022 0800 Npfs - ok
15:57:44.0032 0800 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:57:44.0042 0800 nsi - ok
15:57:44.0052 0800 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:57:44.0052 0800 nsiproxy - ok
15:57:44.0092 0800 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:57:44.0102 0800 Ntfs - ok
15:57:44.0112 0800 ntk_PowerDVD (7420b2e1f65642129b6e23bd42f752aa) C:\Program Files (x86)\Cyberlink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys
15:57:44.0112 0800 ntk_PowerDVD - ok
15:57:44.0132 0800 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:57:44.0132 0800 Null - ok
15:57:44.0152 0800 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\DRIVERS\nusb3hub.sys
15:57:44.0152 0800 nusb3hub - ok
15:57:44.0162 0800 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:57:44.0172 0800 nusb3xhc - ok
15:57:44.0192 0800 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
15:57:44.0192 0800 NVHDA - ok
15:57:44.0312 0800 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:57:44.0352 0800 nvlddmkm - ok
15:57:44.0362 0800 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:57:44.0362 0800 nvraid - ok
15:57:44.0382 0800 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:57:44.0382 0800 nvstor - ok
15:57:44.0402 0800 NVSvc (34e5498528bb3d5a951f889f8756ad26) C:\Windows\system32\nvvsvc.exe
15:57:44.0412 0800 NVSvc - ok
15:57:44.0432 0800 nvUpdatusService (cd0bfaa6872cfe38c908d313ae17c350) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:57:44.0442 0800 nvUpdatusService - ok
15:57:44.0452 0800 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:57:44.0452 0800 nv_agp - ok
15:57:44.0472 0800 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:57:44.0472 0800 ohci1394 - ok
15:57:44.0472 0800 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:57:44.0472 0800 ose - ok
15:57:44.0512 0800 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:57:44.0532 0800 osppsvc - ok
15:57:44.0552 0800 ossrv (a29a80a1cf63d0dc27eefcaf27d34664) C:\Windows\system32\drivers\ctoss2k.sys
15:57:44.0552 0800 ossrv - ok
15:57:44.0572 0800 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:57:44.0572 0800 p2pimsvc - ok
15:57:44.0592 0800 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:57:44.0592 0800 p2psvc - ok
15:57:44.0612 0800 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:57:44.0612 0800 Parport - ok
15:57:44.0632 0800 Partizan - ok
15:57:44.0642 0800 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
15:57:44.0652 0800 partmgr - ok
15:57:44.0662 0800 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:57:44.0662 0800 PcaSvc - ok
15:57:44.0682 0800 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:57:44.0682 0800 pci - ok
15:57:44.0702 0800 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:57:44.0702 0800 pciide - ok
15:57:44.0722 0800 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:57:44.0722 0800 pcmcia - ok
15:57:44.0742 0800 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:57:44.0742 0800 pcw - ok
15:57:44.0762 0800 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:57:44.0762 0800 PEAUTH - ok
15:57:44.0792 0800 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
15:57:44.0812 0800 PeerDistSvc - ok
15:57:44.0822 0800 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:57:44.0822 0800 PerfHost - ok
15:57:44.0862 0800 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:57:44.0872 0800 pla - ok
15:57:44.0892 0800 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:57:44.0902 0800 PlugPlay - ok
15:57:44.0912 0800 PnkBstrA - ok
15:57:44.0922 0800 PnkBstrB - ok
15:57:44.0942 0800 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:57:44.0942 0800 PNRPAutoReg - ok
15:57:44.0962 0800 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:57:44.0962 0800 PNRPsvc - ok
15:57:44.0982 0800 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:57:44.0982 0800 PolicyAgent - ok
15:57:45.0002 0800 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:57:45.0012 0800 Power - ok
15:57:45.0022 0800 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:57:45.0022 0800 PptpMiniport - ok
15:57:45.0042 0800 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:57:45.0042 0800 Processor - ok
15:57:45.0062 0800 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
15:57:45.0062 0800 ProfSvc - ok
15:57:45.0072 0800 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:45.0072 0800 ProtectedStorage - ok
15:57:45.0092 0800 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:57:45.0092 0800 Psched - ok
15:57:45.0102 0800 PSI_SVC_2_x64 (788cb65d49d1162c5ee6814afe5b0a70) c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
15:57:45.0102 0800 PSI_SVC_2_x64 - ok
15:57:45.0142 0800 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:57:45.0152 0800 ql2300 - ok
15:57:45.0172 0800 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:57:45.0172 0800 ql40xx - ok
15:57:45.0192 0800 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:57:45.0192 0800 QWAVE - ok
15:57:45.0212 0800 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:57:45.0212 0800 QWAVEdrv - ok
15:57:45.0232 0800 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:57:45.0232 0800 RasAcd - ok
15:57:45.0242 0800 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:57:45.0242 0800 RasAgileVpn - ok
15:57:45.0262 0800 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:57:45.0262 0800 RasAuto - ok
15:57:45.0282 0800 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:57:45.0282 0800 Rasl2tp - ok
15:57:45.0302 0800 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:57:45.0302 0800 RasMan - ok
15:57:45.0322 0800 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:57:45.0322 0800 RasPppoe - ok
15:57:45.0332 0800 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:57:45.0332 0800 RasSstp - ok
15:57:45.0352 0800 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:57:45.0362 0800 rdbss - ok
15:57:45.0372 0800 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:57:45.0372 0800 rdpbus - ok
15:57:45.0392 0800 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:57:45.0392 0800 RDPCDD - ok
15:57:45.0412 0800 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
15:57:45.0412 0800 RDPDR - ok
15:57:45.0432 0800 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:57:45.0432 0800 RDPENCDD - ok
15:57:45.0452 0800 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:57:45.0452 0800 RDPREFMP - ok
15:57:45.0472 0800 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
15:57:45.0472 0800 RDPWD - ok
15:57:45.0492 0800 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:57:45.0492 0800 rdyboost - ok
15:57:45.0502 0800 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:57:45.0512 0800 RemoteAccess - ok
15:57:45.0522 0800 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:57:45.0522 0800 RemoteRegistry - ok
15:57:45.0532 0800 RichVideo64 (0b169fe016039571ecc6db70073f8979) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
15:57:45.0542 0800 RichVideo64 - ok
15:57:45.0552 0800 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:57:45.0552 0800 RpcEptMapper - ok
15:57:45.0572 0800 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:57:45.0572 0800 RpcLocator - ok
15:57:45.0592 0800 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:57:45.0592 0800 RpcSs - ok
15:57:45.0612 0800 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:57:45.0612 0800 rspndr - ok
15:57:45.0632 0800 RTL8167 (16d4e350420baa7e63e16e3fc033e1f5) C:\Windows\system32\DRIVERS\Rt64win7.sys
15:57:45.0632 0800 RTL8167 - ok
15:57:45.0652 0800 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
15:57:45.0652 0800 s3cap - ok
15:57:45.0662 0800 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:45.0662 0800 SamSs - ok
15:57:45.0672 0800 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
15:57:45.0672 0800 SASDIFSV - ok
15:57:45.0672 0800 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
15:57:45.0672 0800 SASKUTIL - ok
15:57:45.0692 0800 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:57:45.0692 0800 sbp2port - ok
15:57:45.0712 0800 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:57:45.0712 0800 SCardSvr - ok
15:57:45.0732 0800 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:57:45.0732 0800 scfilter - ok
15:57:45.0752 0800 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:57:45.0772 0800 Schedule - ok
15:57:45.0782 0800 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:57:45.0782 0800 SCPolicySvc - ok
15:57:45.0802 0800 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:57:45.0802 0800 SDRSVC - ok
15:57:45.0822 0800 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:57:45.0822 0800 secdrv - ok
15:57:45.0832 0800 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:57:45.0832 0800 seclogon - ok
15:57:45.0852 0800 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:57:45.0852 0800 SENS - ok
15:57:45.0862 0800 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:57:45.0862 0800 SensrSvc - ok
15:57:45.0882 0800 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:57:45.0882 0800 Serenum - ok
15:57:45.0902 0800 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:57:45.0902 0800 Serial - ok
15:57:45.0922 0800 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:57:45.0922 0800 sermouse - ok
15:57:45.0942 0800 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:57:45.0942 0800 SessionEnv - ok
15:57:45.0962 0800 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:57:45.0962 0800 sffdisk - ok
15:57:45.0972 0800 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:57:45.0972 0800 sffp_mmc - ok
15:57:45.0992 0800 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:57:45.0992 0800 sffp_sd - ok
15:57:46.0012 0800 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:57:46.0012 0800 sfloppy - ok
15:57:46.0032 0800 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:57:46.0032 0800 SharedAccess - ok
15:57:46.0052 0800 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:57:46.0062 0800 ShellHWDetection - ok
15:57:46.0072 0800 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:57:46.0072 0800 SiSRaid2 - ok
15:57:46.0092 0800 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:57:46.0092 0800 SiSRaid4 - ok
15:57:46.0112 0800 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:57:46.0112 0800 Smb - ok
15:57:46.0132 0800 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:57:46.0132 0800 SNMPTRAP - ok
15:57:46.0142 0800 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:57:46.0142 0800 spldr - ok
15:57:46.0162 0800 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:57:46.0172 0800 Spooler - ok
15:57:46.0222 0800 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:57:46.0242 0800 sppsvc - ok
15:57:46.0262 0800 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:57:46.0262 0800 sppuinotify - ok
15:57:46.0282 0800 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:57:46.0282 0800 srv - ok
15:57:46.0302 0800 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:57:46.0312 0800 srv2 - ok
15:57:46.0322 0800 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:57:46.0332 0800 srvnet - ok
15:57:46.0342 0800 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:57:46.0342 0800 SSDPSRV - ok
15:57:46.0362 0800 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:57:46.0362 0800 SstpSvc - ok
15:57:46.0372 0800 Steam Client Service - ok
15:57:46.0382 0800 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:57:46.0382 0800 Stereo Service - ok
15:57:46.0402 0800 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:57:46.0402 0800 stexstor - ok
15:57:46.0422 0800 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:57:46.0432 0800 stisvc - ok
15:57:46.0442 0800 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
15:57:46.0442 0800 storflt - ok
15:57:46.0462 0800 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
15:57:46.0462 0800 StorSvc - ok
15:57:46.0482 0800 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
15:57:46.0482 0800 storvsc - ok
15:57:46.0502 0800 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
15:57:46.0502 0800 swenum - ok
15:57:46.0512 0800 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:57:46.0512 0800 SwitchBoard - ok
15:57:46.0532 0800 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:57:46.0532 0800 swprv - ok
15:57:46.0562 0800 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:57:46.0572 0800 SysMain - ok
15:57:46.0582 0800 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:57:46.0582 0800 TabletInputService - ok
15:57:46.0622 0800 TabletServiceWacom (191394b308bd7fedb4ebb4f7f04c1339) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
15:57:46.0642 0800 TabletServiceWacom - ok
15:57:46.0662 0800 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:57:46.0662 0800 TapiSrv - ok
15:57:46.0672 0800 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:57:46.0682 0800 TBS - ok
15:57:46.0722 0800 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
15:57:46.0722 0800 Tcpip - ok
15:57:46.0752 0800 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
15:57:46.0762 0800 TCPIP6 - ok
15:57:46.0782 0800 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:57:46.0782 0800 tcpipreg - ok
15:57:46.0802 0800 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:57:46.0802 0800 TDPIPE - ok
15:57:46.0812 0800 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:57:46.0812 0800 TDTCP - ok
15:57:46.0832 0800 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:57:46.0832 0800 tdx - ok
15:57:46.0852 0800 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
15:57:46.0852 0800 TermDD - ok
15:57:46.0872 0800 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:57:46.0882 0800 TermService - ok
15:57:46.0902 0800 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:57:46.0902 0800 Themes - ok
15:57:46.0912 0800 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:57:46.0922 0800 THREADORDER - ok
15:57:46.0932 0800 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:57:46.0932 0800 TrkWks - ok
15:57:46.0942 0800 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:57:46.0942 0800 TrustedInstaller - ok
15:57:46.0962 0800 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:57:46.0962 0800 tssecsrv - ok
15:57:46.0982 0800 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:57:46.0982 0800 TsUsbFlt - ok
15:57:47.0002 0800 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
15:57:47.0002 0800 TsUsbGD - ok
15:57:47.0012 0800 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:57:47.0022 0800 tunnel - ok
15:57:47.0032 0800 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:57:47.0032 0800 uagp35 - ok
15:57:47.0052 0800 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:57:47.0062 0800 udfs - ok
15:57:47.0072 0800 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:57:47.0082 0800 UI0Detect - ok
15:57:47.0092 0800 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:57:47.0092 0800 uliagpkx - ok
15:57:47.0112 0800 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
15:57:47.0112 0800 umbus - ok
15:57:47.0132 0800 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:57:47.0132 0800 UmPass - ok
15:57:47.0142 0800 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
15:57:47.0152 0800 UmRdpService - ok
15:57:47.0172 0800 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:57:47.0172 0800 upnphost - ok
15:57:47.0192 0800 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
15:57:47.0192 0800 USBAAPL64 - ok
15:57:47.0202 0800 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:57:47.0202 0800 usbccgp - ok
15:57:47.0222 0800 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:57:47.0222 0800 usbcir - ok
15:57:47.0242 0800 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
15:57:47.0242 0800 usbehci - ok
15:57:47.0262 0800 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:57:47.0262 0800 usbhub - ok
15:57:47.0282 0800 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:57:47.0282 0800 usbohci - ok
15:57:47.0292 0800 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:57:47.0292 0800 usbprint - ok
15:57:47.0312 0800 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:57:47.0312 0800 usbscan - ok
15:57:47.0332 0800 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:57:47.0332 0800 USBSTOR - ok
15:57:47.0352 0800 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
15:57:47.0352 0800 usbuhci - ok
15:57:47.0362 0800 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:57:47.0362 0800 UxSms - ok
15:57:47.0382 0800 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:57:47.0382 0800 VaultSvc - ok
15:57:47.0392 0800 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:57:47.0392 0800 vdrvroot - ok
15:57:47.0412 0800 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:57:47.0422 0800 vds - ok
15:57:47.0442 0800 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:57:47.0442 0800 vga - ok
15:57:47.0452 0800 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:57:47.0452 0800 VgaSave - ok
15:57:47.0472 0800 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:57:47.0482 0800 vhdmp - ok
15:57:47.0492 0800 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:57:47.0492 0800 viaide - ok
15:57:47.0512 0800 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
15:57:47.0512 0800 vmbus - ok
15:57:47.0532 0800 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
15:57:47.0532 0800 VMBusHID - ok
15:57:47.0542 0800 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:57:47.0542 0800 volmgr - ok
15:57:47.0572 0800 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:57:47.0572 0800 volmgrx - ok
15:57:47.0592 0800 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:57:47.0592 0800 volsnap - ok
15:57:47.0612 0800 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:57:47.0612 0800 vsmraid - ok
15:57:47.0642 0800 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:57:47.0652 0800 VSS - ok
15:57:47.0672 0800 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
15:57:47.0672 0800 vwifibus - ok
15:57:47.0692 0800 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:57:47.0692 0800 W32Time - ok
15:57:47.0712 0800 wacmoumonitor (fe75777289278a4941fe6139e82b3bd9) C:\Windows\system32\DRIVERS\wacmoumonitor.sys
15:57:47.0712 0800 wacmoumonitor - ok
15:57:47.0732 0800 wacommousefilter (e04d43c7d1641e95d35cae6086c7e350) C:\Windows\system32\DRIVERS\wacommousefilter.sys
15:57:47.0732 0800 wacommousefilter - ok
15:57:47.0752 0800 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:57:47.0752 0800 WacomPen - ok
15:57:47.0762 0800 wacomvhid (ec1ceb237e365330c1fcfc4876aa0ac0) C:\Windows\system32\DRIVERS\wacomvhid.sys
15:57:47.0762 0800 wacomvhid - ok
15:57:47.0782 0800 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:57:47.0782 0800 WANARP - ok
15:57:47.0782 0800 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:57:47.0782 0800 Wanarpv6 - ok
15:57:47.0812 0800 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:57:47.0812 0800 WatAdminSvc - ok
15:57:47.0832 0800 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:57:47.0842 0800 wbengine - ok
15:57:47.0862 0800 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:57:47.0862 0800 WbioSrvc - ok
15:57:47.0882 0800 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:57:47.0882 0800 wcncsvc - ok
15:57:47.0892 0800 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:57:47.0892 0800 WcsPlugInService - ok
15:57:47.0912 0800 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:57:47.0912 0800 Wd - ok
15:57:47.0932 0800 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:57:47.0932 0800 Wdf01000 - ok
15:57:47.0942 0800 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:57:47.0942 0800 WdiServiceHost - ok
15:57:47.0942 0800 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:57:47.0952 0800 WdiSystemHost - ok
15:57:47.0962 0800 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:57:47.0962 0800 WebClient - ok
15:57:47.0972 0800 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:57:47.0982 0800 Wecsvc - ok
15:57:47.0992 0800 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:57:47.0992 0800 wercplsupport - ok
15:57:48.0002 0800 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:57:48.0002 0800 WerSvc - ok
15:57:48.0022 0800 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:57:48.0022 0800 WfpLwf - ok
15:57:48.0032 0800 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:57:48.0032 0800 WIMMount - ok
15:57:48.0042 0800 WinDefend - ok
15:57:48.0042 0800 WinHttpAutoProxySvc - ok
15:57:48.0062 0800 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:57:48.0072 0800 Winmgmt - ok
15:57:48.0102 0800 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:57:48.0112 0800 WinRM - ok
15:57:48.0132 0800 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:57:48.0132 0800 WinUsb - ok
15:57:48.0152 0800 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:57:48.0162 0800 Wlansvc - ok
15:57:48.0182 0800 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:57:48.0182 0800 wlidsvc - ok
15:57:48.0202 0800 WmBEnum (680a7846370000d20d7e74917d5b7936) C:\Windows\system32\drivers\WmBEnum.sys
15:57:48.0202 0800 WmBEnum - ok
15:57:48.0222 0800 WmFilter (14c35ba8189c6f65d839163aa285e954) C:\Windows\system32\drivers\WmFilter.sys
15:57:48.0222 0800 WmFilter - ok
15:57:48.0232 0800 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
15:57:48.0232 0800 WmiAcpi - ok
15:57:48.0262 0800 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:57:48.0262 0800 wmiApSrv - ok
15:57:48.0262 0800 WMPNetworkSvc - ok
15:57:48.0282 0800 WmVirHid (8488dd91a3ee54a8e29f02ad7bb8201e) C:\Windows\system32\drivers\WmVirHid.sys
15:57:48.0282 0800 WmVirHid - ok
15:57:48.0302 0800 WmXlCore (14802b3a30aa849c97cb968ccc813bf3) C:\Windows\system32\drivers\WmXlCore.sys
15:57:48.0302 0800 WmXlCore - ok
15:57:48.0312 0800 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:57:48.0312 0800 WPCSvc - ok
15:57:48.0332 0800 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:57:48.0332 0800 WPDBusEnum - ok
15:57:48.0352 0800 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:57:48.0352 0800 ws2ifsl - ok
15:57:48.0362 0800 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:57:48.0372 0800 wscsvc - ok
15:57:48.0382 0800 WSearch - ok
15:57:48.0412 0800 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
15:57:48.0422 0800 wuauserv - ok
15:57:48.0442 0800 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:57:48.0442 0800 WudfPf - ok
15:57:48.0462 0800 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:57:48.0462 0800 WUDFRd - ok
15:57:48.0482 0800 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:57:48.0482 0800 wudfsvc - ok
15:57:48.0502 0800 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:57:48.0502 0800 WwanSvc - ok
15:57:48.0522 0800 xusb21 (2c6bc21b2d5b58d8b1d638c1704cb494) C:\Windows\system32\DRIVERS\xusb21.sys
15:57:48.0522 0800 xusb21 - ok
15:57:48.0532 0800 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (1870a74ee2901ca09ffbfe79a5ee0e94) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl
15:57:48.0532 0800 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
15:57:48.0542 0800 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:57:48.0582 0800 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:57:48.0582 0800 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:57:48.0582 0800 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
15:57:48.0632 0800 \Device\Harddisk1\DR1 - ok
15:57:48.0642 0800 Boot (0x1200) (0076dcf55a0a6ff3ae3878666ba97897) \Device\Harddisk0\DR0\Partition0
15:57:48.0642 0800 \Device\Harddisk0\DR0\Partition0 - ok
15:57:48.0642 0800 Boot (0x1200) (844c3e0c04aae9e3eaa0848170732881) \Device\Harddisk0\DR0\Partition1
15:57:48.0642 0800 \Device\Harddisk0\DR0\Partition1 - ok
15:57:48.0642 0800 Boot (0x1200) (cd305c9a2ad8da146f21aa33c65c1abf) \Device\Harddisk1\DR1\Partition0
15:57:48.0652 0800 \Device\Harddisk1\DR1\Partition0 - ok
15:57:48.0652 0800 ============================================================
15:57:48.0652 0800 Scan finished
15:57:48.0652 0800 ============================================================
15:57:48.0652 3756 Detected object count: 1
15:57:48.0652 3756 Actual detected object count: 1
15:58:00.0903 3756 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:58:00.0903 3756 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
15:58:08.0604 6004 Deinitialize success

#5 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 21 April 2012 - 08:02 PM

Here is the aswMBR log file

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-21 16:05:35
-----------------------------
16:05:35.357 OS Version: Windows x64 6.1.7601 Service Pack 1
16:05:35.357 Number of processors: 8 586 0x2A07
16:05:35.357 ComputerName: BLACKMONOLITH UserName: Chris
16:05:35.617 Initialize success
16:06:01.339 AVAST engine defs: 12042101
16:06:27.182 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP10T0L0-c
16:06:27.192 Disk 0 Vendor: M4-CT256M4SSD2 0001 Size: 244198MB BusType: 11
16:06:27.192 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP12T0L0-e
16:06:27.192 Disk 1 Vendor: WDC_WD1002FAEX-00Y9A0 05.01D05 Size: 953869MB BusType: 11
16:06:27.192 Disk 0 MBR read successfully
16:06:27.202 Disk 0 MBR scan
16:06:27.202 Disk 0 Windows 7 default MBR code
16:06:27.212 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
16:06:27.212 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 244087 MB offset 206848
16:06:27.212 Disk 0 scanning C:\Windows\system32\drivers
16:06:28.912 Service scanning
16:06:34.004 Modules scanning
16:06:34.014 Disk 0 trace - called modules:
16:06:34.014 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
16:06:34.024 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d725790]
16:06:34.024 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800d446c70]
16:06:34.024 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP10T0L0-c[0xfffffa800d45b680]
16:06:34.304 AVAST engine scan C:\Windows
16:06:34.624 AVAST engine scan C:\Windows\system32
16:07:13.943 AVAST engine scan C:\Windows\system32\drivers
16:07:16.273 AVAST engine scan C:\Users\Chris
16:07:59.318 AVAST engine scan C:\ProgramData
16:08:12.240 Scan finished successfully
16:08:30.161 Disk 0 MBR has been saved successfully to "C:\Users\Chris\Desktop\Recent Stuff\Virus Removal Tools\aswMBR\MBR.dat"
16:08:30.161 The log file has been saved successfully to "C:\Users\Chris\Desktop\Recent Stuff\Virus Removal Tools\aswMBR\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:21 PM

Posted 21 April 2012 - 08:06 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#7 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 22 April 2012 - 11:10 PM

It appears that after running TDSSkiller, aswMBR and MBAM (until it gave me a clear scan) that the redirect problem has been fixed. I have been running IE9 and searched several items using google search and have not been redirected once over the last 24 hours of use.

Do you recommend any further action?

Do you see anything else fishy in the log files that I sent previously?

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:21 PM

Posted 22 April 2012 - 11:33 PM

Grt to hear that you do not have redirects.

Previous log files are clean.I need you to run the other scans to make sure there are no traces left.

good luck

#9 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 24 April 2012 - 10:54 PM

OK here are the latest log files that you requested

First Mini toolbox I'll send the Eset in another post

MiniToolBox by Farbar Version: 18-01-2012
Ran by Chris (administrator) on 24-04-2012 at 20:49:12
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1

========================= IP Configuration: ================================

Intel® 82579V Gigabit Network Connection = Local Area Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BlackMonolith
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-DA-E9-06-42-69
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Intel® 82579V Gigabit Network Connection
Physical Address. . . . . . . . . : 14-DA-E9-06-2A-8A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::51d1:7b78:6d9:1432%14(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, April 24, 2012 8:23:19 PM
Lease Expires . . . . . . . . . . : Wednesday, April 25, 2012 8:23:18 PM
Default Gateway . . . . . . . . . : 10.0.1.1
DHCP Server . . . . . . . . . . . : 10.0.1.1
DHCPv6 IAID . . . . . . . . . . . : 286579433
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-EA-10-7B-14-DA-E9-06-2A-8A
DNS Servers . . . . . . . . . . . : 10.0.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{AD828FF0-EEA5-4B8A-9F6D-A5AFBC279A75}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.hsd1.ca.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ca.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:6c:6c27:b839:6565(Preferred)
Link-local IPv6 Address . . . . . : fe80::6c:6c27:b839:6565%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 10.0.1.1

Name: google.com
Addresses: 74.125.224.102
74.125.224.96
74.125.224.98
74.125.224.99
74.125.224.101
74.125.224.103
74.125.224.100
74.125.224.104
74.125.224.105
74.125.224.110
74.125.224.97


Pinging google.com [74.125.224.102] with 32 bytes of data:
Reply from 74.125.224.102: bytes=32 time=23ms TTL=55
Reply from 74.125.224.102: bytes=32 time=19ms TTL=55

Ping statistics for 74.125.224.102:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 23ms, Average = 21ms
Server: UnKnown
Address: 10.0.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=71ms TTL=53
Reply from 72.30.38.140: bytes=32 time=22ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 22ms, Maximum = 71ms, Average = 46ms
Server: UnKnown
Address: 10.0.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...14 da e9 06 42 69 ......Realtek PCIe GBE Family Controller
14...14 da e9 06 2a 8a ......Intel® 82579V Gigabit Network Connection
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.1.1 10.0.1.3 10
10.0.1.0 255.255.255.0 On-link 10.0.1.3 266
10.0.1.3 255.255.255.255 On-link 10.0.1.3 266
10.0.1.255 255.255.255.255 On-link 10.0.1.3 266
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.1.3 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.1.3 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:6c:6c27:b839:6565/128
On-link
14 266 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::6c:6c27:b839:6565/128
On-link
14 266 fe80::51d1:7b78:6d9:1432/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
14 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/24/2012 08:47:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/24/2012 08:42:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/24/2012 08:24:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2012 08:52:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/24/2012 08:32:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 07:55:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 10:27:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 10:13:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 10:05:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 09:24:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/24/2012 08:25:17 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/24/2012 08:25:17 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/24/2012 08:32:41 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/24/2012 08:32:41 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/23/2012 07:56:11 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/23/2012 07:56:11 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/22/2012 10:27:35 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/22/2012 10:27:35 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (04/22/2012 10:13:30 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (04/22/2012 10:13:30 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (04/24/2012 08:47:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\Downloads\esetsmartinstaller_enu.exe

Error: (04/24/2012 08:42:14 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/24/2012 08:24:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2012 08:52:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4ZDZGT2\esetsmartinstaller_enu.exe

Error: (04/24/2012 08:32:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/23/2012 07:55:51 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 10:27:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 10:13:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 10:05:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2012 09:24:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Ad-Aware Antivirus (Version: 10.0.185.3207)
Ad-Aware Browsing Protection (Version: 0.9.0.2)
Ad-Aware Security Toolbar (Version: 2.0.0.3)
Adobe Acrobat X Pro (Version: 10.1.3)
Adobe AIR (Version: 2.7.1.19610)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Community Help (Version: 3.4.980)
Adobe Creative Suite 2
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe GoLive CS2 (Version: 8.0.1)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe InDesign CS2 (Version: 004.000.000)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Adobe SVG Viewer 3.0 (Version: 3.0)
Adobe Version Cue CS2 (Version: 2.0.1)
AirPort (Version: 5.5.3.2)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations (Version: 2.8.255.292)
ASUS nVidia Driver (Version: 1.00.0000)
BioShock (Version: 2.5.0000)
Bonjour (Version: 3.0.0.10)
Bryce 7.0 (Version: 7.0.1.34)
Bryce 7.0 Content (Version: 7.0.0.13)
Bryce Lightning 7.0 (Version: 7.0.1.34)
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
ChemEQL
Chemical Diagrams (Medusa-Hydra)
Corel Painter 12 - Extra Content (Version: 12.0)
Corel Painter 12 - Extra Content (Version: 12.0.0)
Corel Painter 12 - IPM (Version: 12.2)
Corel Painter 12 (Version: 12.0.1.727)
Counter-Strike: Source
Counter-Strike: Source Beta
Creative 3DMIDI Player (Version: 1.11)
Creative Audio Control Panel (Version: 3.00)
Creative Diagnostics (Version: 5.11)
Creative Software AutoUpdate (Version: 1.40)
Creative Sound Blaster Properties x64 Edition (Version: 1.02)
Creative System Information (Version: 1.10)
Creative WaveStudio 7 (Version: 7.12)
Crysis® (Version: 1.00.0000)
Crysis® 2 (Version: 1.0.0.0)
CyberLink PhotoNow (Version: 1.1.0.6904)
CyberLink PowerDirector (Version: 9.0.0.3305)
CyberLink PowerDVD 11 (Version: 11.0.2218.53)
CyberLink WaveEditor (Version: 1.0.1.2821)
Dark Messiah Might and Magic Multi-Player
Dark Messiah Might and Magic Single Player
DAZ Studio 3 (Version: 3.1.1.73)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Deus Ex: Human Revolution
Dolby Digital Live Pack (Version: 3.00)
Doom 3 (Version: 1.00.0000)
Dragon Age: Origins (Version: 1.04)
DTS Connect Pack (Version: 1.00)
EPSON Artisan 810 Series Printer Uninstall
Epson Event Manager (Version: 2.30.01)
Epson FAX Utility (Version: 1.00.01)
Epson PC-FAX Driver
Epson Print CD (Version: 2.00.00)
EPSON Scan
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
Fallout 3 (Version: 1.00.0000)
Fallout: New Vegas
Far Cry 2 (Version: 1.03.00)
GameSpy Comrade (Version: 1.5.0.156)
Gamry Software (Version: 5.65)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Half-Life 2
Half-Life 2: Deathmatch
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life 2: Lost Coast
Half-Life Deathmatch: Source
Half-Life: Source
IconHandler 64 bit (Version: 2.0)
Intel® Network Connections 16.1.53.0 (Version: 16.1.53.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Logitech Gaming Software 5.10 (Version: 5.10.127)
Logitech SetPoint 6.30 (Version: 6.30.43)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mass Effect 2 (Version: 1.02)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Need for Speed™ Hot Pursuit (Version: 1.0.0.0)
NI LabVIEW Run-Time Engine 2009 (Version: 9.0.313.0)
NI Math Kernel Libraries (Version: 1.0.28.0)
NVIDIA 3D Vision Controller Driver (Version: 280.19)
NVIDIA 3D Vision Controller Driver 295.73 (Version: 295.73)
NVIDIA 3D Vision Driver 295.73 (Version: 295.73)
NVIDIA Control Panel 295.73 (Version: 295.73)
NVIDIA Graphics Driver 295.73 (Version: 295.73)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0209)
NVIDIA PhysX System Software 9.12.0209 (Version: 9.12.0209)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9573)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
Oblivion (Version: 1.00.0000)
OpenAL
Origin (Version: 8.3.7.3619)
Painter 12 - Content (Version: 12.2)
Painter 12 - Core (Version: 12.2.1)
Painter 12 - Corex64 (Version: 12.1.0)
Painter 12 - EN (Version: 12.2)
Painter 12 - Setup Files (Version: 12.1)
PDF Settings CS5 (Version: 10.0)
Peggle Deluxe
PhotoTools 2.5 (Version: 2.5)
Portal
PowerDirector (Version: 9.00.0000)
Presto! PageManager 8.15.01 SE (Version: 8.15.01)
PunkBuster Services (Version: 0.986)
Quake 4™ (Version: 1.0)
QuickTime (Version: 7.71.80.42)
RAGE
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005] (Version: 1.0005)
SmartSound Quicktracks 5 (Version: 5.1.7)
SmartSound Quicktracks Plugin (Version: 3.0.9.0)
Sound Blaster X-Fi (Version: 1.0)
SpaceTime 4.0 (Version: 1.0)
StarCraft II (Version: 1.3.6.19269)
Steam (Version: 1.0.0.0)
Suite Specific (Version: 2.0.0)
SUPERAntiSpyware (Version: 5.0.1146)
Team Fortress 2
Team Fortress 2 Beta
The Elder Scrolls V: Skyrim
The Witcher 2
ubi.com
Universe Sandbox
Unreal Tournament 3 (Version: 1.00.0000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Visual Basic for Applications ® Core - English (Version: 6.5.10.32)
Visual Basic for Applications ® Core (Version: 6.5.10.32)
Wacom Tablet (Version: 6.1.6-7)
WebTablet IE Plugin (Version: 1.1.0.7)
WebTablet Netscape Plugin (Version: 1.1.0.5)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)

========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 16290.55 MB
Available physical RAM: 13546.01 MB
Total Pagefile: 32579.29 MB
Available Pagefile: 29670.74 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:238.36 GB) (Free:109.27 GB) NTFS
5 Drive h: (Total Recall) (Fixed) (Total:931.51 GB) (Free:592.62 GB) NTFS

========================= Users: ========================================

User accounts for \\BLACKMONOLITH

Administrator ASPNET Chris
Guest UpdatusUser


**** End of log ****



#10 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 24 April 2012 - 11:28 PM

Now the Eset logfile

C:\TDSSKiller_Quarantine\21.04.2012_15.29.12\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\Users\Chris\AppData\Local\Temp\Main.class Java/TrojanDownloader.Agent.NDX trojan cleaned by deleting - quarantined




One new problem has arisen maybe we should do it on a separate post but I think its related to this problem.
Sometimes Flash doesn't load a video and claims it can't work because I don't have the latest version or it only loads the video with no sound.
I have tried loading a clean version but I still get the same problem. This is a new problem that didn't happen before the virus so I thought it was probably related.

Any ideas? Should I start a separate thread?

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:21 PM

Posted 25 April 2012 - 03:13 AM

Download

Hosts fix

Run it,

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Sometimes Flash doesn't load a video and claims it can't work because I don't have the latest version or it only loads the video with no sound.


Do you have that on specific browser?

#12 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 26 April 2012 - 01:05 AM

I completed the windows host fix and the TFC.

What is next?

I'm currently only using IE9 and this is where I have the problem with flash videos that I mentioned in my previous post

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:21 PM

Posted 26 April 2012 - 01:08 AM

Ok,lets try to rollback IE 9 to previous version and check flash works on IE 8

Check this page on uninstalling IE 9

http://windows.microsoft.com/en-US/windows7/how-do-i-install-or-uninstall-internet-explorer-9

Let me know if that went fine

good luck

#14 chrisstorment

chrisstorment
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:21 PM

Posted 29 April 2012 - 03:32 PM

Tried the IE9 rollback but IE9 didn't show up in the install/uninstall control panel.
I also tried both manual and automatic microsoft fix it approaches and it also couldn't find the program.
I dove into my c drive and its right there in the programs (x86) folder.
Not sure how to best go forward, but it seems that my IE9 installation is having some problems.
IE9 mostly works fine but I still have the flash problems and a few web sitesthat are now broken (I checked them out on another computer and they work fine there).
I also loaded up the newest version of firefox and I gety the exact same behavior out of firfox as I do on IE9 flash doesn't work or no audio andsome broken web sites.
What can I do next

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:21 PM

Posted 29 April 2012 - 04:11 PM

Tried the IE9 rollback but IE9 didn't show up in the install/uninstall control panel.

DId you check for View installed updates in the left pane.You will not find IE 9 in add or remove programs.

It seems you have issue on all the browsers,i would advise you to start a topic here

http://www.bleepingcomputer.com/forums/forum167.html

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users