Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popup - Remote Control - Shut down


  • Please log in to reply
11 replies to this topic

#1 hubsy

hubsy

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 PM

Posted 07 May 2012 - 11:47 AM

Hi Guys,

This pops up about twice a day on my PC.


Posted Image


Where is it coming from?


win7 64bit

Edited by hubsy, 07 May 2012 - 11:57 AM.


BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:57 AM

Posted 10 May 2012 - 07:10 PM

Hello,

I will be helping you with your problems

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

Step 1

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2

Please download Farbar Service Scanner to your Desktop and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Step 3

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Step 4

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

NOTE: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 hubsy

hubsy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 PM

Posted 11 May 2012 - 07:13 AM

Results of screen317's Security Check version 0.99.32
Windows 7 x64
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

AVG PC Tuneup
ESET Online Scanner v3
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

AVG PC Tuneup
AVS Registry Cleaner version 2.2
Java™ 6 Update 31
Adobe Reader 9 Adobe Reader out of date!
Mozilla Firefox (12.0.)
````````````````````````````````
Process Check:
objlist.exe by Laurent

AVG avgwdsvc.exe
AVG avgtray.exe
``````````End of Log````````````


---------------------------------------------------------

Farbar Service Scanner Version: 08-05-2012
Ran by Dave (administrator) on 11-05-2012 at 12:53:55
Running from "C:\Users\Dave\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
Checking LEGACY_mpsdrv: ATTENTION!=====> Unable to open LEGACY_mpsdrv\0000 registry key. The key does not exist.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is set to Disabled. The default start type is Auto.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



-------------------------------------------------

MiniToolBox by Farbar Version: 18-01-2012
Ran by Dave (administrator) on 11-05-2012 at 12:55:48
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
255.255.255.255 getright.com
255.255.255.255 www.getright.com
255.255.255.255 pro.getright.com
255.255.255.255 www.get-right.com
255.255.255.255 www.headlightinc.com
255.255.255.255 headlightinc.com


========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)
Bluetooth NAP Adapter = Local Area Connection 2 (Media disconnected)
Bluetooth PANU Adapter = Local Area Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1492 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Home
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth PANU Adapter
Physical Address. . . . . . . . . : 00-11-67-D6-2C-F2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth NAP Adapter
Physical Address. . . . . . . . . : 00-11-67-D6-2C-F2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 00-25-11-70-13-57
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2dd4:cb3:de41:d945%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.65(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 11 May 2012 12:23:34
Lease Expires . . . . . . . . . . : 12 May 2012 12:23:33
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234890513
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-D2-96-29-00-25-11-70-13-57
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{7000A980-DEEA-4AD1-954D-AD52811DAE0E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: api.home
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.230.131
74.125.230.133
74.125.230.128
74.125.230.137
74.125.230.132
74.125.230.142
74.125.230.134
74.125.230.129
74.125.230.130
74.125.230.136
74.125.230.135


Pinging google.com [74.125.230.137] with 32 bytes of data:
Reply from 74.125.230.137: bytes=32 time=23ms TTL=52
Reply from 74.125.230.137: bytes=32 time=23ms TTL=52

Ping statistics for 74.125.230.137:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 23ms, Maximum = 23ms, Average = 23ms
Server: api.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=159ms TTL=46
Reply from 209.191.122.70: bytes=32 time=163ms TTL=46

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 159ms, Maximum = 163ms, Average = 161ms
Server: api.home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...00 11 67 d6 2c f2 ......Bluetooth PANU Adapter
14...00 11 67 d6 2c f2 ......Bluetooth NAP Adapter
10...00 25 11 70 13 57 ......NVIDIA nForce 10/100 Mbps Ethernet
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.65 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.65 276
192.168.1.65 255.255.255.255 On-link 192.168.1.65 276
192.168.1.255 255.255.255.255 On-link 192.168.1.65 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.65 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.65 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::2dd4:cb3:de41:d945/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/09/2012 09:30:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/09/2012 09:27:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/09/2012 06:01:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/09/2012 05:52:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/09/2012 05:52:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/09/2012 05:50:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/09/2012 05:50:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/09/2012 05:50:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/03/2012 06:40:28 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e21213c
Exception code: 0x0000046b
Fault offset: 0x000000000000cacd
Faulting process id: 0x1468
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3

Error: (05/03/2012 06:39:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.7601.17514, time stamp: 0x4ce7a485
Faulting module name: qdvd.dll, version: 6.6.7601.17713, time stamp: 0x4ea78b31
Exception code: 0xc0000005
Fault offset: 0x00045580
Faulting process id: 0x4b4
Faulting application start time: 0xwmplayer.exe0
Faulting application path: wmplayer.exe1
Faulting module path: wmplayer.exe2
Report Id: wmplayer.exe3


System errors:
=============
Error: (05/11/2012 00:54:07 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:54:07 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:44:45 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:44:45 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:44:39 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:30:41 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:24:31 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:24:28 PM) (Source: NetBT) (User: )
Description: The name "HOME :0" could not be registered on the interface with IP address 192.168.1.65.
The computer with the IP address 192.168.1.254 did not allow the name to be claimed by
this computer.

Error: (05/11/2012 00:24:06 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (05/11/2012 00:24:04 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Lbd


Microsoft Office Sessions:
=========================
Error: (02/06/2012 01:27:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6423.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 203 seconds with 180 seconds of active time. This session ended with a crash.

Error: (07/20/2010 05:27:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
1Click DVD Converter 2.2.2.4
1Click DVD Copy Pro 4.2.8.2
2377 Exam Simulator (Version: 1.00.3.0)
2382 Exam Simulator Demo (Version: 1.00.3.0)
325 USB PC Camera (Version: 0.6.0.001)
ACDSee Photo Manager 2009 (Version: 11.0.113)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader 9.4.1 (Version: 9.4.1)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Cover Studio 2.2.0 (Version: 2.2.0)
Astroburn Lite (Version: 1.5.0.0139)
µTorrent (Version: 2.0.2)
AudioConverter
Auto Gordian Knot 2.40 (Version: 2.40)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.1913)
AVG PC Tuneup (Version: 10.0.0.27)
Avidemux 2.5 (Version: 2.5.3.0)
AviSynth 2.5
AVS Audio Converter 7
AVS Audio Editor 7.1
AVS Audio Recorder version 4.0
AVS Cover Editor 2.0.1.3
AVS Disc Creator 5
AVS Document Converter 2.1.2
AVS DVD Copy 4.1.2.283
AVS Image Converter 2.1.2.169
AVS Media Player 4.1.8.93
AVS Photo Editor
AVS Registry Cleaner version 2.2
AVS Ringtone Maker version 1.6
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Converter 8
AVS Video Editor 6
AVS Video Recorder 2.4
AVS Video ReMaker 4.0.8.140
AVS4YOU Software Navigator 1.4
Bejeweled 2 Deluxe
BlackBerry Desktop Software 6.1 (Version: 6.1.0.36)
Blue Manager Suite (Version: 3.3.0.2452.1.72)
BT Yahoo! Toolbar
BurnAware Professional 4.0
BusinessCardsMX 3.92 (Version: 3.92)
C-Media PCI Audio Device
Calendar Creator 10 (Version: 10.00)
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.2.0.0)
CDDRV_Installer (Version: 4.60)
CDisplay 1.8
Cisco Network Magic (Version: 5.5.09195.0)
CloneCD
CloneDVD 4.2.5.0
Conduit Engine (Version: )
D9-Viewer V1.0.5.19
DAEMON Tools Lite (Version: 4.45.3.0297)
DivX Setup (Version: 2.5.0.15)
Driving Test Success - All Tests 2011 Edition (Update 3) (Version: 15.0)
DVD Architect Studio 5.0 (Version: 5.0.128)
DVD Decrypter (Remove Only)
DVD43 Plug-in v1.0.0.5
DYMO Label v.8 (Version: 8.3.0.1242)
EPSON Attach To Email (Version: 1.01.0000)
EPSON Copy Utility 3 (Version: 3.3.0.0)
EPSON Easy Photo Print (Version: 1.5.3.0)
EPSON File Manager (Version: 1.3.0.0)
EPSON Print CD (Version: 1.60.000)
Epson Print CD (Version: 2.00.00)
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant (Version: 1.10.00)
EPSON Stylus Photo RX685_690 Manual
erLT (Version: 1.20.0137)
ESET Online Scanner v3
Fast AVI MPEG Joiner 1.1.2
FileZilla Client 3.5.3 (Version: 3.5.3)
FoxTab Media Player
FoxTab Video Converter
Funmoods on IE and Chrome
GoToAssist Corporate (Version: 9.0.0.570)
GoToAssist Corporate (Version: 9.0.570)
Hallmark Card Studio 2012 Deluxe (Version: 13.0.0.17)
Hex Workshop v6.6 (Version: 6.6.1.5158)
Hoyle Casino 2010 (remove only)
Hoyle Puzzle and Board Games 2011 (remove only)
Hoyle Puzzle Games 2007 (Version: 1.0.0.0)
IdPhotos Pro 5 (Version: 5.0.187.0)
Image Grabber II
Image Grabber II.NET (Version: 2.0.2)
IncrediMail (Version: 6.2.9.5188)
IncrediMail 2.0 (Version: 6.2.9.5188)
IncrediMail MediaBar 2 Toolbar (Version: 6.1.0.7)
IncrediMail_MediaBar Toolbar (Version: )
inSSIDer (Version: 1.2.8)
Internet Download Manager
Internet TV for Windows Media Center (Version: 4.2.2.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
K-Lite Codec Pack (64-bit) v4.6.0 (Version: 4.6.0)
K-Lite Codec Pack 4.5.3 (Standard) (Version: 4.5.3)
KC Softwares VideoInspector
KhalInstallWrapper (Version: 2.00.0000)
KWorld Multimedia -- RC Utility Utilities
KWorld USB DVB-T BDA Driver
Logitech SetPoint (Version: 4.80)
Mahjong Memoirs (Version: 1.0.0)
MahJong Suite 2011 v8.3
Media Player Classic - Home Cinema v1.4.2499.0 (Version: 1.4.2499.0)
MediaInfo 0.7.47 (Version: 0.7.47)
Mega Manager (Version: 3.3.05)
Mega Manager (Version: 3.5.1.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft AutoRoute 2010 (Version: 17.0.22.1400)
Microsoft Money 2006 (Version: 15)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access database engine 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable Package (Version: 1.0.0)
Microsoft Web Publishing Wizard 1.52
mIRC (Version: 7.19)
MKV Player 2.0
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MPlayer for Windows (Full Package)
MSVCRT Redists (Version: 1.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.18.0)
neroxml (Version: 1.0.0)
Network Magic (Version: 5.5.9195.0)
Nitro PDF Professional (Version: 6.0.2.6)
Nitro Pro 7 (Version: 7.2.0.15)
Nokia Connectivity Cable Driver (Version: 7.1.32.69)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Drivers (Version: 1.4)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA PhysX (Version: 9.09.0428)
NVIDIA Stereoscopic 3D Driver (Version: 7.15.11.8634)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
NWZ-S760 WALKMAN Guide (Version: 2.0.2.04130)
Photo Notifier and Animation Creator (Version: 1.0.0.1009)
PhotoMail Maker (Version: 6.0.0.1007)
Platform (Version: 1.38)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Pure Networks Platform (Version: 11.2.09195.1)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.71.80.42)
RapidShare Manager 2 (Version: 2)
Rapport (Version: 3.5.1008.49)
Rapport (Version: 3.5.1008.53)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
RealSpeak Solo for UK English Emily (Version: 4.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5859)
RealUpgrade 1.1 (Version: 1.1.0)
Scan to PDF v2.21
SceneGrabber.NET (Version: 1.0.0)
Seagate Dashboard (Version: 1.1.0.1548)
SeePassword (Version: 1.03.0000)
Skype™ 4.2 (Version: 4.2.169)
SkyPlayer for Windows Media Center (Version: 3.4.3.0)
Sound Forge Audio Studio 10.0 (Version: 10.0.153)
Speed Video Splitter 4.3.28
SUPERAntiSpyware (Version: 5.0.1136)
System Requirements Lab for Intel (Version: 4.5.3.0)
The Ultimate Troubleshooter
TiVme Software
TomTom HOME 2.8.3.2499 (Version: 2.8.3.2499)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
TwonkyBeam for Internet Explorer (Version: 1.6.6.0)
TwonkyManager (Version: 2.0.9.49)
TwonkyMedia Windows Components (Version: 2.0.9)
UltraISO Premium V9.52
UltraMon (Version: 3.0.10)
Unlocker 1.8.9 (Version: 1.8.9)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USBFast (Version: 2.0.0.4)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VIA Platform Device Manager (Version: 1.38)
VirtualCloneDrive
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 8.0.0.35)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 2.0.1 (Version: 2.0.1)
VobSub v2.23 (Remove Only)
VueScan
WebEx Support Manager for Internet Explorer (Version: 6.5.47)
Windows 7 Codec Pack 3.1.0
Windows 7 Manager (Version: 3.0.2)
Windows Media ASF View 9 Series
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Windows XP Mode (Version: 1.3.7600.16423)
WinRAR archiver
x264vfw - H.264/MPEG-4 AVC codec (remove only)
XaviWare Password Recovery .MDB (Version: 2.0.1.0)
Xilisoft Video Editor (Version: 1.0.34.0402)
XviD MPEG4 Video Codec (remove only)
Yahoo! Software Update
Your Uninstaller! 2010 (Version: 7.0)

========================= Devices: ================================

Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 4095.37 MB
Available physical RAM: 2309.68 MB
Total Pagefile: 18188.93 MB
Available Pagefile: 15987.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.7 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.76 GB) (Free:214.28 GB) NTFS
2 Drive d: (1 81 interna) (Fixed) (Total:1863.01 GB) (Free:1812.7 GB) NTFS
3 Drive e: (FILMS SAVED) (Fixed) (Total:488.28 GB) (Free:290.45 GB) NTFS
4 Drive f: (FILMS) (Fixed) (Total:908.98 GB) (Free:477.68 GB) NTFS
5 Drive g: (old odds and ends) (Fixed) (Total:371.09 GB) (Free:172.19 GB) NTFS
6 Drive h: (TV Saved) (Fixed) (Total:1491.92 GB) (Free:967.25 GB) NTFS
8 Drive j: (931GB POSTED TO PU) (Fixed) (Total:931.51 GB) (Free:752.57 GB) NTFS
10 Drive m: (TV Series BackUp REAR) (Fixed) (Total:931.51 GB) (Free:430.86 GB) NTFS
17 Drive t: (465MB ISO) (Fixed) (Total:465.76 GB) (Free:456.03 GB) NTFS
18 Drive u: (465GB) (Fixed) (Total:465.76 GB) (Free:448.95 GB) NTFS
21 Drive x: (PRINTER) (Removable) (Total:0.04 GB) (Free:0.04 GB) FAT

========================= Users: ========================================

User accounts for \\HOME

Administrator Dave Guest
UpdatusUser

========================= Minidump Files ==================================

No minidump file found

**** End of log ****



----------------------------------------------------------------------


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.11.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dave :: HOME [administrator]

11/05/2012 13:03:21
mbam-log-2012-05-11 (13-03-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244062
Time elapsed: 6 minute(s), 31 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 31
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\f (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\JaiMataDi (Malware.Trace) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FUNMOODS (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\funmoods|UninstallString (PUP.Funmoods) -> Data: "C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\uninstall.exe" -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\sooi832.bin (Trojan.SpyEyes) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16 (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh (PUP.Funmoods) -> Quarantined and deleted successfully.

Files Detected: 7
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\bh\funmoods.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodssrv.exe (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsTlbr.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsApp.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsEng.dll (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx (PUP.Funmoods) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\uninstall.exe (PUP.Funmoods) -> Quarantined and deleted successfully.

(end)

#4 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:57 AM

Posted 11 May 2012 - 06:01 PM

Hi

That got rid of some malware.

Step 1

Going over your logs I noticed that you have utorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall utorrent, however that choice is up to you. If you choose to remove these programs, you can do so via:

For Windows XP:

  • Click the Posted Image button
  • Click Control Panel then Add/Remove Programs.

For Windows Vista / 7:

  • Click the "Windows Orb" button - Posted Image button
  • Click Control Panel then Programs and Features..


Step 2

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on yourr desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Check the boxes next to Verify file digital signatures and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


Step 3

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Step 4

How is the computer running now?

Edited by dev00790, 11 May 2012 - 06:01 PM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#5 hubsy

hubsy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 PM

Posted 13 May 2012 - 07:56 AM

09:59:27.0788 1748 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
09:59:29.0790 1748 ============================================================
09:59:29.0790 1748 Current date / time: 2012/05/13 09:59:29.0790
09:59:29.0790 1748 SystemInfo:
09:59:29.0790 1748
09:59:29.0790 1748 OS Version: 6.1.7601 ServicePack: 1.0
09:59:29.0790 1748 Product type: Workstation
09:59:29.0790 1748 ComputerName: HOME
09:59:29.0791 1748 UserName: Dave
09:59:29.0791 1748 Windows directory: C:\Windows
09:59:29.0791 1748 System windows directory: C:\Windows
09:59:29.0791 1748 Running under WOW64
09:59:29.0791 1748 Processor architecture: Intel x64
09:59:29.0791 1748 Number of processors: 4
09:59:29.0791 1748 Page size: 0x1000
09:59:29.0791 1748 Boot type: Normal boot
09:59:29.0791 1748 ============================================================
09:59:31.0191 1748 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x2DD78, SectorsPerTrack: 0x33, TracksPerCylinder: 0x66, Type 'K0', Flags 0x00000040
09:59:31.0191 1748 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:59:31.0192 1748 Drive \Device\Harddisk2\DR2 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:59:31.0214 1748 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:59:31.0219 1748 Drive \Device\Harddisk10\DR10 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:59:37.0929 1748 Drive \Device\Harddisk11\DR12 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:59:42.0274 1748 Drive \Device\Harddisk4\DR4 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:59:50.0878 1748 Drive \Device\Harddisk9\DR9 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:59:50.0890 1748 ============================================================
09:59:50.0890 1748 \Device\Harddisk0\DR0:
09:59:50.0890 1748 MBR partitions:
09:59:50.0890 1748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33, BlocksNum 0x3A384E47
09:59:50.0890 1748 \Device\Harddisk1\DR1:
09:59:50.0891 1748 MBR partitions:
09:59:50.0891 1748 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
09:59:50.0891 1748 \Device\Harddisk2\DR2:
09:59:50.0891 1748 MBR partitions:
09:59:50.0891 1748 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D090000
09:59:50.0891 1748 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3D090800, BlocksNum 0x719F6000
09:59:50.0891 1748 \Device\Harddisk3\DR3:
09:59:50.0891 1748 MBR partitions:
09:59:50.0891 1748 \Device\Harddisk10\DR10:
09:59:50.0891 1748 MBR partitions:
09:59:50.0891 1748 \Device\Harddisk10\DR10\Partition0: MBR, Type 0x7, StartLBA 0x1, BlocksNum 0x74706DAF
09:59:50.0891 1748 \Device\Harddisk4\DR4:
09:59:50.0893 1748 MBR partitions:
09:59:50.0894 1748 \Device\Harddisk4\DR4\Partition0: MBR, Type 0x7, StartLBA 0x7E, BlocksNum 0x747063C3
09:59:50.0894 1748 \Device\Harddisk9\DR9:
09:59:50.0894 1748 MBR partitions:
09:59:50.0894 1748 \Device\Harddisk9\DR9\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
09:59:50.0894 1748 ============================================================
09:59:50.0902 1748 C: <-> \Device\Harddisk0\DR0\Partition0
09:59:50.0903 1748 D: <-> \Device\Harddisk1\DR1\Partition0
09:59:50.0984 1748 M: <-> \Device\Harddisk4\DR4\Partition0
09:59:51.0020 1748 T: <-> \Device\Harddisk9\DR9\Partition0
09:59:51.0076 1748 E: <-> \Device\Harddisk2\DR2\Partition0
09:59:51.0078 1748 F: <-> \Device\Harddisk2\DR2\Partition1
09:59:51.0107 1748 J: <-> \Device\Harddisk10\DR10\Partition0
09:59:51.0108 1748 ============================================================
09:59:51.0108 1748 Initialize success
09:59:51.0108 1748 ============================================================
09:59:55.0324 6004 Deinitialize success





10:00:17.0706 2712 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
10:00:17.0887 2712 ============================================================
10:00:17.0887 2712 Current date / time: 2012/05/13 10:00:17.0887
10:00:17.0887 2712 SystemInfo:
10:00:17.0887 2712
10:00:17.0887 2712 OS Version: 6.1.7601 ServicePack: 1.0
10:00:17.0887 2712 Product type: Workstation
10:00:17.0888 2712 ComputerName: HOME
10:00:17.0888 2712 UserName: Dave
10:00:17.0888 2712 Windows directory: C:\Windows
10:00:17.0888 2712 System windows directory: C:\Windows
10:00:17.0888 2712 Running under WOW64
10:00:17.0888 2712 Processor architecture: Intel x64
10:00:17.0888 2712 Number of processors: 4
10:00:17.0888 2712 Page size: 0x1000
10:00:17.0888 2712 Boot type: Normal boot
10:00:17.0888 2712 ============================================================
10:00:19.0028 2712 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x2DD78, SectorsPerTrack: 0x33, TracksPerCylinder: 0x66, Type 'K0', Flags 0x00000040
10:00:19.0029 2712 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:00:19.0029 2712 Drive \Device\Harddisk2\DR2 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:00:19.0029 2712 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:00:19.0034 2712 Drive \Device\Harddisk10\DR10 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:00:19.0037 2712 Drive \Device\Harddisk11\DR12 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:00:23.0897 2712 Drive \Device\Harddisk4\DR4 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:00:23.0922 2712 Drive \Device\Harddisk9\DR9 - Size: 0x7470C05E00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:00:23.0924 2712 ============================================================
10:00:23.0924 2712 \Device\Harddisk0\DR0:
10:00:23.0924 2712 MBR partitions:
10:00:23.0924 2712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x33, BlocksNum 0x3A384E47
10:00:23.0924 2712 \Device\Harddisk1\DR1:
10:00:23.0924 2712 MBR partitions:
10:00:23.0924 2712 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
10:00:23.0924 2712 \Device\Harddisk2\DR2:
10:00:23.0924 2712 MBR partitions:
10:00:23.0924 2712 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D090000
10:00:23.0924 2712 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3D090800, BlocksNum 0x719F6000
10:00:23.0924 2712 \Device\Harddisk3\DR3:
10:00:23.0924 2712 MBR partitions:
10:00:23.0924 2712 \Device\Harddisk10\DR10:
10:00:23.0925 2712 MBR partitions:
10:00:23.0925 2712 \Device\Harddisk10\DR10\Partition0: MBR, Type 0x7, StartLBA 0x1, BlocksNum 0x74706DAF
10:00:23.0925 2712 \Device\Harddisk4\DR4:
10:00:23.0925 2712 MBR partitions:
10:00:23.0926 2712 \Device\Harddisk4\DR4\Partition0: MBR, Type 0x7, StartLBA 0x7E, BlocksNum 0x747063C3
10:00:23.0926 2712 \Device\Harddisk9\DR9:
10:00:23.0926 2712 MBR partitions:
10:00:23.0926 2712 \Device\Harddisk9\DR9\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
10:00:23.0926 2712 ============================================================
10:00:23.0940 2712 C: <-> \Device\Harddisk0\DR0\Partition0
10:00:23.0941 2712 D: <-> \Device\Harddisk1\DR1\Partition0
10:00:23.0973 2712 M: <-> \Device\Harddisk4\DR4\Partition0
10:00:23.0975 2712 T: <-> \Device\Harddisk9\DR9\Partition0
10:00:23.0976 2712 E: <-> \Device\Harddisk2\DR2\Partition0
10:00:23.0977 2712 F: <-> \Device\Harddisk2\DR2\Partition1
10:00:23.0978 2712 J: <-> \Device\Harddisk10\DR10\Partition0
10:00:23.0978 2712 ============================================================
10:00:23.0978 2712 Initialize success
10:00:23.0978 2712 ============================================================
10:00:57.0716 5712 ============================================================
10:00:57.0716 5712 Scan started
10:00:57.0716 5712 Mode: Manual; SigCheck; TDLFS;
10:00:57.0716 5712 ============================================================
10:00:58.0471 5712 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:00:58.0526 5712 !SASCORE - ok
10:00:58.0672 5712 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:00:58.0768 5712 1394ohci - ok
10:00:58.0792 5712 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:00:58.0808 5712 ACPI - ok
10:00:58.0841 5712 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:00:58.0924 5712 AcpiPmi - ok
10:00:59.0045 5712 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:00:59.0088 5712 AdobeFlashPlayerUpdateSvc - ok
10:00:59.0132 5712 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:00:59.0155 5712 adp94xx - ok
10:00:59.0186 5712 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:00:59.0206 5712 adpahci - ok
10:00:59.0227 5712 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:00:59.0241 5712 adpu320 - ok
10:00:59.0261 5712 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:00:59.0438 5712 AeLookupSvc - ok
10:00:59.0486 5712 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:00:59.0529 5712 AFD - ok
10:00:59.0566 5712 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:00:59.0600 5712 agp440 - ok
10:00:59.0621 5712 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:00:59.0671 5712 ALG - ok
10:00:59.0692 5712 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:00:59.0712 5712 aliide - ok
10:00:59.0739 5712 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:00:59.0751 5712 amdide - ok
10:00:59.0799 5712 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:00:59.0848 5712 AmdK8 - ok
10:00:59.0861 5712 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:00:59.0896 5712 AmdPPM - ok
10:00:59.0938 5712 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:00:59.0966 5712 amdsata - ok
10:00:59.0994 5712 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:01:00.0017 5712 amdsbs - ok
10:01:00.0032 5712 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:01:00.0048 5712 amdxata - ok
10:01:00.0083 5712 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:01:00.0258 5712 AppID - ok
10:01:00.0281 5712 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:01:00.0335 5712 AppIDSvc - ok
10:01:00.0358 5712 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:01:00.0399 5712 Appinfo - ok
10:01:00.0433 5712 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
10:01:00.0465 5712 AppMgmt - ok
10:01:00.0487 5712 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:01:00.0500 5712 arc - ok
10:01:00.0520 5712 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:01:00.0533 5712 arcsas - ok
10:01:00.0623 5712 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:01:00.0690 5712 aspnet_state - ok
10:01:00.0713 5712 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:01:00.0772 5712 AsyncMac - ok
10:01:00.0800 5712 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:01:00.0812 5712 atapi - ok
10:01:00.0878 5712 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:01:00.0939 5712 AudioEndpointBuilder - ok
10:01:00.0945 5712 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:01:00.0983 5712 AudioSrv - ok
10:01:01.0022 5712 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
10:01:01.0033 5712 Avgfwfd - ok
10:01:01.0283 5712 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
10:01:01.0386 5712 avgfws - ok
10:01:01.0628 5712 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
10:01:01.0693 5712 AVGIDSAgent - ok
10:01:01.0805 5712 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
10:01:01.0819 5712 AVGIDSDriver - ok
10:01:01.0859 5712 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
10:01:01.0869 5712 AVGIDSEH - ok
10:01:01.0901 5712 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
10:01:01.0912 5712 AVGIDSFilter - ok
10:01:01.0953 5712 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
10:01:01.0979 5712 Avgldx64 - ok
10:01:02.0006 5712 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
10:01:02.0017 5712 Avgmfx64 - ok
10:01:02.0063 5712 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
10:01:02.0073 5712 Avgrkx64 - ok
10:01:02.0114 5712 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
10:01:02.0180 5712 Avgtdia - ok
10:01:02.0325 5712 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:01:02.0359 5712 avgwd - ok
10:01:02.0390 5712 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:01:02.0498 5712 AxInstSV - ok
10:01:02.0552 5712 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:01:02.0619 5712 b06bdrv - ok
10:01:02.0651 5712 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:01:02.0706 5712 b57nd60a - ok
10:01:02.0740 5712 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:01:02.0788 5712 BDESVC - ok
10:01:02.0799 5712 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:01:02.0833 5712 Beep - ok
10:01:02.0951 5712 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:01:03.0025 5712 BFE - ok
10:01:03.0086 5712 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:01:03.0183 5712 BITS - ok
10:01:03.0237 5712 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:01:03.0293 5712 blbdrive - ok
10:01:03.0334 5712 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:01:03.0378 5712 bowser - ok
10:01:03.0392 5712 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:01:03.0494 5712 BrFiltLo - ok
10:01:03.0505 5712 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:01:03.0525 5712 BrFiltUp - ok
10:01:03.0565 5712 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:01:03.0627 5712 Browser - ok
10:01:03.0657 5712 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:01:03.0704 5712 Brserid - ok
10:01:03.0714 5712 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:01:03.0745 5712 BrSerWdm - ok
10:01:03.0764 5712 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:01:03.0780 5712 BrUsbMdm - ok
10:01:03.0810 5712 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:01:03.0841 5712 BrUsbSer - ok
10:01:03.0862 5712 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:01:03.0887 5712 BTHMODEM - ok
10:01:03.0952 5712 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:01:04.0002 5712 bthserv - ok
10:01:04.0027 5712 btiaa2dp (2e5a2233303800c7c2e9999fc6bf9b27) C:\Windows\system32\drivers\btiaa2dp.sys
10:01:04.0089 5712 btiaa2dp - ok
10:01:04.0126 5712 BTiAPan (a0dd67f9683e6e533dd5e49059e42359) C:\Windows\system32\DRIVERS\btiapan.sys
10:01:04.0170 5712 BTiAPan - ok
10:01:04.0203 5712 btiarcp (babab04a469845c1a3e7ed4f28b7e654) C:\Windows\system32\DRIVERS\btiarcp.sys
10:01:04.0246 5712 btiarcp - ok
10:01:04.0280 5712 btiaspp (bf43aa9ea27ec82f37938a52ddaef53b) C:\Windows\system32\DRIVERS\btiaspp.sys
10:01:04.0301 5712 btiaspp - ok
10:01:04.0356 5712 BTIAUSB (6db8264c3e751648bf69d1d23fce8b10) C:\Windows\system32\DRIVERS\btiausb.sys
10:01:04.0391 5712 BTIAUSB - ok
10:01:04.0445 5712 BTPROT (d9c0214aa868a8cc8b39815e8e12e3d8) C:\Windows\system32\DRIVERS\btprot.sys
10:01:04.0489 5712 BTPROT - ok
10:01:04.0514 5712 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:01:04.0577 5712 cdfs - ok
10:01:04.0617 5712 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:01:04.0634 5712 cdrom - ok
10:01:04.0663 5712 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:01:04.0720 5712 CertPropSvc - ok
10:01:04.0735 5712 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:01:04.0767 5712 circlass - ok
10:01:04.0808 5712 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:01:04.0825 5712 CLFS - ok
10:01:04.0897 5712 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:01:04.0909 5712 clr_optimization_v2.0.50727_32 - ok
10:01:04.0952 5712 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:01:04.0964 5712 clr_optimization_v2.0.50727_64 - ok
10:01:05.0033 5712 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:01:05.0165 5712 clr_optimization_v4.0.30319_32 - ok
10:01:05.0196 5712 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:01:05.0288 5712 clr_optimization_v4.0.30319_64 - ok
10:01:05.0324 5712 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:01:05.0379 5712 CmBatt - ok
10:01:05.0410 5712 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:01:05.0426 5712 cmdide - ok
10:01:05.0499 5712 cmuda3 (afbc0ac028b7498a7151f75d9bed4430) C:\Windows\system32\drivers\cmudax3.sys
10:01:05.0595 5712 cmuda3 - ok
10:01:05.0636 5712 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:01:05.0666 5712 CNG - ok
10:01:05.0687 5712 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:01:05.0699 5712 Compbatt - ok
10:01:05.0728 5712 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:01:05.0754 5712 CompositeBus - ok
10:01:05.0757 5712 COMSysApp - ok
10:01:05.0842 5712 cpudrv64 (3ca734ce373e5675fbc15ca2c45228e5) C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys
10:01:05.0885 5712 cpudrv64 - ok
10:01:05.0906 5712 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:01:05.0925 5712 crcdisk - ok
10:01:05.0978 5712 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
10:01:06.0027 5712 CryptSvc - ok
10:01:06.0076 5712 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:01:06.0154 5712 CSC - ok
10:01:06.0222 5712 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
10:01:06.0281 5712 CscService - ok
10:01:06.0323 5712 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:01:06.0383 5712 DcomLaunch - ok
10:01:06.0411 5712 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:01:06.0466 5712 defragsvc - ok
10:01:06.0522 5712 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:01:06.0571 5712 DfsC - ok
10:01:06.0607 5712 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:01:06.0659 5712 Dhcp - ok
10:01:06.0683 5712 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:01:06.0727 5712 discache - ok
10:01:06.0757 5712 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:01:06.0770 5712 Disk - ok
10:01:06.0809 5712 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:01:06.0861 5712 Dnscache - ok
10:01:06.0911 5712 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:01:06.0988 5712 dot3svc - ok
10:01:07.0018 5712 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:01:07.0065 5712 DPS - ok
10:01:07.0097 5712 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:01:07.0122 5712 drmkaud - ok
10:01:07.0215 5712 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:01:07.0262 5712 DXGKrnl - ok
10:01:07.0345 5712 DymoPnpService (4e6c490cbd91cdf4d42edc973d6d1835) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
10:01:07.0377 5712 DymoPnpService - ok
10:01:07.0409 5712 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:01:07.0487 5712 EapHost - ok
10:01:07.0679 5712 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:01:07.0752 5712 ebdrv - ok
10:01:07.0848 5712 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:01:07.0907 5712 EFS - ok
10:01:08.0000 5712 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:01:08.0090 5712 ehRecvr - ok
10:01:08.0117 5712 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:01:08.0156 5712 ehSched - ok
10:01:08.0242 5712 ElbyCDFL (9387a484d31209d7fc3f795a787294db) C:\Windows\system32\Drivers\ElbyCDFL.sys
10:01:08.0276 5712 ElbyCDFL - ok
10:01:08.0321 5712 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
10:01:08.0354 5712 ElbyCDIO - ok
10:01:08.0401 5712 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:01:08.0424 5712 elxstor - ok
10:01:08.0461 5712 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:01:08.0493 5712 ErrDev - ok
10:01:08.0537 5712 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:01:08.0598 5712 EventSystem - ok
10:01:08.0624 5712 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:01:08.0673 5712 exfat - ok
10:01:08.0699 5712 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:01:08.0738 5712 fastfat - ok
10:01:08.0803 5712 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:01:08.0851 5712 Fax - ok
10:01:08.0868 5712 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:01:08.0896 5712 fdc - ok
10:01:08.0927 5712 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:01:08.0993 5712 fdPHost - ok
10:01:09.0005 5712 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:01:09.0054 5712 FDResPub - ok
10:01:09.0186 5712 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:01:09.0225 5712 FileInfo - ok
10:01:09.0270 5712 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:01:09.0333 5712 Filetrace - ok
10:01:09.0355 5712 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:01:09.0370 5712 flpydisk - ok
10:01:09.0411 5712 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:01:09.0443 5712 FltMgr - ok
10:01:09.0527 5712 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:01:09.0606 5712 FontCache - ok
10:01:09.0672 5712 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:01:09.0705 5712 FontCache3.0.0.0 - ok
10:01:09.0762 5712 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:01:09.0796 5712 FsDepends - ok
10:01:09.0832 5712 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:01:09.0847 5712 Fs_Rec - ok
10:01:09.0892 5712 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:01:09.0914 5712 fvevol - ok
10:01:09.0928 5712 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:01:09.0941 5712 gagp30kx - ok
10:01:10.0010 5712 GoToAssist (5cc2b1d06ac1962af5fbbcf88d781dd8) C:\Program Files (x86)\Citrix\GoToAssist\570\g2aservice.exe
10:01:10.0037 5712 GoToAssist - ok
10:01:10.0110 5712 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:01:10.0187 5712 gpsvc - ok
10:01:10.0207 5712 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:01:10.0230 5712 hcw85cir - ok
10:01:10.0288 5712 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:01:10.0342 5712 HdAudAddService - ok
10:01:10.0366 5712 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:01:10.0409 5712 HDAudBus - ok
10:01:10.0428 5712 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:01:10.0444 5712 HidBatt - ok
10:01:10.0461 5712 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:01:10.0492 5712 HidBth - ok
10:01:10.0508 5712 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:01:10.0524 5712 HidIr - ok
10:01:10.0542 5712 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:01:10.0589 5712 hidserv - ok
10:01:10.0622 5712 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:01:10.0636 5712 HidUsb - ok
10:01:10.0671 5712 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:01:10.0730 5712 hkmsvc - ok
10:01:10.0762 5712 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:01:10.0799 5712 HomeGroupListener - ok
10:01:10.0842 5712 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:01:10.0895 5712 HomeGroupProvider - ok
10:01:10.0928 5712 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:01:10.0949 5712 HpSAMD - ok
10:01:11.0096 5712 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:01:11.0205 5712 HTTP - ok
10:01:11.0238 5712 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:01:11.0250 5712 hwpolicy - ok
10:01:11.0277 5712 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:01:11.0293 5712 i8042prt - ok
10:01:11.0336 5712 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:01:11.0353 5712 iaStorV - ok
10:01:11.0387 5712 IDMWFP (2a63036283b36b3b68cdc6f85a7d53ed) C:\Windows\system32\DRIVERS\idmwfp.sys
10:01:11.0401 5712 IDMWFP - ok
10:01:11.0484 5712 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:01:11.0517 5712 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:01:11.0517 5712 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:01:11.0633 5712 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:01:11.0655 5712 idsvc - ok
10:01:11.0680 5712 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:01:11.0693 5712 iirsp - ok
10:01:11.0773 5712 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:01:11.0831 5712 IKEEXT - ok
10:01:11.0954 5712 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys
10:01:12.0028 5712 IntcAzAudAddService - ok
10:01:12.0148 5712 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:01:12.0186 5712 intelide - ok
10:01:12.0213 5712 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:01:12.0253 5712 intelppm - ok
10:01:12.0282 5712 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:01:12.0350 5712 IPBusEnum - ok
10:01:12.0397 5712 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:01:12.0438 5712 IpFilterDriver - ok
10:01:12.0484 5712 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:01:12.0537 5712 iphlpsvc - ok
10:01:12.0571 5712 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:01:12.0600 5712 IPMIDRV - ok
10:01:12.0626 5712 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:01:12.0671 5712 IPNAT - ok
10:01:12.0688 5712 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:01:12.0765 5712 IRENUM - ok
10:01:12.0797 5712 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:01:12.0812 5712 isapnp - ok
10:01:12.0871 5712 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:01:12.0886 5712 iScsiPrt - ok
10:01:12.0994 5712 ISODrive (9c6f3f69163133fb8e56ac4a6e163452) C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
10:01:13.0058 5712 ISODrive - ok
10:01:13.0098 5712 IT9135BDA (eddf60c95c8c79ad3b7e843388ba8d39) C:\Windows\system32\Drivers\IT9135BDA.sys
10:01:13.0153 5712 IT9135BDA - ok
10:01:13.0165 5712 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:01:13.0185 5712 kbdclass - ok
10:01:13.0222 5712 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:01:13.0245 5712 kbdhid - ok
10:01:13.0272 5712 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:01:13.0294 5712 KeyIso - ok
10:01:13.0316 5712 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:01:13.0336 5712 KSecDD - ok
10:01:13.0362 5712 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:01:13.0375 5712 KSecPkg - ok
10:01:13.0397 5712 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:01:13.0441 5712 ksthunk - ok
10:01:13.0474 5712 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:01:13.0528 5712 KtmRm - ok
10:01:13.0556 5712 L8042Kbd (f33c5d79d3273530e1892a0922283a7b) C:\Windows\system32\DRIVERS\L8042Kbd.sys
10:01:13.0568 5712 L8042Kbd - ok
10:01:13.0628 5712 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:01:13.0692 5712 LanmanServer - ok
10:01:13.0730 5712 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:01:13.0863 5712 LanmanWorkstation - ok
10:01:13.0867 5712 Lbd - ok
10:01:13.0986 5712 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
10:01:14.0010 5712 LBTServ - ok
10:01:14.0043 5712 LEqdUsb (becbd7cd46776b8739ee18061f45a581) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
10:01:14.0055 5712 LEqdUsb - ok
10:01:14.0080 5712 LHidEqd (21d6bd7d62c270059eb8e2b1d4095880) C:\Windows\system32\DRIVERS\LHidEqd.Sys
10:01:14.0090 5712 LHidEqd - ok
10:01:14.0106 5712 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:01:14.0117 5712 LHidFilt - ok
10:01:14.0125 5712 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:01:14.0174 5712 lltdio - ok
10:01:14.0210 5712 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:01:14.0267 5712 lltdsvc - ok
10:01:14.0305 5712 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:01:14.0339 5712 lmhosts - ok
10:01:14.0361 5712 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:01:14.0372 5712 LMouFilt - ok
10:01:14.0403 5712 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:01:14.0417 5712 LSI_FC - ok
10:01:14.0434 5712 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:01:14.0447 5712 LSI_SAS - ok
10:01:14.0468 5712 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:01:14.0481 5712 LSI_SAS2 - ok
10:01:14.0496 5712 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:01:14.0510 5712 LSI_SCSI - ok
10:01:14.0529 5712 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:01:14.0575 5712 luafv - ok
10:01:14.0615 5712 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:01:14.0632 5712 Mcx2Svc - ok
10:01:14.0642 5712 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:01:14.0655 5712 megasas - ok
10:01:14.0675 5712 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:01:14.0691 5712 MegaSR - ok
10:01:14.0790 5712 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:01:14.0825 5712 Microsoft Office Groove Audit Service - ok
10:01:14.0856 5712 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:01:14.0908 5712 MMCSS - ok
10:01:14.0931 5712 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:01:14.0980 5712 Modem - ok
10:01:15.0004 5712 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:01:15.0032 5712 monitor - ok
10:01:15.0061 5712 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:01:15.0074 5712 mouclass - ok
10:01:15.0099 5712 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:01:15.0130 5712 mouhid - ok
10:01:15.0196 5712 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:01:15.0228 5712 mountmgr - ok
10:01:15.0273 5712 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:01:15.0290 5712 MozillaMaintenance - ok
10:01:15.0334 5712 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:01:15.0351 5712 mpio - ok
10:01:15.0374 5712 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:01:15.0415 5712 mpsdrv - ok
10:01:15.0482 5712 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:01:15.0536 5712 MpsSvc - ok
10:01:15.0578 5712 MREMP50 - ok
10:01:15.0631 5712 MREMP50a64 - ok
10:01:15.0644 5712 MREMPR5 - ok
10:01:15.0649 5712 MRENDIS5 - ok
10:01:15.0655 5712 MRESP50 - ok
10:01:15.0661 5712 MRESP50a64 - ok
10:01:15.0700 5712 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:01:15.0735 5712 MRxDAV - ok
10:01:15.0772 5712 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:01:15.0820 5712 mrxsmb - ok
10:01:15.0866 5712 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:01:15.0923 5712 mrxsmb10 - ok
10:01:15.0942 5712 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:01:15.0966 5712 mrxsmb20 - ok
10:01:16.0007 5712 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:01:16.0038 5712 msahci - ok
10:01:16.0077 5712 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:01:16.0094 5712 msdsm - ok
10:01:16.0124 5712 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:01:16.0154 5712 MSDTC - ok
10:01:16.0179 5712 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:01:16.0212 5712 Msfs - ok
10:01:16.0220 5712 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:01:16.0253 5712 mshidkmdf - ok
10:01:16.0275 5712 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:01:16.0287 5712 msisadrv - ok
10:01:16.0318 5712 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:01:16.0370 5712 MSiSCSI - ok
10:01:16.0374 5712 msiserver - ok
10:01:16.0390 5712 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:01:16.0424 5712 MSKSSRV - ok
10:01:16.0434 5712 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:01:16.0481 5712 MSPCLOCK - ok
10:01:16.0502 5712 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:01:16.0551 5712 MSPQM - ok
10:01:16.0592 5712 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:01:16.0620 5712 MsRPC - ok
10:01:16.0633 5712 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:01:16.0646 5712 mssmbios - ok
10:01:16.0656 5712 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:01:16.0702 5712 MSTEE - ok
10:01:16.0715 5712 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:01:16.0739 5712 MTConfig - ok
10:01:16.0760 5712 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:01:16.0773 5712 Mup - ok
10:01:16.0826 5712 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:01:16.0905 5712 napagent - ok
10:01:16.0939 5712 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:01:16.0984 5712 NativeWifiP - ok
10:01:17.0042 5712 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:01:17.0066 5712 NDIS - ok
10:01:17.0081 5712 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:01:17.0115 5712 NdisCap - ok
10:01:17.0127 5712 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:01:17.0160 5712 NdisTapi - ok
10:01:17.0199 5712 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:01:17.0247 5712 Ndisuio - ok
10:01:17.0282 5712 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:01:17.0330 5712 NdisWan - ok
10:01:17.0371 5712 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:01:17.0415 5712 NDProxy - ok
10:01:17.0436 5712 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:01:17.0480 5712 NetBIOS - ok
10:01:17.0525 5712 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:01:17.0558 5712 NetBT - ok
10:01:17.0588 5712 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:01:17.0602 5712 Netlogon - ok
10:01:17.0634 5712 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:01:17.0696 5712 Netman - ok
10:01:17.0806 5712 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:01:17.0857 5712 NetMsmqActivator - ok
10:01:17.0865 5712 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:01:17.0880 5712 NetPipeActivator - ok
10:01:17.0917 5712 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:01:17.0979 5712 netprofm - ok
10:01:17.0983 5712 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:01:17.0995 5712 NetTcpActivator - ok
10:01:17.0999 5712 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:01:18.0011 5712 NetTcpPortSharing - ok
10:01:18.0074 5712 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:01:18.0107 5712 nfrd960 - ok
10:01:18.0212 5712 NitroDriverReadSpool (8375bba5a5f122177853621fd869d9c8) C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
10:01:18.0240 5712 NitroDriverReadSpool - ok
10:01:18.0328 5712 NitroDriverReadSpool2 (5fa5d5be3ce75026eebcc7bcc9859b75) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
10:01:18.0359 5712 NitroDriverReadSpool2 - ok
10:01:18.0403 5712 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:01:18.0471 5712 NlaSvc - ok
10:01:18.0561 5712 nlsX86cc (60ef6771e349eb9173142ab34afc5a4c) C:\Windows\SysWOW64\NLSSRV32.EXE
10:01:18.0573 5712 nlsX86cc - ok
10:01:18.0610 5712 NMIndexingService - ok
10:01:18.0690 5712 nmservice (cd569fa91ec6f59d045c19d0d3850f44) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
10:01:18.0709 5712 nmservice - ok
10:01:18.0778 5712 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys
10:01:18.0863 5712 nmwcd - ok
10:01:18.0889 5712 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:01:18.0928 5712 Npfs - ok
10:01:18.0960 5712 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:01:19.0002 5712 nsi - ok
10:01:19.0019 5712 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:01:19.0050 5712 nsiproxy - ok
10:01:19.0185 5712 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:01:19.0251 5712 Ntfs - ok
10:01:19.0351 5712 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:01:19.0427 5712 Null - ok
10:01:19.0472 5712 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
10:01:19.0510 5712 NVENETFD - ok
10:01:20.0022 5712 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:01:20.0345 5712 nvlddmkm - ok
10:01:20.0481 5712 NVNET (0ad267a4674805b61a5d7b911d2a978a) C:\Windows\system32\DRIVERS\nvmf6264.sys
10:01:20.0522 5712 NVNET - ok
10:01:20.0571 5712 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:01:20.0585 5712 nvraid - ok
10:01:20.0620 5712 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:01:20.0634 5712 nvstor - ok
10:01:20.0668 5712 nvstor64 (662a129cebb4c0b01f95612a7f6dcc9a) C:\Windows\system32\DRIVERS\nvstor64.sys
10:01:20.0682 5712 nvstor64 - ok
10:01:20.0788 5712 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
10:01:20.0827 5712 nvsvc - ok
10:01:21.0038 5712 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:01:21.0094 5712 nvUpdatusService - ok
10:01:21.0220 5712 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:01:21.0258 5712 nv_agp - ok
10:01:21.0371 5712 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:01:21.0411 5712 odserv - ok
10:01:21.0454 5712 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:01:21.0483 5712 ohci1394 - ok
10:01:21.0519 5712 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:01:21.0550 5712 ose - ok
10:01:21.0593 5712 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:01:21.0649 5712 p2pimsvc - ok
10:01:21.0713 5712 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:01:21.0800 5712 p2psvc - ok
10:01:21.0835 5712 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:01:21.0857 5712 Parport - ok
10:01:21.0890 5712 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:01:21.0902 5712 partmgr - ok
10:01:21.0933 5712 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:01:21.0971 5712 PcaSvc - ok
10:01:22.0016 5712 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:01:22.0047 5712 pci - ok
10:01:22.0066 5712 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:01:22.0077 5712 pciide - ok
10:01:22.0104 5712 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:01:22.0119 5712 pcmcia - ok
10:01:22.0156 5712 pcouffin (af7ce12c4f3dc8cb2b07685c916bbcfe) C:\Windows\system32\Drivers\pcouffin.sys
10:01:22.0211 5712 pcouffin - ok
10:01:22.0235 5712 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:01:22.0255 5712 pcw - ok
10:01:22.0295 5712 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:01:22.0376 5712 PEAUTH - ok
10:01:22.0469 5712 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
10:01:22.0558 5712 PeerDistSvc - ok
10:01:22.0637 5712 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:01:22.0679 5712 PerfHost - ok
10:01:22.0845 5712 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:01:22.0932 5712 pla - ok
10:01:23.0063 5712 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\SysWOW64\IoctlSvc.exe
10:01:23.0093 5712 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
10:01:23.0093 5712 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
10:01:23.0176 5712 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:01:23.0251 5712 PlugPlay - ok
10:01:23.0299 5712 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys
10:01:23.0327 5712 pnarp - ok
10:01:23.0334 5712 PnkBstrA - ok
10:01:23.0344 5712 PnkBstrB - ok
10:01:23.0369 5712 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:01:23.0393 5712 PNRPAutoReg - ok
10:01:23.0423 5712 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:01:23.0440 5712 PNRPsvc - ok
10:01:23.0509 5712 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:01:23.0613 5712 PolicyAgent - ok
10:01:23.0654 5712 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:01:23.0701 5712 Power - ok
10:01:23.0743 5712 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:01:23.0776 5712 PptpMiniport - ok
10:01:23.0820 5712 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:01:23.0851 5712 Processor - ok
10:01:23.0891 5712 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
10:01:23.0986 5712 ProfSvc - ok
10:01:24.0011 5712 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:01:24.0025 5712 ProtectedStorage - ok
10:01:24.0063 5712 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:01:24.0095 5712 Psched - ok
10:01:24.0113 5712 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys
10:01:24.0124 5712 purendis - ok
10:01:24.0207 5712 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:01:24.0239 5712 ql2300 - ok
10:01:24.0341 5712 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:01:24.0377 5712 ql40xx - ok
10:01:24.0412 5712 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:01:24.0449 5712 QWAVE - ok
10:01:24.0466 5712 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:01:24.0506 5712 QWAVEdrv - ok
10:01:24.0589 5712 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
10:01:24.0628 5712 RapiMgr - ok
10:01:24.0792 5712 RapportCerberus_32029 (68b15a9a2a35d7afa3bda1fb9edb84d0) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus64_32029.sys
10:01:24.0828 5712 RapportCerberus_32029 - ok
10:01:24.0922 5712 RapportEI64 (230fdd5894be098dcc4d1d3a79a2b6ee) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
10:01:24.0950 5712 RapportEI64 - ok
10:01:24.0978 5712 RapportKE64 (f52e5a070e5be367db3124118b12f51d) C:\Windows\system32\Drivers\RapportKE64.sys
10:01:24.0996 5712 RapportKE64 - ok
10:01:25.0052 5712 RapportMgmtService (163594f0e6b78c1f4b0b1bce57e4478d) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
10:01:25.0078 5712 RapportMgmtService - ok
10:01:25.0083 5712 RapportPG64 (03fc5131a18b97d0cf63d9df37a35d52) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
10:01:25.0095 5712 RapportPG64 - ok
10:01:25.0124 5712 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:01:25.0174 5712 RasAcd - ok
10:01:25.0207 5712 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:01:25.0240 5712 RasAgileVpn - ok
10:01:25.0255 5712 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:01:25.0302 5712 RasAuto - ok
10:01:25.0347 5712 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:01:25.0433 5712 Rasl2tp - ok
10:01:25.0483 5712 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:01:25.0553 5712 RasMan - ok
10:01:25.0582 5712 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:01:25.0626 5712 RasPppoe - ok
10:01:25.0643 5712 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:01:25.0688 5712 RasSstp - ok
10:01:25.0735 5712 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:01:25.0810 5712 rdbss - ok
10:01:25.0851 5712 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:01:25.0931 5712 rdpbus - ok
10:01:25.0953 5712 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:01:26.0002 5712 RDPCDD - ok
10:01:26.0058 5712 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:01:26.0087 5712 RDPDR - ok
10:01:26.0098 5712 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:01:26.0145 5712 RDPENCDD - ok
10:01:26.0164 5712 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:01:26.0197 5712 RDPREFMP - ok
10:01:26.0244 5712 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
10:01:26.0289 5712 RDPWD - ok
10:01:26.0342 5712 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:01:26.0385 5712 rdyboost - ok
10:01:26.0421 5712 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:01:26.0478 5712 RemoteAccess - ok
10:01:26.0505 5712 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:01:26.0553 5712 RemoteRegistry - ok
10:01:26.0583 5712 RimUsb (ad42432d22940b4215177be113e4919c) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
10:01:26.0602 5712 RimUsb - ok
10:01:26.0645 5712 RimVSerPort (4aafffa67ac4dfa3d9985d78573887e2) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
10:01:26.0700 5712 RimVSerPort - ok
10:01:26.0722 5712 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
10:01:26.0755 5712 ROOTMODEM - ok
10:01:26.0775 5712 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:01:26.0821 5712 RpcEptMapper - ok
10:01:26.0843 5712 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:01:26.0868 5712 RpcLocator - ok
10:01:26.0913 5712 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:01:26.0949 5712 RpcSs - ok
10:01:26.0969 5712 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:01:27.0003 5712 rspndr - ok
10:01:27.0047 5712 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:01:27.0100 5712 s3cap - ok
10:01:27.0129 5712 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:01:27.0151 5712 SamSs - ok
10:01:27.0170 5712 SANDRA - ok
10:01:27.0234 5712 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:01:27.0269 5712 SASDIFSV - ok
10:01:27.0283 5712 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:01:27.0300 5712 SASKUTIL - ok
10:01:27.0335 5712 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:01:27.0348 5712 sbp2port - ok
10:01:27.0379 5712 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:01:27.0418 5712 SCardSvr - ok
10:01:27.0444 5712 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:01:27.0484 5712 scfilter - ok
10:01:27.0576 5712 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:01:27.0664 5712 Schedule - ok
10:01:27.0695 5712 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:01:27.0726 5712 SCPolicySvc - ok
10:01:27.0773 5712 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:01:27.0821 5712 SDRSVC - ok
10:01:27.0909 5712 SeagateDashboardService (a1a26e8ec51e199d873d85f3e2b6fc65) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
10:01:27.0940 5712 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - warning
10:01:27.0941 5712 SeagateDashboardService - detected UnsignedFile.Multi.Generic (1)
10:01:28.0006 5712 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:01:28.0071 5712 secdrv - ok
10:01:28.0104 5712 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:01:28.0148 5712 seclogon - ok
10:01:28.0167 5712 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:01:28.0217 5712 SENS - ok
10:01:28.0237 5712 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:01:28.0260 5712 SensrSvc - ok
10:01:28.0272 5712 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:01:28.0297 5712 Serenum - ok
10:01:28.0316 5712 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:01:28.0349 5712 Serial - ok
10:01:28.0390 5712 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:01:28.0419 5712 sermouse - ok
10:01:28.0466 5712 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:01:28.0516 5712 SessionEnv - ok
10:01:28.0554 5712 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:01:28.0581 5712 sffdisk - ok
10:01:28.0597 5712 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:01:28.0623 5712 sffp_mmc - ok
10:01:28.0646 5712 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:01:28.0671 5712 sffp_sd - ok
10:01:28.0699 5712 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:01:28.0730 5712 sfloppy - ok
10:01:28.0773 5712 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:01:28.0835 5712 SharedAccess - ok
10:01:28.0887 5712 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:01:28.0975 5712 ShellHWDetection - ok
10:01:28.0994 5712 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:01:29.0007 5712 SiSRaid2 - ok
10:01:29.0022 5712 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:01:29.0035 5712 SiSRaid4 - ok
10:01:29.0051 5712 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:01:29.0095 5712 Smb - ok
10:01:29.0125 5712 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:01:29.0140 5712 SNMPTRAP - ok
10:01:29.0646 5712 SNP325 (be35cc81081328b1cfb2a5ab5cf0ce33) C:\Windows\system32\DRIVERS\snp325.sys
10:01:30.0032 5712 SNP325 - ok
10:01:30.0142 5712 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:01:30.0172 5712 spldr - ok
10:01:30.0225 5712 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:01:30.0265 5712 Spooler - ok
10:01:30.0491 5712 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:01:30.0628 5712 sppsvc - ok
10:01:30.0734 5712 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:01:30.0768 5712 sppuinotify - ok
10:01:30.0821 5712 sptd (dfc4e2081324e505ca479e473a78d893) C:\Windows\System32\Drivers\sptd.sys
10:01:30.0855 5712 sptd - ok
10:01:30.0904 5712 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:01:30.0952 5712 srv - ok
10:01:31.0000 5712 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:01:31.0043 5712 srv2 - ok
10:01:31.0064 5712 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:01:31.0087 5712 srvnet - ok
10:01:31.0137 5712 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:01:31.0218 5712 SSDPSRV - ok
10:01:31.0239 5712 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:01:31.0274 5712 SstpSvc - ok
10:01:31.0368 5712 Stereo Service (840926625809fac54263df1a000f85f6) C:\Windows\SysWOW64\nvSCPAPISvr.exe
10:01:31.0411 5712 Stereo Service - ok
10:01:31.0474 5712 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:01:31.0511 5712 stexstor - ok
10:01:31.0571 5712 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:01:31.0627 5712 stisvc - ok
10:01:31.0652 5712 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:01:31.0664 5712 storflt - ok
10:01:31.0691 5712 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
10:01:31.0732 5712 StorSvc - ok
10:01:31.0749 5712 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:01:31.0761 5712 storvsc - ok
10:01:31.0787 5712 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:01:31.0799 5712 swenum - ok
10:01:31.0839 5712 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:01:31.0902 5712 swprv - ok
10:01:32.0068 5712 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:01:32.0146 5712 SysMain - ok
10:01:32.0249 5712 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:01:32.0317 5712 TabletInputService - ok
10:01:32.0360 5712 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:01:32.0420 5712 TapiSrv - ok
10:01:32.0458 5712 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:01:32.0492 5712 TBS - ok
10:01:32.0640 5712 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:01:32.0692 5712 Tcpip - ok
10:01:32.0841 5712 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:01:32.0884 5712 TCPIP6 - ok
10:01:32.0974 5712 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:01:33.0048 5712 tcpipreg - ok
10:01:33.0086 5712 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:01:33.0108 5712 TDPIPE - ok
10:01:33.0130 5712 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:01:33.0157 5712 TDTCP - ok
10:01:33.0193 5712 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:01:33.0227 5712 tdx - ok
10:01:33.0256 5712 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:01:33.0269 5712 TermDD - ok
10:01:33.0340 5712 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:01:33.0407 5712 TermService - ok
10:01:33.0433 5712 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:01:33.0462 5712 Themes - ok
10:01:33.0483 5712 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:01:33.0516 5712 THREADORDER - ok
10:01:33.0643 5712 TomTomHOMEService (3199a477f0f06eede41bd55179f8eb05) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
10:01:33.0676 5712 TomTomHOMEService - ok
10:01:33.0702 5712 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:01:33.0757 5712 TrkWks - ok
10:01:33.0806 5712 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:01:33.0855 5712 TrustedInstaller - ok
10:01:33.0916 5712 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:01:33.0994 5712 tssecsrv - ok
10:01:34.0033 5712 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:01:34.0070 5712 TsUsbFlt - ok
10:01:34.0101 5712 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:01:34.0148 5712 tunnel - ok
10:01:34.0198 5712 TwonkyMedia - ok
10:01:34.0215 5712 TwonkyWebDav - ok
10:01:34.0264 5712 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:01:34.0289 5712 uagp35 - ok
10:01:34.0343 5712 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:01:34.0409 5712 udfs - ok
10:01:34.0442 5712 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:01:34.0458 5712 UI0Detect - ok
10:01:34.0491 5712 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:01:34.0504 5712 uliagpkx - ok
10:01:34.0563 5712 UltraMonUtility (694bcf23662f97d987cf4c6739c35f8b) C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
10:01:34.0594 5712 UltraMonUtility - ok
10:01:34.0629 5712 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:01:34.0659 5712 umbus - ok
10:01:34.0692 5712 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:01:34.0724 5712 UmPass - ok
10:01:34.0758 5712 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
10:01:34.0789 5712 UmRdpService - ok
10:01:34.0863 5712 UnlockerDriver5 (d0cb75386d9e89c864d808d64ec9160f) C:\Program Files\Unlocker\UnlockerDriver5.sys
10:01:34.0919 5712 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
10:01:34.0919 5712 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
10:01:34.0962 5712 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:01:35.0029 5712 upnphost - ok
10:01:35.0063 5712 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:01:35.0097 5712 usbccgp - ok
10:01:35.0129 5712 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:01:35.0147 5712 usbcir - ok
10:01:35.0171 5712 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
10:01:35.0185 5712 usbehci - ok
10:01:35.0227 5712 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:01:35.0254 5712 usbhub - ok
10:01:35.0270 5712 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
10:01:35.0284 5712 usbohci - ok
10:01:35.0315 5712 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:01:35.0343 5712 usbprint - ok
10:01:35.0367 5712 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:01:35.0393 5712 usbscan - ok
10:01:35.0420 5712 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:01:35.0458 5712 USBSTOR - ok
10:01:35.0477 5712 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
10:01:35.0518 5712 usbuhci - ok
10:01:35.0546 5712 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:01:35.0598 5712 UxSms - ok
10:01:35.0627 5712 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:01:35.0641 5712 VaultSvc - ok
10:01:35.0686 5712 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
10:01:35.0738 5712 VClone - ok
10:01:35.0779 5712 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:01:35.0791 5712 vdrvroot - ok
10:01:35.0854 5712 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:01:35.0929 5712 vds - ok
10:01:35.0961 5712 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:01:35.0978 5712 vga - ok
10:01:35.0993 5712 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:01:36.0041 5712 VgaSave - ok
10:01:36.0089 5712 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:01:36.0116 5712 vhdmp - ok
10:01:36.0130 5712 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:01:36.0143 5712 viaide - ok
10:01:36.0170 5712 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:01:36.0184 5712 vmbus - ok
10:01:36.0199 5712 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:01:36.0226 5712 VMBusHID - ok
10:01:36.0265 5712 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:01:36.0278 5712 volmgr - ok
10:01:36.0347 5712 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:01:36.0398 5712 volmgrx - ok
10:01:36.0446 5712 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:01:36.0468 5712 volsnap - ok
10:01:36.0516 5712 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
10:01:36.0535 5712 vpcbus - ok
10:01:36.0562 5712 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
10:01:36.0588 5712 vpcnfltr - ok
10:01:36.0612 5712 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
10:01:36.0639 5712 vpcusb - ok
10:01:36.0683 5712 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
10:01:36.0720 5712 vpcvmm - ok
10:01:36.0748 5712 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:01:36.0763 5712 vsmraid - ok
10:01:36.0862 5712 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:01:36.0945 5712 VSS - ok
10:01:37.0130 5712 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
10:01:37.0196 5712 vToolbarUpdater10.2.0 - ok
10:01:37.0338 5712 VUSB3HUB (5be34bfade20ff6c154b4663605b6212) C:\Windows\system32\DRIVERS\ViaHub3.sys
10:01:37.0401 5712 VUSB3HUB - ok
10:01:37.0435 5712 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
10:01:37.0478 5712 vwifibus - ok
10:01:37.0528 5712 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:01:37.0585 5712 W32Time - ok
10:01:37.0606 5712 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:01:37.0620 5712 WacomPen - ok
10:01:37.0652 5712 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:01:37.0695 5712 WANARP - ok
10:01:37.0700 5712 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:01:37.0732 5712 Wanarpv6 - ok
10:01:37.0837 5712 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:01:37.0886 5712 WatAdminSvc - ok
10:01:37.0999 5712 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:01:38.0090 5712 wbengine - ok
10:01:38.0186 5712 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:01:38.0241 5712 WbioSrvc - ok
10:01:38.0329 5712 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
10:01:38.0373 5712 WcesComm - ok
10:01:38.0420 5712 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:01:38.0487 5712 wcncsvc - ok
10:01:38.0504 5712 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:01:38.0545 5712 WcsPlugInService - ok
10:01:38.0594 5712 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:01:38.0627 5712 Wd - ok
10:01:38.0671 5712 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:01:38.0698 5712 Wdf01000 - ok
10:01:38.0715 5712 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:01:38.0796 5712 WdiServiceHost - ok
10:01:38.0801 5712 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:01:38.0820 5712 WdiSystemHost - ok
10:01:38.0864 5712 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:01:38.0934 5712 WebClient - ok
10:01:38.0972 5712 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:01:39.0026 5712 Wecsvc - ok
10:01:39.0043 5712 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:01:39.0091 5712 wercplsupport - ok
10:01:39.0113 5712 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:01:39.0148 5712 WerSvc - ok
10:01:39.0208 5712 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:01:39.0258 5712 WfpLwf - ok
10:01:39.0274 5712 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:01:39.0287 5712 WIMMount - ok
10:01:39.0322 5712 WinDefend - ok
10:01:39.0336 5712 WinHttpAutoProxySvc - ok
10:01:39.0402 5712 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:01:39.0493 5712 Winmgmt - ok
10:01:39.0640 5712 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:01:39.0782 5712 WinRM - ok
10:01:39.0948 5712 WINUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:01:39.0986 5712 WINUSB - ok
10:01:40.0063 5712 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:01:40.0130 5712 Wlansvc - ok
10:01:40.0145 5712 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:01:40.0159 5712 WmiAcpi - ok
10:01:40.0221 5712 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:01:40.0274 5712 wmiApSrv - ok
10:01:40.0317 5712 WMPNetworkSvc - ok
10:01:40.0352 5712 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:01:40.0388 5712 WPCSvc - ok
10:01:40.0434 5712 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:01:40.0465 5712 WPDBusEnum - ok
10:01:40.0489 5712 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:01:40.0522 5712 ws2ifsl - ok
10:01:40.0577 5712 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:01:40.0614 5712 wscsvc - ok
10:01:40.0621 5712 WSearch - ok
10:01:40.0785 5712 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
10:01:40.0881 5712 wuauserv - ok
10:01:41.0006 5712 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:01:41.0114 5712 WudfPf - ok
10:01:41.0135 5712 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:01:41.0186 5712 WUDFRd - ok
10:01:41.0221 5712 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:01:41.0255 5712 wudfsvc - ok
10:01:41.0286 5712 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:01:41.0335 5712 WwanSvc - ok
10:01:41.0384 5712 xhcdrv (109b6f1888845661d19b7a458776d5d1) C:\Windows\system32\DRIVERS\xhcdrv.sys
10:01:41.0420 5712 xhcdrv - ok
10:01:41.0513 5712 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:01:41.0530 5712 YahooAUService - ok
10:01:41.0568 5712 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:01:41.0639 5712 \Device\Harddisk0\DR0 - ok
10:01:41.0647 5712 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
10:01:41.0708 5712 \Device\Harddisk1\DR1 - ok
10:01:41.0715 5712 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
10:01:41.0889 5712 \Device\Harddisk2\DR2 - ok
10:01:41.0896 5712 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
10:01:41.0962 5712 \Device\Harddisk3\DR3 - ok
10:01:41.0970 5712 MBR (0x1B8) (0792f22bcc85cfd3b28324561fffcabb) \Device\Harddisk10\DR10
10:01:44.0157 5712 \Device\Harddisk10\DR10 - ok
10:01:44.0162 5712 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk4\DR4
10:01:44.0328 5712 \Device\Harddisk4\DR4 - ok
10:01:44.0336 5712 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk9\DR9
10:01:44.0419 5712 \Device\Harddisk9\DR9 - ok
10:01:44.0426 5712 Boot (0x1200) (3e0e55eec96effeff971ec631cf898e9) \Device\Harddisk0\DR0\Partition0
10:01:44.0429 5712 \Device\Harddisk0\DR0\Partition0 - ok
10:01:44.0439 5712 Boot (0x1200) (8ef247525b747137d905036dcfae2f1a) \Device\Harddisk1\DR1\Partition0
10:01:44.0441 5712 \Device\Harddisk1\DR1\Partition0 - ok
10:01:44.0448 5712 Boot (0x1200) (0a780d725918483884d85f9506b663fc) \Device\Harddisk2\DR2\Partition0
10:01:44.0449 5712 \Device\Harddisk2\DR2\Partition0 - ok
10:01:44.0455 5712 Boot (0x1200) (7fde3d2f8b5f8c0e79653c4072d046e1) \Device\Harddisk2\DR2\Partition1
10:01:44.0456 5712 \Device\Harddisk2\DR2\Partition1 - ok
10:01:44.0462 5712 Boot (0x1200) (70ca921f7e5ac797bd4fa49958b05a06) \Device\Harddisk10\DR10\Partition0
10:01:44.0464 5712 \Device\Harddisk10\DR10\Partition0 - ok
10:01:44.0470 5712 Boot (0x1200) (61da9578a6d95c8496dafb684c28c12e) \Device\Harddisk4\DR4\Partition0
10:01:44.0473 5712 \Device\Harddisk4\DR4\Partition0 - ok
10:01:44.0477 5712 Boot (0x1200) (340d0b07ebb90132840e0b23367cde99) \Device\Harddisk9\DR9\Partition0
10:01:44.0478 5712 \Device\Harddisk9\DR9\Partition0 - ok
10:01:44.0480 5712 ============================================================
10:01:44.0480 5712 Scan finished
10:01:44.0480 5712 ============================================================
10:01:44.0490 2880 Detected object count: 4
10:01:44.0490 2880 Actual detected object count: 4
10:03:42.0553 2880 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:03:42.0553 2880 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:03:42.0556 2880 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:03:42.0556 2880 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:03:42.0559 2880 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - skipped by user
10:03:42.0559 2880 SeagateDashboardService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:03:42.0561 2880 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
10:03:42.0561 2880 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:04:02.0450 5776 Deinitialize success




ESET
CD\47CD\cute ftp8\cute_ftp_8pro\Crack.exe a variant of Win32/HackTool.Patcher.X application cleaned by deleting - quarantined



Computer is running fine. no abnormalities to report.

Consider problem solved.

Thank You

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:57 AM

Posted 13 May 2012 - 08:14 AM

Hi

We are not finished yet :)

Please do the following next:


Step 1

  • Double-click the icon for SUPERAntiSpyware on your desktop to launch the program.
  • If it will not start, go to Start > All Programs > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)

  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Now boot your computer into Safe Mode.

  • Double-click the icon for SUPERAntiSpyware on your desktop to launch the program.
  • On the main screen, under "Select Scan Type" check the box for Complete Scan.
  • Make sure that Enable Rescue Scan is not checked.
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

Boot your computer normally if you have not already done so.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.



Step 2


  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt


Step 3

We need to see the content of the ESET log

  • Click the Start button
  • Click Run
  • Copy and paste the below into the white box of the window named "run" which opened.

    C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt
  • Click OK
  • A text file called log should now be open[/b]
  • Right click anywhere on the content
  • In the options that appear click "select all"
  • Press Crtl and C on your keyboard
  • Then in a new reply to this post, Press Crtl and V

Edited by dev00790, 13 May 2012 - 08:16 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:57 AM

Posted 13 May 2012 - 08:16 AM

Note - I have edited the above post

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#8 hubsy

hubsy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 PM

Posted 14 May 2012 - 08:42 AM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/13/2012 at 02:46 PM

Application Version : 5.0.1148

Core Rules Database Version : 8590
Trace Rules Database Version: 6402

Scan type : Quick Scan
Total Scan Time : 00:07:51

Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 314
Memory threats detected : 0
Registry items scanned : 55197
Registry threats detected : 0
File items scanned : 12093
File threats detected : 23

Adware.Tracking Cookie
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\9OE2P796.txt [ /ad.yieldmanager.com ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\N0WP3TGJ.txt [ /serving-sys.com ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\RYKCJ57L.txt [ /api25.thetrafficstat.net ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\AKSVOE2M.txt [ /tags.toolbarsmedia.com ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\K2SKLXO7.txt [ /api16.thetrafficstat.net ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\BODBT515.txt [ /api18.thetrafficstat.net ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\B6PMGH8P.txt [ /api20.thetrafficstat.net ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\H545601R.txt [ /2o7.net ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\JU82MXK2.txt [ /thetrafficstat.net ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\FQMFQ4P0.txt [ /mediainfo.sourceforge.net ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\XD8H5WN5.txt [ /tags.toolbarsmedia.com ]
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Cookies\RENH9WHP.txt [ /www.googleadservices.com ]
C:\USERS\DAVE\Cookies\N0WP3TGJ.txt [ Cookie:dave@serving-sys.com/ ]
C:\USERS\DAVE\Cookies\RYKCJ57L.txt [ Cookie:dave@api25.thetrafficstat.net/ ]
C:\USERS\DAVE\Cookies\AKSVOE2M.txt [ Cookie:dave@tags.toolbarsmedia.com/ ]
C:\USERS\DAVE\Cookies\K2SKLXO7.txt [ Cookie:dave@api16.thetrafficstat.net/ ]
C:\USERS\DAVE\Cookies\BODBT515.txt [ Cookie:dave@api18.thetrafficstat.net/ ]
C:\USERS\DAVE\Cookies\B6PMGH8P.txt [ Cookie:dave@api20.thetrafficstat.net/ ]
C:\USERS\DAVE\Cookies\H545601R.txt [ Cookie:dave@2o7.net/ ]
C:\USERS\DAVE\Cookies\JU82MXK2.txt [ Cookie:dave@thetrafficstat.net/ ]
C:\USERS\DAVE\Cookies\FQMFQ4P0.txt [ Cookie:dave@mediainfo.sourceforge.net/ ]
C:\USERS\DAVE\Cookies\XD8H5WN5.txt [ Cookie:dave@tags.toolbarsmedia.com/track/ ]
C:\USERS\DAVE\Cookies\RENH9WHP.txt [ Cookie:dave@www.googleadservices.com/pagead/conversion/1041229690/ ]










Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.13.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dave :: HOME [administrator]

13/05/2012 14:56:25
mbam-log-2012-05-13 (18-08-20).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 500459
Time elapsed: 1 hour(s), 36 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 15
C:\Program Files (x86)\DAEMON Tools Pro\ind.dll (RiskWare.Tool.CK) -> No action taken.
G:\MASTER CD\41CD\isobuster\keygen.exe (RiskWare.Tool.CK) -> No action taken.
G:\MASTER CD\49CD\Keygen All products\pou64\1\g\x\Macromedia-keygen_8.exe (Riskware.Tool.CK) -> No action taken.
G:\MASTER CD\49CD\Keygen All products\pou64\1\g\x\ZoneAlarm_keygen.exe (Riskware.Tool.CK) -> No action taken.
G:\MASTER CD\52CD\ModelTrain\ashampo dvd shrink\ams_burn221\keygen.exe (Trojan.Downloader) -> No action taken.
G:\MASTER CD\55CD\alcohol\Alcohol120.V1.9.7.6221.Retail\Alcohol.120.1.9.7.6221.Retail.Incl.Activation.Keymaker.v3.8-BetaMaster\Alcohol 120% (Retail) Activation Keymaker v3.8-BetaMaster\keymaker.exe (RiskWare.Tool.CK) -> No action taken.
G:\MASTER CD\59CD\MtaPrdcts__MssDwnldr3.6.759\MtaPrdcts__MssDwnldr3.6.759\MetaProducts Mass Downloader v3.6.759\Crack\keygen.exe (Malware.Tool) -> No action taken.
G:\MASTER CD\61CD\GU64\GU64\STP.v3.2.0.6\Keygen.exe (RiskWare.Tool.CK) -> No action taken.
G:\MASTER CD\61CD\IVT__BluSleil6.4.249.0\IVT__BluSleil6.4.249.0\KeYgeN\keygen.exe (Trojan.Agent) -> No action taken.
G:\MASTER CD\62CD\Ars4Winws 7 Mngr v2.1.6\Windows 7 Manager v2.1.6 Final\CORE10k.EXE (Dont.Steal.Our.Software) -> No action taken.
G:\MASTER CD\62CD\Ars4Winws 7 Mngr v2.1.6\Windows 7 Manager v2.1.6 Final\keygen.exe (RiskWare.Tool.CK) -> No action taken.
G:\MASTER CD\64CD\_DTPA4.41.0315.0262.Retail_\_DTPA4.41.0315.0262.Retail_\Daemon.Tools.Pro.Advanced.v4.41.0315.0262.Retail\Cracked Setup\ind.dll (RiskWare.Tool.CK) -> No action taken.
G:\MASTER CD\64CD\_YW7Mngr3.0.3_64-bit_\_YW7Mngr3.0.3_64-bit_\Windows 7 Manager 3.0.3 64-bit\keygen-lz0\keygen.exe (Riskware.Tool.CK) -> No action taken.
G:\MASTER CD\New Install A\MtaPrdcts__MssDwnldr3.6.759\MtaPrdcts__MssDwnldr3.6.759\MetaProducts Mass Downloader v3.6.759\Crack\keygen.exe (Malware.Tool) -> No action taken.
G:\MASTER CD\New Install A\nti\NTI[1].CD.DVD.Maker_NETz.ru_\NTI.CD.DVD.Maker[NETz.ru]\Rus&key\keygen.exe (Riskware.Tool.CK) -> No action taken.

(end)










ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=41217
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=07f8164ab6d1f842a19fe603da8efad5
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-09 07:37:43
# local_time=2012-05-09 08:37:43 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 4057775 4057775 0 0
# compatibility_mode=5893 16776574 100 94 32060263 89048124 0 0
# compatibility_mode=8192 67108863 100 0 1637 1637 0 0
# scanned=269867
# found=43
# cleaned=43
# scan_time=9189
C:\Program Files (x86)\FoxTabFLVPlayer\FLVPlayer.exe a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe a variant of Win32/InstallCore.O application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\FoxTabVideoConverter\VideoConverter.exe a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\FoxTabVideoConverter\Uninstall\Uninstall.exe a variant of Win32/InstallCore.O application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\Pure Networks\Network Magic\Patch.exe a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\VideoConverter\VideoConverter.exe a variant of Win32/InstallCore.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files (x86)\XaviWare Password Recovery .MDB\PWDMSA.exe a variant of Win32/XaviWare.PasswordRecovery.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Dave\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\120423160327261.rsc multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Dave\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\120428065056406.rsc multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Dave\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\120502162209966.rsc probably a variant of Win32/Adware.SLITAT application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Dave\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\FixCamera.exe a variant of Win32/KillProc.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Windows\Installer\1638776.msi a variant of Win32/XaviWare.PasswordRecovery.A application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\windows.7.codec.pack.v3.1.0.setup.exe a variant of Win32/Toolbar.Widgi application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\42CD\phone unblocker\phone unblocker.rar multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\47CD\no adware 5\noadware.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\49CD\Keygen All products\pou64\1\g\x\Sony-all-Products-Keygen.exe a variant of Win32/Keygen.AQ application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\49CD\Keygen All products\pou64\1\g\x\Sound.Forge.7-all-products-Keygen.exe a variant of Win32/Keygen.AQ application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\50CD\Alcohol_1_[1].120.v1.9.6.4719.Retail.WinALL..rar probably a variant of Win32/Agent.CWORLZS trojan (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\52CD\ModelTrain\BATTLESHIP.rar a variant of Win32/Keygen.BG application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\52CD\ModelTrain\Ad-Aware_2007_PRO_v7.0.1.6_Incl._Crack\Crack\ProcessWatch.exe probably a variant of Win32/TrojanDropper.Delf.ECUIPRQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\54CD\N360.AIOSecurity.amaderforum\Norton 360 All-In-One Security\n360.iso probably a variant of Win32/Spy.Agent.GHLRJE trojan (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\55CD\Alcohol120-_1.9.7.6221-Full\Alcohol120- 1.9.7.6221-Full\NEW_LoadeR_v3.1_by_GEGTER\NEW_LoadeR_v3.1_by_GEGTER\LoadeR v3.1 by GEGTER\LoadeR_v3.1_by_GEGTER\automatically\Alcohol.exe a variant of Win32/HackTool.Patcher.N application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\55CD\Alcohol120-_1.9.7.6221-Full\Alcohol120- 1.9.7.6221-Full\NEW_LoadeR_v3.1_by_GEGTER\NEW_LoadeR_v3.1_by_GEGTER\LoadeR v3.1 by GEGTER\LoadeR_v3.1_by_GEGTER\manually\Alcohol.exe a variant of Win32/HackTool.Patcher.N application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\55CD\EVJS001\EVJS001.rar probably a variant of Win32/Agent.BRDLGXM trojan (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\55CD\Nero 8.4.0.0 Ultra Edition\Nero.8.4.Ultra-Edition-CW-Siddy.part1.rar multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\56CD\NORTON_360_SECURITY_COMPLETE_ISO_WITH_KEYGEN\NORTON 360 SECURITY FULL 11 YEAR KEY!!!\Norton360FULL.iso probably a variant of Win32/Spy.Agent.GHLRJE trojan (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\57CD\BATTLESHIP\Game Battleship\Key.exe a variant of Win32/Keygen.BG application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\57CD\VegasPro8.0cBuild260Eng32bit\VegasPro8.0cBuild260Eng32bit.rar a variant of Win32/Keygen.AR application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\57CD\VegasPro8.0cBuild260Eng32bit\Sony.Products.Keygen.and.Patch.Only.FIXED.READ.NFO-DI\Sony.Products.Keygen.and.Patch.Only.FIXED.READ.NFO-DI\di-sppkf.zip a variant of Win32/Keygen.AR application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\57CD\VegasPro8.0cBuild260Eng32bit\Sony.Products.Keygen.and.Patch.Only.FIXED.READ.NFO-DI\Sony.Products.Keygen.and.Patch.Only.FIXED.READ.NFO-DI\di-sppkf\Keygen.exe a variant of Win32/Keygen.AR application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\58CD\Mp3 progs\All to MP3 converter Pro v1.0\All To MP3 Converter Pro v1.0.rar a variant of Win32/Tool.TPE.A application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\58CD\no adware 5\noadware.exe multiple threats (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\60CD\Cisco.Network.Magic.v5.1.8354.0.Incl.Patch-RESURRECTiON\Patch.exe a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\61CD\Csco__NtwrkMgcPro5.5.9118.2\Csco__NtwrkMgcPro5.5.9118.2\Cisco Network Magic Pro 5.5.9118.2\Patch.exe a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\62CD\AVS.Video.Converter.v7.0.2.452.ML\AVS.Video.Converter.v7.0.2.452.ML.rar a variant of Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\62CD\AVS.Video.Converter.v7.0.2.452.ML\thanks.rar a variant of Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\62CD\AVS.Video.Converter.v7.0.2.452.ML\AVS.Video.Converter.v7.0.2.452.ML\thanks.rar a variant of Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\64CD\Vegas_Movie_Studio_HD_Platinum_11.0_Production_Suite.rar a variant of Win32/HackTool.Patcher.T application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\64CD\image\cnet_ImageGrabberSetup_zip.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\65CD\DTLite4453-0297.exe Win32/OpenCandy application (deleted - quarantined) 00000000000000000000000000000000 C
G:\MASTER CD\New Install A\Cisco.Network.Magic.v5.1.8354.0.Incl.Patch-RESURRECTiON\Patch.exe a variant of Win32/HackTool.Patcher.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=07f8164ab6d1f842a19fe603da8efad5
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-05-13 12:50:29
# local_time=2012-05-13 01:50:29 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 4374750 4374750 0 0
# compatibility_mode=5893 16776574 100 94 32377238 89365099 0 0
# compatibility_mode=8192 67108863 100 0 318612 318612 0 0
# scanned=276698
# found=1
# cleaned=1
# scan_time=13380
G:\MASTER CD\47CD\cute ftp8\cute_ftp_8pro\Crack.exe a variant of Win32/HackTool.Patcher.X application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C






PC is behaving correctly.

#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:57 AM

Posted 15 May 2012 - 07:27 PM

Hi

PC is behaving correctly.

Ok great.

I see some malware that was found by MBAM, but wasn't dealt with.

Please follow step 2 of my earlier post again, ensuring this: "Be sure that everything is checked, and click Remove Selected."

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:57 AM

Posted 20 May 2012 - 06:19 AM

Hi hubsy,

Are you still with me?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#11 hubsy

hubsy
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:57 PM

Posted 21 May 2012 - 09:12 AM

Hi Dev00790,


Thanks for you help. I have bought Malwarebytes and running it all the time.

The original pop up I have found, is coming from Media Windows Centre via TV Card.

Please treat this as solved and closed.

#12 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:11:57 AM

Posted 21 May 2012 - 09:55 AM

Hi

Important: there are still signs of malware in your logs, and vulnerabilities in software which can make your computer open to malware!
I advise you to follow this through untill either we give you the "all clean" or refer you to another forum (as applicable)

If you do not wish to continue cleaning this computer please let me know.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users