Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan:Win64/sirefef.M and Trojan:Win32/sirefef.AK


  • Please log in to reply
15 replies to this topic

#1 LOTSL

LOTSL

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 20 June 2012 - 01:28 AM

Hi there i kept getting a virus that AVG couldn't remove, which AVG wouldn't stop popping up about, so i tried a different anti virus software MSE, which seemed to have i would believe half fixed the problem as symptoms from the virus before like redirected webpages etc MSE managed to stop however MSE is having trouble dealing with Trojan:Win64/sirefef.M and Trojan:Win32/sirefef.AK, now i saw a topic posted about the win32 1 which suggested to using combofix, which this site stats do not use unless asked too, so i wanted to do things by the book (or you guys about the problem) i have used combofix before on the same machine to remove another virus before a while ago (maybe a year ago?). a Step by step method of removing the virus' and what the virus' actually do so i know how bad it is for future reference. Thank you.

Using an AZUS ROG laptop with windows 7.

Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:23 PM

Posted 20 June 2012 - 10:36 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 LOTSL

LOTSL
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 20 June 2012 - 09:41 PM

Thanks for responding, since when i posted the topic and your response the virus' are now giving me an error and then switching off the computer after around 1 minute, i am typing this in safe mode with networkingand had to do the TDSSkiller scan in it

TDSSKiller log:

12:18:14.0904 1600 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
12:18:16.0230 1600 ============================================================
12:18:16.0230 1600 Current date / time: 2012/06/21 12:18:16.0230
12:18:16.0230 1600 SystemInfo:
12:18:16.0230 1600
12:18:16.0230 1600 OS Version: 6.1.7601 ServicePack: 1.0
12:18:16.0230 1600 Product type: Workstation
12:18:16.0230 1600 ComputerName: MARTIN-PC
12:18:16.0230 1600 UserName: Martin
12:18:16.0230 1600 Windows directory: C:\Windows
12:18:16.0230 1600 System windows directory: C:\Windows
12:18:16.0230 1600 Running under WOW64
12:18:16.0230 1600 Processor architecture: Intel x64
12:18:16.0230 1600 Number of processors: 8
12:18:16.0230 1600 Page size: 0x1000
12:18:16.0230 1600 Boot type: Safe boot with network
12:18:16.0230 1600 ============================================================
12:18:16.0760 1600 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:18:16.0760 1600 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:18:16.0760 1600 ============================================================
12:18:16.0760 1600 \Device\Harddisk0\DR0:
12:18:16.0760 1600 MBR partitions:
12:18:16.0760 1600 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0xE8E0909
12:18:16.0760 1600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x113DB000, BlocksNum 0x28FAA800
12:18:16.0760 1600 \Device\Harddisk1\DR1:
12:18:16.0760 1600 MBR partitions:
12:18:16.0760 1600 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1BE000
12:18:16.0760 1600 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1D1BE800, BlocksNum 0x1D1C7830
12:18:16.0760 1600 ============================================================
12:18:16.0760 1600 C: <-> \Device\Harddisk0\DR0\Partition0
12:18:16.0760 1600 D: <-> \Device\Harddisk0\DR0\Partition1
12:18:16.0776 1600 E: <-> \Device\Harddisk1\DR1\Partition0
12:18:16.0776 1600 F: <-> \Device\Harddisk1\DR1\Partition1
12:18:16.0776 1600 ============================================================
12:18:16.0776 1600 Initialize success
12:18:16.0776 1600 ============================================================
12:18:39.0630 1160 ============================================================
12:18:39.0630 1160 Scan started
12:18:39.0630 1160 Mode: Manual; TDLFS;
12:18:39.0630 1160 ============================================================
12:18:40.0269 1160 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:18:40.0285 1160 1394ohci - ok
12:18:40.0347 1160 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:18:40.0363 1160 ACPI - ok
12:18:40.0394 1160 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:18:40.0394 1160 AcpiPmi - ok
12:18:40.0519 1160 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:18:40.0519 1160 AdobeFlashPlayerUpdateSvc - ok
12:18:40.0581 1160 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:18:40.0597 1160 adp94xx - ok
12:18:40.0628 1160 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:18:40.0644 1160 adpahci - ok
12:18:40.0659 1160 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:18:40.0675 1160 adpu320 - ok
12:18:40.0706 1160 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:18:40.0722 1160 AeLookupSvc - ok
12:18:40.0737 1160 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:18:40.0753 1160 AFD - ok
12:18:40.0784 1160 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:18:40.0784 1160 agp440 - ok
12:18:40.0800 1160 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:18:40.0800 1160 ALG - ok
12:18:40.0815 1160 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:18:40.0815 1160 aliide - ok
12:18:40.0831 1160 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:18:40.0831 1160 amdide - ok
12:18:40.0846 1160 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:18:40.0846 1160 AmdK8 - ok
12:18:40.0878 1160 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:18:40.0878 1160 AmdPPM - ok
12:18:40.0893 1160 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:18:40.0893 1160 amdsata - ok
12:18:40.0909 1160 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:18:40.0924 1160 amdsbs - ok
12:18:40.0924 1160 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:18:40.0924 1160 amdxata - ok
12:18:40.0956 1160 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
12:18:40.0956 1160 androidusb - ok
12:18:41.0002 1160 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:18:41.0002 1160 AppID - ok
12:18:41.0018 1160 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:18:41.0018 1160 AppIDSvc - ok
12:18:41.0049 1160 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:18:41.0065 1160 Appinfo - ok
12:18:41.0112 1160 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:18:41.0112 1160 arc - ok
12:18:41.0127 1160 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:18:41.0127 1160 arcsas - ok
12:18:41.0205 1160 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
12:18:41.0205 1160 ASLDRService - ok
12:18:41.0205 1160 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:18:41.0205 1160 ASMMAP64 - ok
12:18:41.0252 1160 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:18:41.0268 1160 aspnet_state - ok
12:18:41.0299 1160 AsusgmsFltr (11e7e87a24f5b042972b77500d4a0cf4) C:\Windows\system32\drivers\Asusgms.sys
12:18:41.0299 1160 AsusgmsFltr - ok
12:18:41.0314 1160 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:18:41.0314 1160 AsyncMac - ok
12:18:41.0330 1160 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:18:41.0330 1160 atapi - ok
12:18:41.0424 1160 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
12:18:41.0455 1160 athr - ok
12:18:41.0470 1160 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:18:41.0470 1160 ATKGFNEXSrv - ok
12:18:41.0642 1160 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:18:41.0658 1160 AudioEndpointBuilder - ok
12:18:41.0673 1160 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:18:41.0673 1160 AudioSrv - ok
12:18:41.0736 1160 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
12:18:41.0736 1160 AVGIDSHA - ok
12:18:41.0782 1160 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
12:18:41.0782 1160 Avgtdia - ok
12:18:41.0814 1160 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
12:18:41.0829 1160 avgwd - ok
12:18:41.0860 1160 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:18:41.0860 1160 AxInstSV - ok
12:18:41.0954 1160 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:18:41.0954 1160 b06bdrv - ok
12:18:42.0001 1160 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:18:42.0001 1160 b57nd60a - ok
12:18:42.0032 1160 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:18:42.0032 1160 BDESVC - ok
12:18:42.0032 1160 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:18:42.0032 1160 Beep - ok
12:18:42.0094 1160 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:18:42.0110 1160 BFE - ok
12:18:42.0172 1160 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
12:18:42.0219 1160 BITS - ok
12:18:42.0266 1160 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:18:42.0266 1160 blbdrive - ok
12:18:42.0313 1160 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:18:42.0313 1160 bowser - ok
12:18:42.0313 1160 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:18:42.0313 1160 BrFiltLo - ok
12:18:42.0328 1160 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:18:42.0328 1160 BrFiltUp - ok
12:18:42.0344 1160 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:18:42.0360 1160 Browser - ok
12:18:42.0391 1160 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:18:42.0391 1160 Brserid - ok
12:18:42.0422 1160 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:18:42.0422 1160 BrSerWdm - ok
12:18:42.0438 1160 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:18:42.0438 1160 BrUsbMdm - ok
12:18:42.0438 1160 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:18:42.0453 1160 BrUsbSer - ok
12:18:42.0500 1160 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:18:42.0500 1160 BthEnum - ok
12:18:42.0531 1160 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:18:42.0531 1160 BTHMODEM - ok
12:18:42.0578 1160 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:18:42.0578 1160 BthPan - ok
12:18:42.0609 1160 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:18:42.0625 1160 BTHPORT - ok
12:18:42.0672 1160 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:18:42.0672 1160 bthserv - ok
12:18:42.0687 1160 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:18:42.0687 1160 BTHUSB - ok
12:18:42.0718 1160 btusbflt (d3466f77c2c49c6e393ba5fba963a33e) C:\Windows\system32\drivers\btusbflt.sys
12:18:42.0718 1160 btusbflt - ok
12:18:42.0765 1160 btwaudio (a72a9101f9730db7332714e566614e4d) C:\Windows\system32\drivers\btwaudio.sys
12:18:42.0765 1160 btwaudio - ok
12:18:42.0796 1160 btwavdt (5ceec634b617525f2b6ad29f871033f7) C:\Windows\system32\drivers\btwavdt.sys
12:18:42.0796 1160 btwavdt - ok
12:18:42.0874 1160 btwdins (4e63c48e7328a11ed0e9075c18fce782) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:18:42.0890 1160 btwdins - ok
12:18:42.0890 1160 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:18:42.0890 1160 btwl2cap - ok
12:18:42.0906 1160 btwrchid (2af5604d28bef77b7cf4b9d232fe7cd3) C:\Windows\system32\DRIVERS\btwrchid.sys
12:18:42.0906 1160 btwrchid - ok
12:18:42.0921 1160 catchme - ok
12:18:42.0952 1160 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:18:42.0952 1160 cdfs - ok
12:18:42.0984 1160 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
12:18:42.0984 1160 cdrom - ok
12:18:43.0015 1160 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:18:43.0030 1160 CertPropSvc - ok
12:18:43.0030 1160 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:18:43.0030 1160 circlass - ok
12:18:43.0077 1160 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:18:43.0077 1160 CLFS - ok
12:18:43.0108 1160 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:18:43.0108 1160 clr_optimization_v2.0.50727_32 - ok
12:18:43.0140 1160 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:18:43.0155 1160 clr_optimization_v2.0.50727_64 - ok
12:18:43.0186 1160 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:18:43.0264 1160 clr_optimization_v4.0.30319_32 - ok
12:18:43.0327 1160 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:18:43.0342 1160 clr_optimization_v4.0.30319_64 - ok
12:18:43.0358 1160 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:18:43.0358 1160 CmBatt - ok
12:18:43.0389 1160 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:18:43.0389 1160 cmdide - ok
12:18:43.0436 1160 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:18:43.0452 1160 CNG - ok
12:18:43.0467 1160 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:18:43.0467 1160 Compbatt - ok
12:18:43.0498 1160 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:18:43.0514 1160 CompositeBus - ok
12:18:43.0530 1160 COMSysApp - ok
12:18:43.0561 1160 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:18:43.0561 1160 crcdisk - ok
12:18:43.0608 1160 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
12:18:43.0608 1160 Creative ALchemy AL6 Licensing Service - ok
12:18:43.0639 1160 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:18:43.0639 1160 Creative Audio Engine Licensing Service - ok
12:18:43.0670 1160 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:18:43.0670 1160 CryptSvc - ok
12:18:43.0717 1160 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:18:43.0732 1160 DcomLaunch - ok
12:18:43.0779 1160 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:18:43.0795 1160 defragsvc - ok
12:18:43.0826 1160 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:18:43.0826 1160 DfsC - ok
12:18:43.0873 1160 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:18:43.0888 1160 Dhcp - ok
12:18:43.0888 1160 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:18:43.0888 1160 discache - ok
12:18:43.0920 1160 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:18:43.0920 1160 Disk - ok
12:18:43.0935 1160 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:18:43.0951 1160 Dnscache - ok
12:18:43.0982 1160 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:18:43.0982 1160 dot3svc - ok
12:18:43.0998 1160 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:18:44.0013 1160 DPS - ok
12:18:44.0044 1160 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:18:44.0044 1160 drmkaud - ok
12:18:44.0076 1160 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:18:44.0091 1160 dtsoftbus01 - ok
12:18:44.0138 1160 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:18:44.0154 1160 DXGKrnl - ok
12:18:44.0185 1160 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:18:44.0185 1160 EapHost - ok
12:18:44.0310 1160 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:18:44.0372 1160 ebdrv - ok
12:18:44.0450 1160 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:18:44.0466 1160 EFS - ok
12:18:44.0497 1160 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:18:44.0528 1160 ehRecvr - ok
12:18:44.0544 1160 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:18:44.0544 1160 ehSched - ok
12:18:44.0637 1160 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:18:44.0637 1160 elxstor - ok
12:18:44.0684 1160 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:18:44.0684 1160 ErrDev - ok
12:18:44.0731 1160 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:18:44.0731 1160 EventSystem - ok
12:18:44.0762 1160 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:18:44.0778 1160 exfat - ok
12:18:44.0793 1160 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:18:44.0809 1160 fastfat - ok
12:18:44.0840 1160 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:18:44.0856 1160 Fax - ok
12:18:44.0871 1160 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:18:44.0871 1160 fdc - ok
12:18:44.0887 1160 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:18:44.0887 1160 fdPHost - ok
12:18:44.0887 1160 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:18:44.0887 1160 FDResPub - ok
12:18:44.0902 1160 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:18:44.0902 1160 FileInfo - ok
12:18:44.0902 1160 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:18:44.0918 1160 Filetrace - ok
12:18:45.0012 1160 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:18:45.0043 1160 FLEXnet Licensing Service 64 - ok
12:18:45.0152 1160 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:18:45.0152 1160 flpydisk - ok
12:18:45.0183 1160 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:18:45.0199 1160 FltMgr - ok
12:18:45.0246 1160 FLxHCIc (d0adbcf2a5316d23ef67dfaa02d5d544) C:\Windows\system32\DRIVERS\FLxHCIc.sys
12:18:45.0246 1160 FLxHCIc - ok
12:18:45.0261 1160 FLxHCIh (f9b6db9727ad2f14ecf84e43eb5279f7) C:\Windows\system32\DRIVERS\FLxHCIh.sys
12:18:45.0261 1160 FLxHCIh - ok
12:18:45.0308 1160 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:18:45.0324 1160 FontCache - ok
12:18:45.0370 1160 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:18:45.0370 1160 FontCache3.0.0.0 - ok
12:18:45.0370 1160 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:18:45.0370 1160 FsDepends - ok
12:18:45.0433 1160 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
12:18:45.0433 1160 fssfltr - ok
12:18:45.0511 1160 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:18:45.0542 1160 fsssvc - ok
12:18:45.0651 1160 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:18:45.0651 1160 Fs_Rec - ok
12:18:45.0714 1160 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:18:45.0729 1160 fvevol - ok
12:18:45.0776 1160 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:18:45.0776 1160 gagp30kx - ok
12:18:45.0838 1160 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:18:45.0854 1160 gpsvc - ok
12:18:45.0901 1160 gupdate - ok
12:18:45.0963 1160 gupdatem - ok
12:18:46.0026 1160 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:18:46.0041 1160 gusvc - ok
12:18:46.0057 1160 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
12:18:46.0057 1160 hamachi - ok
12:18:46.0244 1160 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:18:46.0291 1160 Hamachi2Svc - ok
12:18:46.0400 1160 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:18:46.0400 1160 hcw85cir - ok
12:18:46.0447 1160 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:18:46.0447 1160 HdAudAddService - ok
12:18:46.0478 1160 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:18:46.0478 1160 HDAudBus - ok
12:18:46.0494 1160 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:18:46.0509 1160 HidBatt - ok
12:18:46.0509 1160 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:18:46.0525 1160 HidBth - ok
12:18:46.0556 1160 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:18:46.0556 1160 HidIr - ok
12:18:46.0556 1160 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
12:18:46.0556 1160 hidserv - ok
12:18:46.0587 1160 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
12:18:46.0587 1160 HidUsb - ok
12:18:46.0618 1160 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:18:46.0618 1160 hkmsvc - ok
12:18:46.0634 1160 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:18:46.0650 1160 HomeGroupListener - ok
12:18:46.0665 1160 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:18:46.0681 1160 HomeGroupProvider - ok
12:18:46.0696 1160 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:18:46.0696 1160 HpSAMD - ok
12:18:46.0759 1160 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:18:46.0774 1160 HTTP - ok
12:18:46.0774 1160 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:18:46.0774 1160 hwpolicy - ok
12:18:46.0806 1160 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:18:46.0806 1160 i8042prt - ok
12:18:46.0852 1160 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
12:18:46.0852 1160 iaStor - ok
12:18:46.0899 1160 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:18:46.0915 1160 iaStorV - ok
12:18:46.0962 1160 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:18:46.0977 1160 idsvc - ok
12:18:46.0993 1160 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:18:47.0008 1160 iirsp - ok
12:18:47.0055 1160 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:18:47.0071 1160 IKEEXT - ok
12:18:47.0102 1160 IntcAzAudAddService - ok
12:18:47.0118 1160 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:18:47.0118 1160 intelide - ok
12:18:47.0133 1160 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:18:47.0133 1160 intelppm - ok
12:18:47.0149 1160 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:18:47.0149 1160 IPBusEnum - ok
12:18:47.0164 1160 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:18:47.0164 1160 IpFilterDriver - ok
12:18:47.0180 1160 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:18:47.0180 1160 IPMIDRV - ok
12:18:47.0211 1160 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:18:47.0211 1160 IPNAT - ok
12:18:47.0227 1160 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:18:47.0227 1160 IRENUM - ok
12:18:47.0242 1160 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:18:47.0242 1160 isapnp - ok
12:18:47.0289 1160 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:18:47.0289 1160 iScsiPrt - ok
12:18:47.0305 1160 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:18:47.0305 1160 kbdclass - ok
12:18:47.0320 1160 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:18:47.0320 1160 kbdhid - ok
12:18:47.0352 1160 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
12:18:47.0352 1160 kbfiltr - ok
12:18:47.0383 1160 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:18:47.0383 1160 KeyIso - ok
12:18:47.0398 1160 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:18:47.0398 1160 KSecDD - ok
12:18:47.0414 1160 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:18:47.0414 1160 KSecPkg - ok
12:18:47.0414 1160 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:18:47.0414 1160 ksthunk - ok
12:18:47.0461 1160 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:18:47.0476 1160 KtmRm - ok
12:18:47.0508 1160 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
12:18:47.0508 1160 LanmanServer - ok
12:18:47.0523 1160 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:18:47.0539 1160 LanmanWorkstation - ok
12:18:47.0554 1160 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:18:47.0554 1160 lltdio - ok
12:18:47.0570 1160 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:18:47.0586 1160 lltdsvc - ok
12:18:47.0586 1160 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:18:47.0586 1160 lmhosts - ok
12:18:47.0648 1160 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:18:47.0648 1160 LMS - ok
12:18:47.0695 1160 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:18:47.0695 1160 LSI_FC - ok
12:18:47.0710 1160 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:18:47.0726 1160 LSI_SAS - ok
12:18:47.0757 1160 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:18:47.0757 1160 LSI_SAS2 - ok
12:18:47.0788 1160 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:18:47.0788 1160 LSI_SCSI - ok
12:18:47.0804 1160 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:18:47.0820 1160 luafv - ok
12:18:47.0851 1160 massfilter - ok
12:18:47.0866 1160 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
12:18:47.0866 1160 MBAMProtector - ok
12:18:47.0882 1160 MBAMService - ok
12:18:47.0898 1160 MBfilt - ok
12:18:47.0913 1160 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:18:47.0929 1160 Mcx2Svc - ok
12:18:47.0929 1160 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:18:47.0929 1160 megasas - ok
12:18:47.0976 1160 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:18:47.0976 1160 MegaSR - ok
12:18:47.0991 1160 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
12:18:47.0991 1160 MEIx64 - ok
12:18:48.0022 1160 mi-raysat_3dsmax2012_64 (0af89452a8ce3928168f4e5b2208c68b) F:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
12:18:48.0022 1160 mi-raysat_3dsmax2012_64 - ok
12:18:48.0022 1160 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:18:48.0038 1160 MMCSS - ok
12:18:48.0054 1160 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:18:48.0054 1160 Modem - ok
12:18:48.0054 1160 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:18:48.0069 1160 monitor - ok
12:18:48.0085 1160 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:18:48.0085 1160 mouclass - ok
12:18:48.0085 1160 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:18:48.0085 1160 mouhid - ok
12:18:48.0100 1160 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:18:48.0100 1160 mountmgr - ok
12:18:48.0163 1160 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:18:48.0163 1160 MozillaMaintenance - ok
12:18:48.0194 1160 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
12:18:48.0194 1160 MpFilter - ok
12:18:48.0210 1160 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:18:48.0225 1160 mpio - ok
12:18:48.0241 1160 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:18:48.0241 1160 mpsdrv - ok
12:18:48.0350 1160 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:18:48.0366 1160 MpsSvc - ok
12:18:48.0381 1160 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:18:48.0397 1160 MRxDAV - ok
12:18:48.0412 1160 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:18:48.0428 1160 mrxsmb - ok
12:18:48.0444 1160 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:18:48.0459 1160 mrxsmb10 - ok
12:18:48.0490 1160 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:18:48.0490 1160 mrxsmb20 - ok
12:18:48.0522 1160 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:18:48.0522 1160 msahci - ok
12:18:48.0537 1160 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:18:48.0553 1160 msdsm - ok
12:18:48.0584 1160 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:18:48.0584 1160 MSDTC - ok
12:18:48.0631 1160 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:18:48.0631 1160 Msfs - ok
12:18:48.0631 1160 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:18:48.0631 1160 mshidkmdf - ok
12:18:48.0646 1160 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:18:48.0646 1160 msisadrv - ok
12:18:48.0709 1160 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:18:48.0709 1160 MSiSCSI - ok
12:18:48.0709 1160 msiserver - ok
12:18:48.0724 1160 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:18:48.0724 1160 MSKSSRV - ok
12:18:48.0756 1160 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:18:48.0756 1160 MsMpSvc - ok
12:18:48.0771 1160 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:18:48.0771 1160 MSPCLOCK - ok
12:18:48.0787 1160 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:18:48.0787 1160 MSPQM - ok
12:18:48.0818 1160 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:18:48.0818 1160 MsRPC - ok
12:18:48.0834 1160 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:18:48.0834 1160 mssmbios - ok
12:18:48.0849 1160 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:18:48.0849 1160 MSTEE - ok
12:18:48.0865 1160 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:18:48.0865 1160 MTConfig - ok
12:18:48.0896 1160 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:18:48.0912 1160 Mup - ok
12:18:48.0943 1160 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:18:48.0958 1160 napagent - ok
12:18:48.0990 1160 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:18:49.0005 1160 NativeWifiP - ok
12:18:49.0052 1160 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:18:49.0068 1160 NDIS - ok
12:18:49.0083 1160 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:18:49.0083 1160 NdisCap - ok
12:18:49.0114 1160 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:18:49.0130 1160 NdisTapi - ok
12:18:49.0146 1160 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:18:49.0146 1160 Ndisuio - ok
12:18:49.0161 1160 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:18:49.0177 1160 NdisWan - ok
12:18:49.0177 1160 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:18:49.0177 1160 NDProxy - ok
12:18:49.0192 1160 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:18:49.0192 1160 NetBIOS - ok
12:18:49.0224 1160 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:18:49.0224 1160 NetBT - ok
12:18:49.0239 1160 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:18:49.0239 1160 Netlogon - ok
12:18:49.0286 1160 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:18:49.0302 1160 Netman - ok
12:18:49.0333 1160 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:49.0348 1160 NetMsmqActivator - ok
12:18:49.0364 1160 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:49.0364 1160 NetPipeActivator - ok
12:18:49.0411 1160 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:18:49.0426 1160 netprofm - ok
12:18:49.0426 1160 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:49.0426 1160 NetTcpActivator - ok
12:18:49.0426 1160 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:49.0426 1160 NetTcpPortSharing - ok
12:18:49.0489 1160 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:18:49.0489 1160 nfrd960 - ok
12:18:49.0551 1160 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:18:49.0551 1160 NisDrv - ok
12:18:49.0582 1160 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
12:18:49.0582 1160 NisSrv - ok
12:18:49.0645 1160 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:18:49.0645 1160 NlaSvc - ok
12:18:49.0660 1160 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:18:49.0676 1160 Npfs - ok
12:18:49.0676 1160 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:18:49.0676 1160 nsi - ok
12:18:49.0676 1160 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:18:49.0676 1160 nsiproxy - ok
12:18:49.0754 1160 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:18:49.0785 1160 Ntfs - ok
12:18:49.0879 1160 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:18:49.0879 1160 Null - ok
12:18:49.0926 1160 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
12:18:49.0926 1160 NVHDA - ok
12:18:50.0456 1160 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:18:50.0706 1160 nvlddmkm - ok
12:18:50.0862 1160 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:18:50.0862 1160 nvraid - ok
12:18:50.0877 1160 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:18:50.0893 1160 nvstor - ok
12:18:50.0986 1160 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
12:18:51.0002 1160 nvsvc - ok
12:18:51.0158 1160 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:18:51.0189 1160 nvUpdatusService - ok
12:18:51.0314 1160 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:18:51.0314 1160 nv_agp - ok
12:18:51.0408 1160 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:18:51.0408 1160 odserv - ok
12:18:51.0423 1160 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:18:51.0423 1160 ohci1394 - ok
12:18:51.0486 1160 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:18:51.0501 1160 ose - ok
12:18:51.0532 1160 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:18:51.0532 1160 p2pimsvc - ok
12:18:51.0564 1160 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:18:51.0579 1160 p2psvc - ok
12:18:51.0595 1160 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:18:51.0610 1160 Parport - ok
12:18:51.0610 1160 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:18:51.0610 1160 partmgr - ok
12:18:51.0642 1160 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:18:51.0642 1160 PcaSvc - ok
12:18:51.0657 1160 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:18:51.0673 1160 pci - ok
12:18:51.0673 1160 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:18:51.0673 1160 pciide - ok
12:18:51.0704 1160 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:18:51.0704 1160 pcmcia - ok
12:18:51.0720 1160 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:18:51.0720 1160 pcw - ok
12:18:51.0766 1160 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:18:51.0798 1160 PEAUTH - ok
12:18:51.0860 1160 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:18:51.0922 1160 PerfHost - ok
12:18:52.0078 1160 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:18:52.0110 1160 pla - ok
12:18:52.0156 1160 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:18:52.0172 1160 PlugPlay - ok
12:18:52.0234 1160 pmbbmnuh (37de5c89d49d8842c29504a7377c8bdc) C:\Windows\system32\drivers\pmbbmnuh.sys
12:18:52.0234 1160 pmbbmnuh - ok
12:18:52.0266 1160 PnkBstrA - ok
12:18:52.0266 1160 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:18:52.0266 1160 PNRPAutoReg - ok
12:18:52.0297 1160 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:18:52.0312 1160 PNRPsvc - ok
12:18:52.0359 1160 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:18:52.0375 1160 PolicyAgent - ok
12:18:52.0390 1160 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:18:52.0406 1160 Power - ok
12:18:52.0422 1160 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:18:52.0422 1160 PptpMiniport - ok
12:18:52.0437 1160 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:18:52.0437 1160 Processor - ok
12:18:52.0453 1160 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:18:52.0468 1160 ProfSvc - ok
12:18:52.0484 1160 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:18:52.0484 1160 ProtectedStorage - ok
12:18:52.0531 1160 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:18:52.0531 1160 Psched - ok
12:18:52.0562 1160 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
12:18:52.0562 1160 PxHlpa64 - ok
12:18:52.0624 1160 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:18:52.0656 1160 ql2300 - ok
12:18:52.0765 1160 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:18:52.0765 1160 ql40xx - ok
12:18:52.0812 1160 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:18:52.0827 1160 QWAVE - ok
12:18:52.0827 1160 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:18:52.0827 1160 QWAVEdrv - ok
12:18:52.0843 1160 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:18:52.0843 1160 RasAcd - ok
12:18:52.0874 1160 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:18:52.0874 1160 RasAgileVpn - ok
12:18:52.0890 1160 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:18:52.0890 1160 RasAuto - ok
12:18:52.0905 1160 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:18:52.0905 1160 Rasl2tp - ok
12:18:52.0936 1160 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:18:52.0952 1160 RasMan - ok
12:18:52.0968 1160 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:18:52.0968 1160 RasPppoe - ok
12:18:52.0983 1160 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:18:52.0983 1160 RasSstp - ok
12:18:53.0014 1160 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:18:53.0030 1160 rdbss - ok
12:18:53.0046 1160 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:18:53.0046 1160 rdpbus - ok
12:18:53.0046 1160 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:18:53.0046 1160 RDPCDD - ok
12:18:53.0077 1160 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:18:53.0077 1160 RDPENCDD - ok
12:18:53.0077 1160 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:18:53.0077 1160 RDPREFMP - ok
12:18:53.0108 1160 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:18:53.0108 1160 RDPWD - ok
12:18:53.0139 1160 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:18:53.0139 1160 rdyboost - ok
12:18:53.0170 1160 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:18:53.0170 1160 RemoteAccess - ok
12:18:53.0202 1160 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:18:53.0202 1160 RemoteRegistry - ok
12:18:53.0233 1160 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:18:53.0248 1160 RFCOMM - ok
12:18:53.0264 1160 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:18:53.0264 1160 RpcEptMapper - ok
12:18:53.0264 1160 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:18:53.0264 1160 RpcLocator - ok
12:18:53.0326 1160 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:18:53.0326 1160 RpcSs - ok
12:18:53.0358 1160 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:18:53.0358 1160 rspndr - ok
12:18:53.0404 1160 RSUSBVSTOR (e57fac2cdb73f06586ed2ed310b80932) C:\Windows\system32\Drivers\RtsUVStor.sys
12:18:53.0420 1160 RSUSBVSTOR - ok
12:18:53.0482 1160 RTL8167 (20a466b9ea2bd828c0ec723f99b8cfe7) C:\Windows\system32\DRIVERS\Rt64win7.sys
12:18:53.0498 1160 RTL8167 - ok
12:18:53.0529 1160 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:18:53.0529 1160 SamSs - ok
12:18:53.0545 1160 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:18:53.0560 1160 sbp2port - ok
12:18:53.0592 1160 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:18:53.0592 1160 SCardSvr - ok
12:18:53.0607 1160 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:18:53.0607 1160 scfilter - ok
12:18:53.0670 1160 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:18:53.0685 1160 Schedule - ok
12:18:53.0732 1160 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:18:53.0732 1160 SCPolicySvc - ok
12:18:53.0748 1160 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:18:53.0763 1160 SDRSVC - ok
12:18:53.0810 1160 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:18:53.0810 1160 secdrv - ok
12:18:53.0826 1160 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:18:53.0826 1160 seclogon - ok
12:18:53.0841 1160 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
12:18:53.0857 1160 SENS - ok
12:18:53.0857 1160 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:18:53.0857 1160 SensrSvc - ok
12:18:53.0872 1160 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:18:53.0872 1160 Serenum - ok
12:18:53.0919 1160 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:18:53.0919 1160 Serial - ok
12:18:53.0935 1160 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:18:53.0935 1160 sermouse - ok
12:18:53.0966 1160 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:18:53.0966 1160 SessionEnv - ok
12:18:53.0982 1160 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:18:53.0982 1160 sffdisk - ok
12:18:53.0997 1160 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:18:53.0997 1160 sffp_mmc - ok
12:18:54.0013 1160 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:18:54.0013 1160 sffp_sd - ok
12:18:54.0044 1160 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:18:54.0044 1160 sfloppy - ok
12:18:54.0106 1160 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:18:54.0106 1160 ShellHWDetection - ok
12:18:54.0138 1160 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
12:18:54.0138 1160 SiSGbeLH - ok
12:18:54.0169 1160 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:18:54.0169 1160 SiSRaid2 - ok
12:18:54.0200 1160 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:18:54.0200 1160 SiSRaid4 - ok
12:18:54.0262 1160 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
12:18:54.0278 1160 SkypeUpdate - ok
12:18:54.0309 1160 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:18:54.0309 1160 Smb - ok
12:18:54.0340 1160 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:18:54.0340 1160 SNMPTRAP - ok
12:18:54.0340 1160 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:18:54.0356 1160 spldr - ok
12:18:54.0387 1160 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:18:54.0403 1160 Spooler - ok
12:18:54.0543 1160 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:18:54.0621 1160 sppsvc - ok
12:18:54.0699 1160 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:18:54.0699 1160 sppuinotify - ok
12:18:54.0793 1160 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:18:54.0808 1160 srv - ok
12:18:54.0855 1160 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:18:54.0855 1160 srv2 - ok
12:18:54.0886 1160 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:18:54.0886 1160 srvnet - ok
12:18:54.0933 1160 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
12:18:54.0949 1160 ssadbus - ok
12:18:54.0996 1160 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:18:54.0996 1160 ssadmdfl - ok
12:18:55.0011 1160 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
12:18:55.0011 1160 ssadmdm - ok
12:18:55.0074 1160 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
12:18:55.0074 1160 ssadserd - ok
12:18:55.0120 1160 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:18:55.0136 1160 SSDPSRV - ok
12:18:55.0167 1160 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:18:55.0167 1160 SstpSvc - ok
12:18:55.0183 1160 Steam Client Service - ok
12:18:55.0245 1160 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:18:55.0261 1160 Stereo Service - ok
12:18:55.0277 1160 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:18:55.0277 1160 stexstor - ok
12:18:55.0355 1160 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:18:55.0370 1160 stisvc - ok
12:18:55.0386 1160 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:18:55.0386 1160 swenum - ok
12:18:55.0433 1160 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:18:55.0464 1160 SwitchBoard - ok
12:18:55.0479 1160 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:18:55.0511 1160 swprv - ok
12:18:55.0635 1160 SynTP (bc642d540aedf9a253c74d10c848ebd2) C:\Windows\system32\DRIVERS\SynTP.sys
12:18:55.0635 1160 SynTP - ok
12:18:55.0791 1160 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:18:55.0823 1160 SysMain - ok
12:18:55.0885 1160 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:18:55.0901 1160 TabletInputService - ok
12:18:55.0947 1160 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:18:55.0947 1160 TapiSrv - ok
12:18:55.0963 1160 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:18:55.0963 1160 TBS - ok
12:18:56.0072 1160 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:18:56.0119 1160 Tcpip - ok
12:18:56.0306 1160 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:18:56.0306 1160 TCPIP6 - ok
12:18:56.0400 1160 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:18:56.0415 1160 tcpipreg - ok
12:18:56.0447 1160 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:18:56.0462 1160 TDPIPE - ok
12:18:56.0478 1160 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:18:56.0478 1160 TDTCP - ok
12:18:56.0493 1160 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:18:56.0493 1160 tdx - ok
12:18:56.0525 1160 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:18:56.0525 1160 TermDD - ok
12:18:56.0571 1160 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:18:56.0603 1160 TermService - ok
12:18:56.0603 1160 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:18:56.0603 1160 Themes - ok
12:18:56.0618 1160 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:18:56.0618 1160 THREADORDER - ok
12:18:56.0634 1160 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:18:56.0634 1160 TrkWks - ok
12:18:56.0665 1160 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:18:56.0665 1160 TrustedInstaller - ok
12:18:56.0681 1160 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:18:56.0681 1160 tssecsrv - ok
12:18:56.0759 1160 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:18:56.0759 1160 TsUsbFlt - ok
12:18:56.0774 1160 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:18:56.0774 1160 tunnel - ok
12:18:56.0774 1160 TurboB (b355581a9da34c92e2dbafa410d2f829) C:\Windows\system32\DRIVERS\TurboB.sys
12:18:56.0774 1160 TurboB - ok
12:18:56.0805 1160 TurboBoost (6564e84b1522c12ea1c3a181ed03276f) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
12:18:56.0805 1160 TurboBoost - ok
12:18:56.0837 1160 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:18:56.0837 1160 uagp35 - ok
12:18:56.0852 1160 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:18:56.0868 1160 udfs - ok
12:18:56.0883 1160 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:18:56.0883 1160 UI0Detect - ok
12:18:56.0899 1160 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:18:56.0899 1160 uliagpkx - ok
12:18:56.0899 1160 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:18:56.0915 1160 umbus - ok
12:18:56.0915 1160 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:18:56.0915 1160 UmPass - ok
12:18:57.0071 1160 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:18:57.0117 1160 UNS - ok
12:18:57.0227 1160 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:18:57.0242 1160 upnphost - ok
12:18:57.0320 1160 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:18:57.0320 1160 usbaudio - ok
12:18:57.0367 1160 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:18:57.0367 1160 usbccgp - ok
12:18:57.0414 1160 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:18:57.0414 1160 usbcir - ok
12:18:57.0429 1160 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:18:57.0429 1160 usbehci - ok
12:18:57.0476 1160 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:18:57.0476 1160 usbhub - ok
12:18:57.0492 1160 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:18:57.0492 1160 usbohci - ok
12:18:57.0523 1160 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:18:57.0523 1160 usbprint - ok
12:18:57.0539 1160 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:18:57.0554 1160 USBSTOR - ok
12:18:57.0570 1160 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:18:57.0570 1160 usbuhci - ok
12:18:57.0632 1160 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
12:18:57.0632 1160 usbvideo - ok
12:18:57.0695 1160 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
12:18:57.0695 1160 usb_rndisx - ok
12:18:57.0710 1160 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:18:57.0710 1160 UxSms - ok
12:18:57.0741 1160 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:18:57.0741 1160 VaultSvc - ok
12:18:57.0757 1160 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:18:57.0757 1160 vdrvroot - ok
12:18:57.0788 1160 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:18:57.0804 1160 vds - ok
12:18:57.0819 1160 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:18:57.0819 1160 vga - ok
12:18:57.0819 1160 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:18:57.0819 1160 VgaSave - ok
12:18:57.0851 1160 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:18:57.0866 1160 vhdmp - ok
12:18:57.0882 1160 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:18:57.0882 1160 viaide - ok
12:18:57.0882 1160 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:18:57.0882 1160 volmgr - ok
12:18:57.0944 1160 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:18:57.0960 1160 volmgrx - ok
12:18:57.0991 1160 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:18:57.0991 1160 volsnap - ok
12:18:58.0038 1160 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:18:58.0038 1160 vsmraid - ok
12:18:58.0116 1160 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:18:58.0147 1160 VSS - ok
12:18:58.0241 1160 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
12:18:58.0256 1160 vToolbarUpdater11.1.0 - ok
12:18:58.0350 1160 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:18:58.0350 1160 vwifibus - ok
12:18:58.0365 1160 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:18:58.0365 1160 vwififlt - ok
12:18:58.0397 1160 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:18:58.0412 1160 W32Time - ok
12:18:58.0428 1160 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:18:58.0428 1160 WacomPen - ok
12:18:58.0443 1160 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:18:58.0459 1160 WANARP - ok
12:18:58.0459 1160 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:18:58.0459 1160 Wanarpv6 - ok
12:18:58.0553 1160 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:18:58.0568 1160 WatAdminSvc - ok
12:18:58.0646 1160 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:18:58.0677 1160 wbengine - ok
12:18:58.0755 1160 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:18:58.0771 1160 WbioSrvc - ok
12:18:58.0802 1160 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:18:58.0818 1160 wcncsvc - ok
12:18:58.0818 1160 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:18:58.0818 1160 WcsPlugInService - ok
12:18:58.0865 1160 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:18:58.0865 1160 Wd - ok
12:18:58.0896 1160 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:18:58.0927 1160 Wdf01000 - ok
12:18:58.0943 1160 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:18:58.0943 1160 WdiServiceHost - ok
12:18:58.0943 1160 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:18:58.0943 1160 WdiSystemHost - ok
12:18:58.0974 1160 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:18:58.0974 1160 WebClient - ok
12:18:59.0005 1160 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:18:59.0005 1160 Wecsvc - ok
12:18:59.0036 1160 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:18:59.0036 1160 wercplsupport - ok
12:18:59.0083 1160 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:18:59.0083 1160 WerSvc - ok
12:18:59.0099 1160 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:18:59.0099 1160 WfpLwf - ok
12:18:59.0130 1160 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
12:18:59.0145 1160 WimFltr - ok
12:18:59.0161 1160 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:18:59.0161 1160 WIMMount - ok
12:18:59.0208 1160 WinDefend - ok
12:18:59.0223 1160 WinHttpAutoProxySvc - ok
12:18:59.0255 1160 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:18:59.0255 1160 Winmgmt - ok
12:18:59.0348 1160 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:18:59.0395 1160 WinRM - ok
12:18:59.0567 1160 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
12:18:59.0567 1160 WinUsb - ok
12:18:59.0645 1160 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:18:59.0660 1160 Wlansvc - ok
12:18:59.0707 1160 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:18:59.0707 1160 wlcrasvc - ok
12:18:59.0879 1160 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:18:59.0925 1160 wlidsvc - ok
12:19:00.0035 1160 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:19:00.0035 1160 WmiAcpi - ok
12:19:00.0081 1160 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:19:00.0097 1160 wmiApSrv - ok
12:19:00.0113 1160 WMPNetworkSvc - ok
12:19:00.0113 1160 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:19:00.0113 1160 WPCSvc - ok
12:19:00.0128 1160 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:19:00.0144 1160 WPDBusEnum - ok
12:19:00.0159 1160 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:19:00.0159 1160 ws2ifsl - ok
12:19:00.0237 1160 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
12:19:00.0237 1160 wscsvc - ok
12:19:00.0237 1160 WSearch - ok
12:19:00.0347 1160 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:19:00.0409 1160 wuauserv - ok
12:19:00.0503 1160 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:19:00.0503 1160 WudfPf - ok
12:19:00.0565 1160 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:19:00.0565 1160 WUDFRd - ok
12:19:00.0596 1160 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:19:00.0596 1160 wudfsvc - ok
12:19:00.0612 1160 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:19:00.0627 1160 WwanSvc - ok
12:19:00.0627 1160 ZTEusbmdm6k - ok
12:19:00.0659 1160 ZTEusbnet - ok
12:19:00.0659 1160 ZTEusbnmea - ok
12:19:00.0674 1160 ZTEusbser6k - ok
12:19:00.0690 1160 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:19:00.0939 1160 \Device\Harddisk0\DR0 - ok
12:19:04.0449 1160 MBR (0x1B8) (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk1\DR1
12:19:04.0543 1160 \Device\Harddisk1\DR1 - ok
12:19:04.0543 1160 Boot (0x1200) (5b23cceb8a647f7c241889ef86e45f87) \Device\Harddisk0\DR0\Partition0
12:19:04.0559 1160 \Device\Harddisk0\DR0\Partition0 - ok
12:19:04.0559 1160 Boot (0x1200) (3f684174e74b4f7c06bb52b65a224da2) \Device\Harddisk0\DR0\Partition1
12:19:04.0559 1160 \Device\Harddisk0\DR0\Partition1 - ok
12:19:04.0559 1160 Boot (0x1200) (b1f4d14cbcb1a9517810f24ef71b5002) \Device\Harddisk1\DR1\Partition0
12:19:04.0559 1160 \Device\Harddisk1\DR1\Partition0 - ok
12:19:04.0574 1160 Boot (0x1200) (2555bea6f5052abb2abaa738131b25b6) \Device\Harddisk1\DR1\Partition1
12:19:04.0574 1160 \Device\Harddisk1\DR1\Partition1 - ok
12:19:04.0574 1160 ============================================================
12:19:04.0574 1160 Scan finished
12:19:04.0574 1160 ============================================================
12:19:04.0590 1936 Detected object count: 0
12:19:04.0590 1936 Actual detected object count: 0
12:19:40.0641 0920 Deinitialize success


aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-21 12:25:44
-----------------------------
12:25:44.684 OS Version: Windows x64 6.1.7601 Service Pack 1
12:25:44.684 Number of processors: 8 586 0x2A07
12:25:44.684 ComputerName: MARTIN-PC UserName: Martin
12:25:45.588 Initialize success
12:28:42.196 AVAST engine defs: 12062001
12:29:12.304 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:29:12.304 Disk 0 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
12:29:12.304 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
12:29:12.304 Disk 1 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
12:29:12.304 Disk 0 MBR read successfully
12:29:12.304 Disk 0 MBR scan
12:29:12.320 Disk 0 Windows 7 default MBR code
12:29:12.320 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63
12:29:12.336 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119233 MB offset 45062325
12:29:12.336 Disk 0 Partition - 00 0F Extended LBA 335702 MB offset 289253376
12:29:12.336 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 335701 MB offset 289255424
12:29:12.351 Disk 0 scanning C:\Windows\system32\drivers
12:29:17.187 Service scanning
12:29:27.577 Modules scanning
12:29:27.577 Disk 0 trace - called modules:
12:29:27.592 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
12:29:27.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80074d8790]
12:29:27.592 3 CLASSPNP.SYS[fffff88001b7843f] -> nt!IofCallDriver -> [0xfffffa800675db20]
12:29:27.592 5 ACPI.sys[fffff88000f997a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800718e050]
12:29:28.825 AVAST engine scan C:\Windows
12:29:30.790 AVAST engine scan C:\Windows\system32
12:30:44.064 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:30:46.513 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:31:39.272 AVAST engine scan C:\Windows\system32\drivers
12:31:44.717 AVAST engine scan C:\Users\Martin
12:35:35.176 AVAST engine scan C:\ProgramData
12:39:29.972 Scan finished successfully
12:40:07.334 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
12:40:07.334 The log file has been saved successfully to "C:\aswMBR.txt"


ESET scan results:

C:\Users\Martin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\38593ad3-688d40dc a variant of Java/Agent.DW trojan
C:\Users\Martin\Desktop\Game Shortcuts\DynastyWarriors6PLUS18Trainer.rar probably a variant of Win32/Agent.NHKQHBF trojan
C:\Windows\Installer\{2401bb1a-a867-8121-53fe-05bc7e454248}\U\00000008.@ Win64/Agent.BA trojan
E:\Game.of.Thrones-RELOADED\rld-goth.iso a variant of Win32/Kryptik.AFVC trojan
E:\MP3 CRACK+UPDATE-RELOADED\rld-ckup.rar a variant of Win32/Packed.VMProtect.AAH trojan
F:\Download at superseeds.org Max.Payne.3-RELOADED\DVD4\rld-mp3d\rld-mp3d.iso a variant of Win32/Packed.VMProtect.AAH trojan
F:\Program Files (x86)\Rockstar Games\Max Payne 3\gsrld.dll a variant of Win32/Packed.VMProtect.AAH trojan
Operating memory a variant of Win32/Sirefef.EZ trojan

Edited by LOTSL, 21 June 2012 - 02:16 AM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:23 PM

Posted 20 June 2012 - 09:44 PM

Press Windows+R key and type

notepad and click ok

copy this script and paste in notepad

@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
del services.exe.old
DEL %0

Click on FILE>> save as

filename:sevices.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER


Now,Launch system look once again

copy this script and paste in the BOX

:filefind
services.exe}

Click on LOOK,post the generated log

Run ESET scanner now

#5 LOTSL

LOTSL
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 20 June 2012 - 10:17 PM

i'm scanning with ESET before u made that post should i stop it and do what u said and then restart it or do what you said after its scan?

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:23 PM

Posted 20 June 2012 - 10:35 PM

DO it after ESET scan

#7 LOTSL

LOTSL
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 21 June 2012 - 02:19 AM

i added the ESET scan in 1st post, what is system look?

edit i found u have the link to someone else for it, ran it and here is the log:



SystemLook 30.07.11 by jpshortstuff
Log created at 18:01 on 21/06/2012 by Martin
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\ERDNT\cache64\services.exe --a---- 328704 bytes [12:34 09/12/2011] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

-= EOF =-

Edited by LOTSL, 21 June 2012 - 03:05 AM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:23 PM

Posted 21 June 2012 - 10:06 AM

Sorry

Download

avenger

Extract and launch it,click ok

Copy this script in the BOX

Files to delete:
C:\Windows\assembly\GAC_32\Desktop.ini 
C:\Windows\assembly\GAC_64\Desktop.ini

Click on execute,click YES if it asks for reboot

Post the new aswmbr log after reboot

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Launch system look once again

copy this script and paste in the BOX

:filefind
{2401bb1a-a867-8121-53fe-05bc7e454248}

Click on LOOK,post the generated log

good luck

Edited by narenxp, 21 June 2012 - 10:09 AM.


#9 LOTSL

LOTSL
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 21 June 2012 - 03:03 PM

aswmbr new log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-21 12:25:44
-----------------------------
12:25:44.684 OS Version: Windows x64 6.1.7601 Service Pack 1
12:25:44.684 Number of processors: 8 586 0x2A07
12:25:44.684 ComputerName: MARTIN-PC UserName: Martin
12:25:45.588 Initialize success
12:28:42.196 AVAST engine defs: 12062001
12:29:12.304 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:29:12.304 Disk 0 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
12:29:12.304 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
12:29:12.304 Disk 1 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
12:29:12.304 Disk 0 MBR read successfully
12:29:12.304 Disk 0 MBR scan
12:29:12.320 Disk 0 Windows 7 default MBR code
12:29:12.320 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63
12:29:12.336 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119233 MB offset 45062325
12:29:12.336 Disk 0 Partition - 00 0F Extended LBA 335702 MB offset 289253376
12:29:12.336 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 335701 MB offset 289255424
12:29:12.351 Disk 0 scanning C:\Windows\system32\drivers
12:29:17.187 Service scanning
12:29:27.577 Modules scanning
12:29:27.577 Disk 0 trace - called modules:
12:29:27.592 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
12:29:27.592 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80074d8790]
12:29:27.592 3 CLASSPNP.SYS[fffff88001b7843f] -> nt!IofCallDriver -> [0xfffffa800675db20]
12:29:27.592 5 ACPI.sys[fffff88000f997a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800718e050]
12:29:28.825 AVAST engine scan C:\Windows
12:29:30.790 AVAST engine scan C:\Windows\system32
12:30:44.064 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:30:46.513 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
12:31:39.272 AVAST engine scan C:\Windows\system32\drivers
12:31:44.717 AVAST engine scan C:\Users\Martin
12:35:35.176 AVAST engine scan C:\ProgramData
12:39:29.972 Scan finished successfully
12:40:07.334 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
12:40:07.334 The log file has been saved successfully to "C:\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-22 05:46:10
-----------------------------
05:46:10.971 OS Version: Windows x64 6.1.7601 Service Pack 1
05:46:10.971 Number of processors: 8 586 0x2A07
05:46:10.972 ComputerName: MARTIN-PC UserName: Martin
05:46:11.560 Initialize success
05:46:22.401 AVAST engine defs: 12062001
05:46:25.067 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
05:46:25.069 Disk 0 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
05:46:25.071 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
05:46:25.073 Disk 1 Vendor: ST950056 SD22 Size: 476940MB BusType: 3
05:46:25.077 Disk 0 MBR read successfully
05:46:25.080 Disk 0 MBR scan
05:46:25.092 Disk 0 Windows 7 default MBR code
05:46:25.095 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63
05:46:25.100 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119233 MB offset 45062325
05:46:25.104 Disk 0 Partition - 00 0F Extended LBA 335702 MB offset 289253376
05:46:25.108 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 335701 MB offset 289255424
05:46:25.143 Disk 0 scanning C:\Windows\system32\drivers
05:46:32.744 Service scanning
05:46:48.110 Modules scanning
05:46:48.119 Disk 0 trace - called modules:
05:46:48.125 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
05:46:48.130 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800805c790]
05:46:48.135 3 CLASSPNP.SYS[fffff88001b4f43f] -> nt!IofCallDriver -> [0xfffffa800675db20]
05:46:48.140 5 ACPI.sys[fffff88000fb27a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80071e4050]
05:46:48.777 AVAST engine scan C:\Windows
05:46:50.503 AVAST engine scan C:\Windows\system32
05:49:03.194 AVAST engine scan C:\Windows\system32\drivers
05:49:11.799 AVAST engine scan C:\Users\Martin
05:54:09.700 AVAST engine scan C:\ProgramData
06:01:40.954 Scan finished successfully
06:01:53.812 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
06:01:53.817 The log file has been saved successfully to "C:\aswMBR.txt"

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:23 PM

Posted 21 June 2012 - 07:26 PM

Waiting for other logs

#11 LOTSL

LOTSL
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 21 June 2012 - 11:39 PM

Minitoolbox log:



MiniToolBox by Farbar Version: 09-06-2012
Ran by Martin (administrator) on 22-06-2012 at 14:37:03
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp
127.0.0.1 adobeereg.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 www.adobeereg.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 wip.adobe.com
127.0.0.1 wip1.aobe.com
127.0.0.1 wip2.adobe.com
127.0.0.1 wip3.adobe.com

There are 23 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Martin-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 74-F0-6D-CE-CC-EF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 48-5D-60-E7-3F-F2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::556d:d034:56e2:be0%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, 22 June 2012 9:44:40 AM
Lease Expires . . . . . . . . . . : Saturday, 23 June 2012 12:02:39 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 239623520
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-2B-98-44-48-5D-60-E7-3F-F2
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Hamachi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-05-24-FA-62
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::524:fa62(Preferred)
Link-local IPv6 Address . . . . . : fe80::d5e9:1f8e:6a3:673f%15(Preferred)
IPv4 Address. . . . . . . . . . . : 5.36.250.98(Preferred)
Subnet Mask . . . . . . . . . . . : 255.0.0.0
Lease Obtained. . . . . . . . . . : Friday, 22 June 2012 9:44:35 AM
Lease Expires . . . . . . . . . . : Saturday, 22 June 2013 9:46:43 AM
Default Gateway . . . . . . . . . : 5.0.0.1
DHCP Server . . . . . . . . . . . : 5.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 310016383
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-2B-98-44-48-5D-60-E7-3F-F2
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{2779F873-B241-444E-81CC-6A6ED6FC6DC2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C5DD4BED-E695-4E57-9893-984A470EC8AE}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E8F08C06-4758-421F-9E45-FCE11CB3466E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{E995D5F4-8211-453E-AFC0-720FDAD57D7C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.0.1

Name: google.com
Addresses: 2404:6800:4006:802::1001
74.125.237.132
74.125.237.133
74.125.237.134
74.125.237.135
74.125.237.136
74.125.237.137
74.125.237.142
74.125.237.128
74.125.237.129
74.125.237.130
74.125.237.131


Pinging google.com [74.125.237.133] with 32 bytes of data:
Reply from 74.125.237.133: bytes=32 time=28ms TTL=55
Reply from 74.125.237.133: bytes=32 time=27ms TTL=55

Ping statistics for 74.125.237.133:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=251ms TTL=51
Reply from 209.191.122.70: bytes=32 time=233ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 233ms, Maximum = 251ms, Average = 242ms
Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...74 f0 6d ce cc ef ......Bluetooth Device (Personal Area Network)
10...48 5d 60 e7 3f f2 ......Atheros AR9285 Wireless Network Adapter
15...7a 79 05 24 fa 62 ......Hamachi Network Interface
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.36.250.98 9256
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 25
5.0.0.0 255.0.0.0 On-link 5.36.250.98 9256
5.36.250.98 255.255.255.255 On-link 5.36.250.98 9256
5.255.255.255 255.255.255.255 On-link 5.36.250.98 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.2 281
192.168.0.2 255.255.255.255 On-link 192.168.0.2 281
192.168.0.255 255.255.255.255 On-link 192.168.0.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 5.36.250.98 9256
224.0.0.0 240.0.0.0 On-link 192.168.0.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 5.36.250.98 9256
255.255.255.255 255.255.255.255 On-link 192.168.0.2 281
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 5.0.0.1 Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
15 276 2620:9b::/96 On-link
15 276 2620:9b::524:fa62/128 On-link
15 276 fe80::/64 On-link
10 281 fe80::/64 On-link
10 281 fe80::556d:d034:56e2:be0/128
On-link
15 276 fe80::d5e9:1f8e:6a3:673f/128
On-link
1 306 ff00::/8 On-link
15 276 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be %SystemRoot%\system32\NLAapi.dll

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/22/2012 09:45:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/22/2012 05:40:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2012 00:42:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/21/2012 00:42:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/20/2012 04:32:43 PM) (Source: Application Hang) (User: )
Description: The program vlc.exe version 2.0.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 27b4

Start Time: 01cd4eae79580422

Termination Time: 5

Application Path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

Report Id: bbb0ac10-baa1-11e1-bd5c-74f06dceccef

Error: (06/20/2012 04:32:08 PM) (Source: Application Hang) (User: )
Description: The program vlc.exe version 2.0.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e44

Start Time: 01cd4eae62092ee4

Termination Time: 3

Application Path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

Report Id: a55a1d24-baa1-11e1-bd5c-74f06dceccef

Error: (06/20/2012 04:30:12 PM) (Source: Application Hang) (User: )
Description: The program vlc.exe version 2.0.1.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 16d0

Start Time: 01cd4eae17ac9a36

Termination Time: 3

Application Path: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

Report Id: 5fb6b56b-baa1-11e1-bd5c-74f06dceccef

Error: (06/19/2012 00:30:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/18/2012 02:28:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: sidebar.exe, version: 6.1.7601.17514, time stamp: 0x4ce7a1c7
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000002570a
Faulting process id: 0xf10
Faulting application start time: 0xsidebar.exe0
Faulting application path: sidebar.exe1
Faulting module path: sidebar.exe2
Report Id: sidebar.exe3

Error: (06/18/2012 02:05:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/22/2012 10:24:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: SYSTEM)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.129.241.0).

Error: (06/22/2012 10:24:39 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.43.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (06/22/2012 10:24:24 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version: 1.129.241.0

Previous Signature Version: 1.129.43.0

Update Source: %NT AUTHORITY15

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (06/22/2012 10:24:24 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version: 1.129.241.0

Previous Signature Version: 1.129.43.0

Update Source: %NT AUTHORITY15

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (06/22/2012 09:47:04 AM) (Source: Service Control Manager) (User: )
Description: The MBAMService service failed to start due to the following error:
%%2

Error: (06/22/2012 09:46:58 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (06/22/2012 09:46:58 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (06/22/2012 09:44:57 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
crntwgs

Error: (06/22/2012 09:44:40 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (06/22/2012 06:00:46 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.43.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.0.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Content Viewer (Version: 1.4.0)
Adobe Creative Suite 5.5 Master Collection (Version: 5.5)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Story (Version: 1.0.571)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Age of Empires Online
Aliens vs. Predator
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
Applian FLV Player (Version: 2.0.25)
Assassin's Creed Revelations 1.02 (Version: 1.02)
ASUS AI Recovery (Version: 1.0.12)
ASUS Power4Gear Hybrid (Version: 1.1.42)
ASUS SmartLogon (Version: 1.0.0009)
ASUS Virtual Camera (Version: 1.0.20)
ASUS WebStorage (Version: 2.0.46.1429)
Asus_G73_Screensaver (Version: 1.0.0001)
AsusVibe2.0 (Version: 2.0.3.585)
ATK Package (Version: 1.0.0007)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0)
Autodesk Backburner 2012.0.0 (Version: 2012.0.0)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit
Autodesk Material Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Base Resolution Image Library 2012 (Version: 2.5.0.8)
Autodesk Material Library Medium Resolution Image Library 2012 (Version: 2.5.0.8)
AVG 2012 (Version: 12.0.2178)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 12.0.2433)
AVG 2012 (Version: 2012.0.2180)
Batman: Arkham City™
Battlefield 3™ (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.104.0)
Beat Hazard
Blades of Time
Blood Bowl: Legendary Edition
Brink
CCleaner (Version: 3.18)
Command & Conquer 3 (Version: 1.00.0000)
Command & Conquer™ 3: Kane's Wrath (Version: 1.00.0000)
Company of Heroes: Tales of Valor
Complemento Messenger (Version: 15.4.3502.0922)
Complément Messenger (Version: 15.4.3502.0922)
Composite 2012 64-bit (Version: 7.0.0)
Conduit Engine (Version: )
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink Power2Go (Version: 6.1.3602c)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.1.0236)
Demigod
Demigod (Version: 1.00)
Deus Ex: Human Revolution - The Missing Link
DirectX 9 Runtime (Version: 1.00.0000)
Dota 2
Dragon Age II (Version: 1.00)
Dropbox (Version: 1.4.7)
Dual-Core Optimizer (Version: 1.1.4.0169)
Duke Nukem Forever
Dwarfs!?
Eastern Front (Version: 1.6.1.0)
ESN Sonar (Version: 0.70.4)
ExpressGate Cloud (Version: 2.1.81.393)
Forged Alliance Forever (Version: 240.7.519)
Fraps (remove only)
Fresco Logic USB3.0 Host Controller (Version: 3.0.110.12)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Game of Thrones version 1.0.0.0 (Version: 1.0.0.0)
Game Park Console (Version: 6.2.1.1)
Gaming Mouse (Version: 1.00.0000)
Google Chrome (Version: 15.0.874.120)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.79)
GPGNet (Version: 1.0.0)
Grand Theft Auto IV
Grand Theft Auto: Episodes from Liberty City
Gratuitous Tank Battles Demo
GRID
Impulse
Impulse (Version: 1.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Turbo Boost Technology Monitor (Version: 1.0.400.4)
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Java™ SE Development Kit 7 Update 2 (64-bit) (Version: 1.7.0.20)
Junk Mail filter update (Version: 15.4.3502.0922)
Left 4 Dead 2
LogMeIn Hamachi (Version: 2.1.0.166)
Magicka
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mass Effect
Mass Effect 2
Mass Effect™ 3 Demo (Version: 1.0.0.0)
Max Payne 3 (Version: 1.0.0.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
Might & Magic Heroes VI (Version: 1.0)
Mount & Blade: Warband
Mount & Blade: With Fire and Sword
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nation Red
Nuance PDF Reader (Version: 6.00.0041)
NVIDIA 3D Vision Controller Driver (Version: 270.61)
NVIDIA 3D Vision Controller Driver 296.10 (Version: 296.10)
NVIDIA 3D Vision Driver 296.10 (Version: 296.10)
NVIDIA Control Panel 296.10 (Version: 296.10)
NVIDIA Graphics Driver 296.10 (Version: 296.10)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
OpenAL
Orcs Must Die!
Origin (Version: 8.4.1.210)
Overgrowth (remove only)
Pando Media Booster (Version: 2.6.0.7)
PDF Settings CS5 (Version: 10.0)
PunkBuster Services (Version: 0.991)
PxMergeModule (Version: 1.00.0000)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Realtek USB 2.0 Reader Driver (Version: 6.1.7600.10001)
Red Faction: Armageddon
Renegade Ops
Rise of Immortals
Rockstar Games Social Club (Version: 1.0.9.5)
Roxio AACS Certificate (Version: 1.0.0)
Roxio Activation Module (Version: 1.0)
Roxio CinePlayer (Version: 5.6)
Roxio CinePlayer (Version: 5.6.221.0)
Saints Row. The Third 1.0 (Version: 1.0)
Samsung Kies (Version: 2.0.0.11023_25)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.8.0)
Sins of a Solar Empire: Rebellion Beta
Skype™ 5.9 (Version: 5.9.123)
Soulstorm Mobilize for war 1.4
Space Pirates and Zombies
Star Wars - Battlefront II
Star Wars Galactic Battlegrounds: Saga
Star Wars Jedi Knight: Jedi Academy
Star Wars: Empire at War Gold
Star Wars: The Old Republic (Version: 1.00)
StarCraft II (Version: 1.4.3.21029)
Steam (Version: 1.0.0.0)
Super MNC Invitational
Supreme Commander - Forged Alliance (Version: 1.00.0000)
Supreme Commander 2
Supreme Commander: Forged Alliance
Synaptics Pointing Device Driver (Version: 15.1.18.0)
syncables desktop SE (Version: 5.5.746.11492)
System Requirements Lab
Terraria
The Elder Scrolls V: Skyrim
The Kings' Crusade
Thrawn's Revenge (Version: 1.00)
THX TruStudio (Version: TAMB-AUS1D-2-LB R04)
Ubisoft Game Launcher (Version: 1.0.0.0)
Universe at War: Earth Assault
Unreal Tournament 3: Black Edition
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.1 (Version: 2.0.1)
Vuze (Version: 4.6)
Vuze Remote Toolbar (Version: 6.3.3.3)
Warhammer 40,000 Space Marine
Warhammer 40,000: Dawn of War – Soulstorm
Warhammer® 40,000®: Dawn of War® II – Retribution™
WIDCOMM Bluetooth Software (Version: 6.2.5.600)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (02/25/2010 6.2.0.9419) (Version: 02/25/2010 6.2.0.9419)
Windows Driver Package - Broadcom Bluetooth (01/19/2010 6.2.0.1417) (Version: 01/19/2010 6.2.0.1417)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (Version: 07/29/2009 6.1.7100.0)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Driver Package - Cmotech (cmusbnet) Net (06/11/2007 2.0.0.9) (Version: 06/11/2007 2.0.0.9)
Windows Driver Package - Cmotech Modem (06/08/2007 2.0.3.9) (Version: 06/08/2007 2.0.3.9)
Windows Driver Package - Cmotech Ports (06/08/2007 2.0.3.9) (Version: 06/08/2007 2.0.3.9)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.31.0)
WinRAR 4.00 (32-bit) (Version: 4.00.0)
Wireless Console 3 (Version: 3.0.19)

========================= Memory info: ===================================

Percentage of memory in use: 66%
Total physical RAM: 8169.17 MB
Available physical RAM: 2753.32 MB
Total Pagefile: 16336.53 MB
Available Pagefile: 9961.25 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.18 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:12.24 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:327.83 GB) (Free:64.98 GB) NTFS
3 Drive e: (SDATA1) (Fixed) (Total:232.87 GB) (Free:73.88 GB) NTFS
4 Drive f: (SDATA2) (Fixed) (Total:232.89 GB) (Free:30.93 GB) NTFS

========================= Users: ========================================

User accounts for \\MARTIN-PC

Administrator Guest Martin
UpdatusUser


**** End of log ****






system look log:

SystemLook 30.07.11 by jpshortstuff
Log created at 14:40 on 22/06/2012 by Martin
Administrator - Elevation successful

========== filefind ==========

Searching for "{2401bb1a-a867-8121-53fe-05bc7e454248}"
No files found.

-= EOF =-

Edited by LOTSL, 21 June 2012 - 11:42 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:23 PM

Posted 22 June 2012 - 01:00 AM

Click on startmenu and type

cmd

Right click on it and select run as administrator and run this command

netsh winsock reset

Press ENTER

Now launch mini toolbox and check mark

List winsock entries



Download

Farbar Service Scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

How is your PC behaving now

Edited by narenxp, 22 June 2012 - 01:01 AM.


#13 LOTSL

LOTSL
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 22 June 2012 - 11:01 AM

Farbar Service Scanner Version: 22-06-2012
Ran by Martin (administrator) on 23-06-2012 at 01:59:03
Running from "C:\Users\Martin\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:23 PM

Posted 22 June 2012 - 11:03 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 LOTSL

LOTSL
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:23 PM

Posted 22 June 2012 - 11:53 AM

everything seems to be in order thanks mate :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users