Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

NGIX Virus


  • Please log in to reply
21 replies to this topic

#1 Capt_Will

Capt_Will

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 26 June 2012 - 02:30 AM

Hello,

My web browsers (IE explorer, Firefox) are sometimes being redirected to a "Welcome to NNGIX" page.

Additionally I cannot access Facebook, yahoo mail, or google mail.

Facebook loads but the page looks like a DOS window. No images, just words, and half the writing is off the left side of the screen.

If i try to go to Yahoo Mail I see the following message in an error window:

Firefox can't establish a connection to the server at login.yahoo.com.
The site could be temporarily unavailable or too busy. Try again in a few
moments.
If you are unable to load any pages, check your computer's network
connection.
If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.

When attempting to go to gmail, I get an error message that says, "Sorry, we can't find "www.gmail.com". Please check the spelling of the web address. "


My browsers run very slow as well.

Thank you for any help you can provide.

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:57 AM

Posted 26 June 2012 - 08:21 PM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 Capt_Will

Capt_Will
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 26 June 2012 - 10:46 PM

Hi. Thank you for responding. While I was waiting, i followed the instructions posted here http://www.bleepingcomputer.com/forums/topic458356.html for fixing the NGIX virus. These are similar but not the same as your instructions. I understand if you don't want to, or can't work with me now. However, If these steps will still work the results are below. I Apologize for getting anxious and jumping the gun. Thank you.

18:06:25.0263 4244 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
18:06:27.0275 4244 ============================================================
18:06:27.0275 4244 Current date / time: 2012/06/26 18:06:27.0275
18:06:27.0275 4244 SystemInfo:
18:06:27.0275 4244
18:06:27.0275 4244 OS Version: 6.1.7601 ServicePack: 1.0
18:06:27.0275 4244 Product type: Workstation
18:06:27.0275 4244 ComputerName: OCEANA-PC
18:06:27.0275 4244 UserName: Oceana
18:06:27.0275 4244 Windows directory: C:\Windows
18:06:27.0275 4244 System windows directory: C:\Windows
18:06:27.0275 4244 Running under WOW64
18:06:27.0275 4244 Processor architecture: Intel x64
18:06:27.0275 4244 Number of processors: 4
18:06:27.0275 4244 Page size: 0x1000
18:06:27.0275 4244 Boot type: Normal boot
18:06:27.0275 4244 ============================================================
18:06:28.0320 4244 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:06:28.0320 4244 Drive \Device\Harddisk1\DR1 - Size: 0xEFF4FE00 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:06:28.0336 4244 Drive \Device\Harddisk2\DR2 - Size: 0x1D1BF100000 (1862.99 Gb), SectorSize: 0x200, Cylinders: 0x1D1BF1, SectorsPerTrack: 0x20, TracksPerCylinder: 0x40, Type 'W'
18:06:46.0479 4244 ============================================================
18:06:46.0479 4244 \Device\Harddisk0\DR0:
18:06:46.0479 4244 MBR partitions:
18:06:46.0479 4244 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x32000
18:06:46.0479 4244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C32800, BlocksNum 0x72AD3DB0
18:06:46.0479 4244 \Device\Harddisk1\DR1:
18:06:46.0479 4244 MBR partitions:
18:06:46.0479 4244 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
18:06:46.0479 4244 \Device\Harddisk2\DR2:
18:06:46.0479 4244 MBR partitions:
18:06:46.0479 4244 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
18:06:46.0479 4244 ============================================================
18:06:46.0510 4244 C: <-> \Device\Harddisk0\DR0\Partition1
18:06:46.0525 4244 K: <-> \Device\Harddisk2\DR2\Partition0
18:06:46.0525 4244 ============================================================
18:06:46.0525 4244 Initialize success
18:06:46.0525 4244 ============================================================
18:07:00.0768 2280 ============================================================
18:07:00.0768 2280 Scan started
18:07:00.0768 2280 Mode: Manual; TDLFS;
18:07:00.0768 2280 ============================================================
18:07:01.0283 2280 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:07:01.0299 2280 1394ohci - ok
18:07:01.0377 2280 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:07:01.0392 2280 ACDaemon - ok
18:07:01.0424 2280 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:07:01.0424 2280 ACPI - ok
18:07:01.0455 2280 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:07:01.0455 2280 AcpiPmi - ok
18:07:01.0580 2280 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:07:01.0580 2280 AdobeFlashPlayerUpdateSvc - ok
18:07:01.0642 2280 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:07:01.0642 2280 adp94xx - ok
18:07:01.0689 2280 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:07:01.0689 2280 adpahci - ok
18:07:01.0720 2280 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:07:01.0720 2280 adpu320 - ok
18:07:01.0751 2280 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:07:01.0751 2280 AeLookupSvc - ok
18:07:01.0845 2280 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
18:07:01.0845 2280 Afc - ok
18:07:01.0907 2280 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:07:01.0907 2280 AFD - ok
18:07:01.0923 2280 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:07:01.0923 2280 agp440 - ok
18:07:01.0938 2280 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:07:01.0938 2280 ALG - ok
18:07:01.0938 2280 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:07:01.0938 2280 aliide - ok
18:07:01.0938 2280 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:07:01.0954 2280 amdide - ok
18:07:01.0954 2280 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:07:01.0954 2280 AmdK8 - ok
18:07:01.0954 2280 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:07:01.0954 2280 AmdPPM - ok
18:07:01.0970 2280 amdsata (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
18:07:01.0970 2280 amdsata - ok
18:07:01.0985 2280 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:07:02.0001 2280 amdsbs - ok
18:07:02.0016 2280 amdxata (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
18:07:02.0016 2280 amdxata - ok
18:07:02.0048 2280 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:07:02.0048 2280 AppID - ok
18:07:02.0048 2280 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:07:02.0048 2280 AppIDSvc - ok
18:07:02.0063 2280 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:07:02.0063 2280 Appinfo - ok
18:07:02.0188 2280 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:07:02.0204 2280 Apple Mobile Device - ok
18:07:02.0204 2280 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:07:02.0204 2280 arc - ok
18:07:02.0219 2280 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:07:02.0219 2280 arcsas - ok
18:07:02.0438 2280 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:07:02.0438 2280 aspnet_state - ok
18:07:02.0453 2280 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:07:02.0453 2280 AsyncMac - ok
18:07:02.0469 2280 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:07:02.0469 2280 atapi - ok
18:07:02.0531 2280 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:07:02.0547 2280 AudioEndpointBuilder - ok
18:07:02.0547 2280 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:07:02.0547 2280 AudioSrv - ok
18:07:02.0578 2280 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:07:02.0578 2280 AxInstSV - ok
18:07:02.0625 2280 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:07:02.0640 2280 b06bdrv - ok
18:07:02.0672 2280 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:07:02.0672 2280 b57nd60a - ok
18:07:02.0750 2280 BBSvc (93ee7d9c35ae7e9ffda148d7805f1421) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:07:02.0750 2280 BBSvc - ok
18:07:02.0828 2280 BCMH43XX (e49110a58a32e9450356686a95dd7763) C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
18:07:02.0843 2280 BCMH43XX - ok
18:07:02.0859 2280 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:07:02.0859 2280 BDESVC - ok
18:07:02.0874 2280 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:07:02.0874 2280 Beep - ok
18:07:02.0937 2280 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:07:02.0952 2280 BFE - ok
18:07:03.0155 2280 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\BASHDefs\20120619.001\BHDrvx64.sys
18:07:03.0171 2280 BHDrvx64 - ok
18:07:03.0311 2280 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
18:07:03.0327 2280 BITS - ok
18:07:03.0358 2280 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
18:07:03.0374 2280 blbdrive - ok
18:07:03.0452 2280 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
18:07:03.0452 2280 Bonjour Service - ok
18:07:03.0498 2280 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:07:03.0498 2280 bowser - ok
18:07:03.0514 2280 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:07:03.0514 2280 BrFiltLo - ok
18:07:03.0530 2280 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:07:03.0530 2280 BrFiltUp - ok
18:07:03.0561 2280 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:07:03.0561 2280 Browser - ok
18:07:03.0608 2280 BrSerIb (e5e9b1625a767ceb6f319c12d33eab78) C:\Windows\system32\DRIVERS\BrSerIb.sys
18:07:03.0623 2280 BrSerIb - ok
18:07:03.0654 2280 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\DRIVERS\BrSerId.sys
18:07:03.0654 2280 Brserid - ok
18:07:03.0654 2280 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:07:03.0654 2280 BrSerWdm - ok
18:07:03.0670 2280 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:07:03.0670 2280 BrUsbMdm - ok
18:07:03.0670 2280 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\DRIVERS\BrUsbSer.sys
18:07:03.0670 2280 BrUsbSer - ok
18:07:03.0686 2280 BrUsbSIb (d9f6b30ad93cbd165ec71fadf51df25e) C:\Windows\system32\DRIVERS\BrUsbSIb.sys
18:07:03.0686 2280 BrUsbSIb - ok
18:07:03.0701 2280 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:07:03.0701 2280 BTHMODEM - ok
18:07:03.0717 2280 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:07:03.0717 2280 bthserv - ok
18:07:03.0810 2280 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
18:07:03.0810 2280 ccSet_N360 - ok
18:07:03.0826 2280 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:07:03.0826 2280 cdfs - ok
18:07:03.0873 2280 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:07:03.0873 2280 cdrom - ok
18:07:03.0904 2280 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:07:03.0904 2280 CertPropSvc - ok
18:07:03.0920 2280 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:07:03.0920 2280 circlass - ok
18:07:03.0951 2280 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:07:03.0951 2280 CLFS - ok
18:07:03.0998 2280 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:07:03.0998 2280 clr_optimization_v2.0.50727_32 - ok
18:07:04.0029 2280 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:07:04.0060 2280 clr_optimization_v2.0.50727_64 - ok
18:07:04.0169 2280 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:07:04.0169 2280 clr_optimization_v4.0.30319_32 - ok
18:07:04.0372 2280 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:07:04.0372 2280 clr_optimization_v4.0.30319_64 - ok
18:07:04.0419 2280 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:07:04.0419 2280 CmBatt - ok
18:07:04.0419 2280 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:07:04.0419 2280 cmdide - ok
18:07:04.0481 2280 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:07:04.0481 2280 CNG - ok
18:07:04.0497 2280 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:07:04.0497 2280 Compbatt - ok
18:07:04.0528 2280 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:07:04.0528 2280 CompositeBus - ok
18:07:04.0528 2280 COMSysApp - ok
18:07:04.0528 2280 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:07:04.0528 2280 crcdisk - ok
18:07:04.0559 2280 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
18:07:04.0559 2280 CryptSvc - ok
18:07:04.0606 2280 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:07:04.0622 2280 DcomLaunch - ok
18:07:04.0653 2280 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:07:04.0668 2280 defragsvc - ok
18:07:04.0684 2280 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:07:04.0700 2280 DfsC - ok
18:07:04.0731 2280 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:07:04.0731 2280 Dhcp - ok
18:07:04.0746 2280 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:07:04.0746 2280 discache - ok
18:07:04.0762 2280 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:07:04.0762 2280 Disk - ok
18:07:04.0809 2280 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:07:04.0809 2280 Dnscache - ok
18:07:04.0840 2280 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:07:04.0840 2280 dot3svc - ok
18:07:04.0871 2280 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
18:07:04.0871 2280 Dot4 - ok
18:07:04.0887 2280 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:07:04.0887 2280 Dot4Print - ok
18:07:04.0902 2280 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
18:07:04.0902 2280 dot4usb - ok
18:07:04.0918 2280 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:07:04.0918 2280 DPS - ok
18:07:04.0934 2280 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:07:04.0949 2280 drmkaud - ok
18:07:05.0012 2280 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:07:05.0027 2280 DXGKrnl - ok
18:07:05.0043 2280 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:07:05.0043 2280 EapHost - ok
18:07:05.0214 2280 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:07:05.0277 2280 ebdrv - ok
18:07:05.0402 2280 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:07:05.0402 2280 eeCtrl - ok
18:07:05.0526 2280 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:07:05.0526 2280 EFS - ok
18:07:05.0589 2280 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:07:05.0589 2280 ehRecvr - ok
18:07:05.0604 2280 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:07:05.0604 2280 ehSched - ok
18:07:05.0667 2280 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:07:05.0682 2280 elxstor - ok
18:07:05.0745 2280 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:07:05.0745 2280 EraserUtilRebootDrv - ok
18:07:05.0745 2280 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:07:05.0745 2280 ErrDev - ok
18:07:05.0792 2280 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:07:05.0807 2280 EventSystem - ok
18:07:05.0854 2280 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:07:05.0854 2280 exfat - ok
18:07:05.0885 2280 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:07:05.0885 2280 fastfat - ok
18:07:05.0948 2280 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:07:05.0963 2280 Fax - ok
18:07:05.0963 2280 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
18:07:05.0963 2280 fdc - ok
18:07:05.0979 2280 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:07:05.0979 2280 fdPHost - ok
18:07:05.0979 2280 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:07:05.0994 2280 FDResPub - ok
18:07:06.0010 2280 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:07:06.0010 2280 FileInfo - ok
18:07:06.0010 2280 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:07:06.0010 2280 Filetrace - ok
18:07:06.0088 2280 FlipShare Service (b8602c90d3c427d8a86ce60437615cf5) C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
18:07:06.0104 2280 FlipShare Service - ok
18:07:06.0182 2280 FlipShareServer (ac5fb7094f31534594cae48306972cbd) C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
18:07:06.0197 2280 FlipShareServer - ok
18:07:06.0275 2280 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
18:07:06.0275 2280 flpydisk - ok
18:07:06.0291 2280 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:07:06.0306 2280 FltMgr - ok
18:07:06.0369 2280 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:07:06.0384 2280 FontCache - ok
18:07:06.0447 2280 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:07:06.0447 2280 FontCache3.0.0.0 - ok
18:07:06.0447 2280 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:07:06.0447 2280 FsDepends - ok
18:07:06.0478 2280 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:07:06.0494 2280 Fs_Rec - ok
18:07:06.0509 2280 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:07:06.0509 2280 fvevol - ok
18:07:06.0509 2280 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:07:06.0509 2280 gagp30kx - ok
18:07:06.0556 2280 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:07:06.0556 2280 GEARAspiWDM - ok
18:07:06.0728 2280 GoogleDesktopManager (03c677d00c839009fab3e8c71b5014e9) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
18:07:06.0759 2280 GoogleDesktopManager - ok
18:07:06.0837 2280 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:07:06.0837 2280 gpsvc - ok
18:07:06.0899 2280 GREGService (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
18:07:06.0899 2280 GREGService - ok
18:07:06.0993 2280 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:07.0008 2280 gupdate - ok
18:07:07.0008 2280 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:07:07.0008 2280 gupdatem - ok
18:07:07.0024 2280 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:07:07.0024 2280 hcw85cir - ok
18:07:07.0055 2280 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:07:07.0071 2280 HdAudAddService - ok
18:07:07.0102 2280 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:07:07.0102 2280 HDAudBus - ok
18:07:07.0118 2280 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:07:07.0118 2280 HidBatt - ok
18:07:07.0133 2280 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:07:07.0133 2280 HidBth - ok
18:07:07.0149 2280 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:07:07.0149 2280 HidIr - ok
18:07:07.0164 2280 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
18:07:07.0164 2280 hidserv - ok
18:07:07.0180 2280 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:07:07.0180 2280 HidUsb - ok
18:07:07.0211 2280 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:07:07.0211 2280 hkmsvc - ok
18:07:07.0242 2280 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:07:07.0242 2280 HomeGroupListener - ok
18:07:07.0274 2280 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:07:07.0274 2280 HomeGroupProvider - ok
18:07:07.0383 2280 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:07:07.0383 2280 hpqcxs08 - ok
18:07:07.0398 2280 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:07:07.0398 2280 hpqddsvc - ok
18:07:07.0414 2280 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:07:07.0414 2280 HpSAMD - ok
18:07:07.0508 2280 HPSLPSVC (d4f91cf4de215d6f14a06087d46725e4) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:07:07.0523 2280 HPSLPSVC - ok
18:07:07.0586 2280 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:07:07.0586 2280 HTTP - ok
18:07:07.0601 2280 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:07:07.0601 2280 hwpolicy - ok
18:07:07.0617 2280 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:07:07.0617 2280 i8042prt - ok
18:07:07.0648 2280 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
18:07:07.0648 2280 iaStor - ok
18:07:07.0710 2280 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:07:07.0710 2280 IAStorDataMgrSvc - ok
18:07:07.0757 2280 iaStorV (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
18:07:07.0757 2280 iaStorV - ok
18:07:07.0851 2280 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:07:07.0866 2280 idsvc - ok
18:07:08.0038 2280 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\IPSDefs\20120623.002\IDSvia64.sys
18:07:08.0038 2280 IDSVia64 - ok
18:07:08.0568 2280 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
18:07:08.0771 2280 igfx - ok
18:07:08.0865 2280 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:07:08.0865 2280 iirsp - ok
18:07:08.0927 2280 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:07:08.0927 2280 IKEEXT - ok
18:07:09.0083 2280 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys
18:07:09.0099 2280 IntcAzAudAddService - ok
18:07:09.0192 2280 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
18:07:09.0208 2280 IntcDAud - ok
18:07:09.0208 2280 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:07:09.0208 2280 intelide - ok
18:07:09.0239 2280 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:07:09.0239 2280 intelppm - ok
18:07:09.0270 2280 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:07:09.0270 2280 IPBusEnum - ok
18:07:09.0270 2280 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:07:09.0270 2280 IpFilterDriver - ok
18:07:09.0317 2280 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:07:09.0333 2280 iphlpsvc - ok
18:07:09.0333 2280 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:07:09.0333 2280 IPMIDRV - ok
18:07:09.0348 2280 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:07:09.0348 2280 IPNAT - ok
18:07:09.0442 2280 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
18:07:09.0458 2280 iPod Service - ok
18:07:09.0473 2280 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:07:09.0473 2280 IRENUM - ok
18:07:09.0489 2280 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:07:09.0489 2280 isapnp - ok
18:07:09.0520 2280 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:07:09.0520 2280 iScsiPrt - ok
18:07:09.0551 2280 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:07:09.0551 2280 kbdclass - ok
18:07:09.0551 2280 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:07:09.0567 2280 kbdhid - ok
18:07:09.0598 2280 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:07:09.0598 2280 KeyIso - ok
18:07:09.0614 2280 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:07:09.0614 2280 KSecDD - ok
18:07:09.0645 2280 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:07:09.0645 2280 KSecPkg - ok
18:07:09.0660 2280 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:07:09.0660 2280 ksthunk - ok
18:07:09.0707 2280 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:07:09.0723 2280 KtmRm - ok
18:07:09.0754 2280 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
18:07:09.0770 2280 LanmanServer - ok
18:07:09.0801 2280 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:07:09.0801 2280 LanmanWorkstation - ok
18:07:09.0879 2280 Live Updater Service (6bcee9c766815bfff89de7d81af34ce1) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
18:07:09.0879 2280 Live Updater Service - ok
18:07:09.0910 2280 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:07:09.0910 2280 lltdio - ok
18:07:09.0957 2280 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:07:09.0972 2280 lltdsvc - ok
18:07:09.0988 2280 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:07:09.0988 2280 lmhosts - ok
18:07:10.0066 2280 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:07:10.0066 2280 LMS - ok
18:07:10.0097 2280 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:07:10.0097 2280 LSI_FC - ok
18:07:10.0097 2280 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:07:10.0113 2280 LSI_SAS - ok
18:07:10.0113 2280 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:07:10.0113 2280 LSI_SAS2 - ok
18:07:10.0128 2280 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:07:10.0128 2280 LSI_SCSI - ok
18:07:10.0175 2280 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:07:10.0175 2280 luafv - ok
18:07:10.0191 2280 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:07:10.0191 2280 Mcx2Svc - ok
18:07:10.0191 2280 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:07:10.0191 2280 megasas - ok
18:07:10.0222 2280 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:07:10.0222 2280 MegaSR - ok
18:07:10.0238 2280 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
18:07:10.0238 2280 MEIx64 - ok
18:07:10.0269 2280 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:07:10.0269 2280 MMCSS - ok
18:07:10.0284 2280 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:07:10.0284 2280 Modem - ok
18:07:10.0300 2280 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:07:10.0300 2280 monitor - ok
18:07:10.0316 2280 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:07:10.0316 2280 mouclass - ok
18:07:10.0331 2280 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:07:10.0331 2280 mouhid - ok
18:07:10.0362 2280 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:07:10.0362 2280 mountmgr - ok
18:07:10.0456 2280 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:07:10.0456 2280 MozillaMaintenance - ok
18:07:10.0456 2280 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:07:10.0472 2280 mpio - ok
18:07:10.0472 2280 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:07:10.0487 2280 mpsdrv - ok
18:07:10.0534 2280 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:07:10.0534 2280 MpsSvc - ok
18:07:10.0550 2280 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:07:10.0550 2280 MRxDAV - ok
18:07:10.0581 2280 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:07:10.0581 2280 mrxsmb - ok
18:07:10.0596 2280 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:07:10.0596 2280 mrxsmb10 - ok
18:07:10.0612 2280 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:07:10.0628 2280 mrxsmb20 - ok
18:07:10.0628 2280 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:07:10.0628 2280 msahci - ok
18:07:10.0643 2280 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:07:10.0674 2280 msdsm - ok
18:07:10.0706 2280 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:07:10.0706 2280 MSDTC - ok
18:07:10.0721 2280 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:07:10.0721 2280 Msfs - ok
18:07:10.0752 2280 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:07:10.0752 2280 mshidkmdf - ok
18:07:10.0768 2280 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:07:10.0768 2280 msisadrv - ok
18:07:10.0799 2280 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:07:10.0799 2280 MSiSCSI - ok
18:07:10.0799 2280 msiserver - ok
18:07:10.0830 2280 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:07:10.0830 2280 MSKSSRV - ok
18:07:10.0846 2280 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:10.0846 2280 MSPCLOCK - ok
18:07:10.0846 2280 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:07:10.0846 2280 MSPQM - ok
18:07:10.0908 2280 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:07:10.0908 2280 MsRPC - ok
18:07:10.0924 2280 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:07:10.0924 2280 mssmbios - ok
18:07:10.0924 2280 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:07:10.0924 2280 MSTEE - ok
18:07:10.0924 2280 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:07:10.0924 2280 MTConfig - ok
18:07:10.0955 2280 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:07:10.0955 2280 Mup - ok
18:07:11.0049 2280 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
18:07:11.0049 2280 N360 - ok
18:07:11.0096 2280 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:07:11.0111 2280 napagent - ok
18:07:11.0158 2280 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:07:11.0158 2280 NativeWifiP - ok
18:07:11.0236 2280 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
18:07:11.0252 2280 NAUpdate - ok
18:07:11.0392 2280 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120626.002\ENG64.SYS
18:07:11.0392 2280 NAVENG - ok
18:07:11.0501 2280 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.0.9\Definitions\VirusDefs\20120626.002\EX64.SYS
18:07:11.0501 2280 NAVEX15 - ok
18:07:11.0642 2280 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:07:11.0657 2280 NDIS - ok
18:07:11.0673 2280 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:11.0673 2280 NdisCap - ok
18:07:11.0704 2280 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:11.0704 2280 NdisTapi - ok
18:07:11.0720 2280 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:11.0720 2280 Ndisuio - ok
18:07:11.0751 2280 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:11.0751 2280 NdisWan - ok
18:07:11.0766 2280 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:07:11.0766 2280 NDProxy - ok
18:07:11.0829 2280 Net Driver HPZ12 (d4f51e88c71bf8f06ea1be320b0bb75b) C:\Windows\system32\HPZinw12.dll
18:07:11.0829 2280 Net Driver HPZ12 - ok
18:07:11.0844 2280 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:07:11.0844 2280 NetBIOS - ok
18:07:11.0876 2280 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:07:11.0876 2280 NetBT - ok
18:07:11.0922 2280 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:07:11.0922 2280 Netlogon - ok
18:07:11.0985 2280 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:07:12.0000 2280 Netman - ok
18:07:12.0219 2280 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:12.0219 2280 NetMsmqActivator - ok
18:07:12.0219 2280 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:12.0219 2280 NetPipeActivator - ok
18:07:12.0250 2280 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:07:12.0250 2280 netprofm - ok
18:07:12.0375 2280 netr28x (af5f224a600f50b7d2b77f4ae59c1abe) C:\Windows\system32\DRIVERS\netr28x.sys
18:07:12.0375 2280 netr28x - ok
18:07:12.0406 2280 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:12.0406 2280 NetTcpActivator - ok
18:07:12.0422 2280 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:12.0422 2280 NetTcpPortSharing - ok
18:07:12.0453 2280 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:07:12.0453 2280 nfrd960 - ok
18:07:12.0484 2280 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:07:12.0484 2280 NlaSvc - ok
18:07:12.0500 2280 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:07:12.0500 2280 Npfs - ok
18:07:12.0500 2280 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:07:12.0500 2280 nsi - ok
18:07:12.0515 2280 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:07:12.0515 2280 nsiproxy - ok
18:07:12.0609 2280 Ntfs (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
18:07:12.0624 2280 Ntfs - ok
18:07:12.0702 2280 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:07:12.0702 2280 Null - ok
18:07:12.0734 2280 nvraid (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
18:07:12.0734 2280 nvraid - ok
18:07:12.0749 2280 nvstor (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
18:07:12.0749 2280 nvstor - ok
18:07:12.0765 2280 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:07:12.0765 2280 nv_agp - ok
18:07:12.0780 2280 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:07:12.0780 2280 ohci1394 - ok
18:07:12.0858 2280 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:12.0858 2280 ose - ok
18:07:12.0905 2280 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:07:12.0921 2280 p2pimsvc - ok
18:07:12.0952 2280 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:07:12.0968 2280 p2psvc - ok
18:07:12.0983 2280 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
18:07:12.0983 2280 Parport - ok
18:07:13.0014 2280 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:07:13.0014 2280 partmgr - ok
18:07:13.0046 2280 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:07:13.0046 2280 PcaSvc - ok
18:07:13.0061 2280 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:07:13.0061 2280 pci - ok
18:07:13.0077 2280 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:07:13.0077 2280 pciide - ok
18:07:13.0108 2280 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:07:13.0108 2280 pcmcia - ok
18:07:13.0124 2280 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:07:13.0124 2280 pcw - ok
18:07:13.0170 2280 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:07:13.0170 2280 PEAUTH - ok
18:07:13.0248 2280 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:07:13.0280 2280 PerfHost - ok
18:07:13.0373 2280 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:07:13.0404 2280 pla - ok
18:07:13.0467 2280 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:07:13.0467 2280 PlugPlay - ok
18:07:13.0529 2280 Pml Driver HPZ12 (9a80707d8b6c1806531bfd7399b3cc76) C:\Windows\system32\HPZipm12.dll
18:07:13.0529 2280 Pml Driver HPZ12 - ok
18:07:13.0529 2280 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:07:13.0529 2280 PNRPAutoReg - ok
18:07:13.0576 2280 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:07:13.0576 2280 PNRPsvc - ok
18:07:13.0623 2280 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:07:13.0623 2280 PolicyAgent - ok
18:07:13.0670 2280 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:07:13.0670 2280 Power - ok
18:07:13.0732 2280 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:07:13.0732 2280 PptpMiniport - ok
18:07:13.0748 2280 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:07:13.0748 2280 Processor - ok
18:07:13.0763 2280 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
18:07:13.0779 2280 ProfSvc - ok
18:07:13.0810 2280 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:07:13.0810 2280 ProtectedStorage - ok
18:07:13.0826 2280 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:07:13.0826 2280 Psched - ok
18:07:13.0966 2280 QBCFMonitorService (1431f734dcabc6edaa8791f067a144d9) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
18:07:13.0966 2280 QBCFMonitorService - ok
18:07:14.0028 2280 QBFCService (6bee1814470dc12fa20c53dfc3c97ebb) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
18:07:14.0028 2280 QBFCService - ok
18:07:14.0138 2280 QBVSS (25fc19badf78b7fb1d835aac4b0b91a5) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
18:07:14.0138 2280 QBVSS - ok
18:07:14.0309 2280 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:07:14.0325 2280 ql2300 - ok
18:07:14.0387 2280 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:07:14.0387 2280 ql40xx - ok
18:07:14.0418 2280 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:07:14.0434 2280 QWAVE - ok
18:07:14.0450 2280 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:07:14.0450 2280 QWAVEdrv - ok
18:07:14.0465 2280 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:07:14.0465 2280 RasAcd - ok
18:07:14.0496 2280 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:07:14.0512 2280 RasAgileVpn - ok
18:07:14.0528 2280 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:07:14.0528 2280 RasAuto - ok
18:07:14.0543 2280 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:07:14.0543 2280 Rasl2tp - ok
18:07:14.0590 2280 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:07:14.0606 2280 RasMan - ok
18:07:14.0621 2280 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:14.0621 2280 RasPppoe - ok
18:07:14.0637 2280 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:07:14.0637 2280 RasSstp - ok
18:07:14.0668 2280 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:07:14.0668 2280 rdbss - ok
18:07:14.0684 2280 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
18:07:14.0684 2280 rdpbus - ok
18:07:14.0699 2280 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:07:14.0699 2280 RDPCDD - ok
18:07:14.0715 2280 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:07:14.0715 2280 RDPENCDD - ok
18:07:14.0715 2280 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:07:14.0715 2280 RDPREFMP - ok
18:07:14.0762 2280 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:07:14.0762 2280 RDPWD - ok
18:07:14.0777 2280 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:07:14.0777 2280 rdyboost - ok
18:07:14.0808 2280 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:07:14.0808 2280 RemoteAccess - ok
18:07:14.0824 2280 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:07:14.0840 2280 RemoteRegistry - ok
18:07:14.0855 2280 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:07:14.0855 2280 RpcEptMapper - ok
18:07:14.0871 2280 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:07:14.0871 2280 RpcLocator - ok
18:07:14.0918 2280 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:07:14.0933 2280 RpcSs - ok
18:07:14.0949 2280 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:07:14.0949 2280 rspndr - ok
18:07:14.0996 2280 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:07:15.0011 2280 RTL8167 - ok
18:07:15.0042 2280 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:07:15.0042 2280 SamSs - ok
18:07:15.0058 2280 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:07:15.0058 2280 sbp2port - ok
18:07:15.0074 2280 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:07:15.0089 2280 SCardSvr - ok
18:07:15.0105 2280 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:07:15.0105 2280 scfilter - ok
18:07:15.0167 2280 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:07:15.0183 2280 Schedule - ok
18:07:15.0198 2280 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:07:15.0198 2280 SCPolicySvc - ok
18:07:15.0230 2280 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:07:15.0230 2280 SDRSVC - ok
18:07:15.0308 2280 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:07:15.0308 2280 SeaPort - ok
18:07:15.0354 2280 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:07:15.0354 2280 secdrv - ok
18:07:15.0370 2280 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:07:15.0370 2280 seclogon - ok
18:07:15.0401 2280 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
18:07:15.0401 2280 SENS - ok
18:07:15.0401 2280 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:07:15.0401 2280 SensrSvc - ok
18:07:15.0432 2280 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
18:07:15.0432 2280 Serenum - ok
18:07:15.0464 2280 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
18:07:15.0464 2280 Serial - ok
18:07:15.0464 2280 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:07:15.0464 2280 sermouse - ok
18:07:15.0495 2280 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:07:15.0495 2280 SessionEnv - ok
18:07:15.0510 2280 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:07:15.0510 2280 sffdisk - ok
18:07:15.0510 2280 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:07:15.0510 2280 sffp_mmc - ok
18:07:15.0510 2280 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:07:15.0510 2280 sffp_sd - ok
18:07:15.0526 2280 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:07:15.0526 2280 sfloppy - ok
18:07:15.0573 2280 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:07:15.0573 2280 SharedAccess - ok
18:07:15.0620 2280 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:07:15.0620 2280 ShellHWDetection - ok
18:07:15.0635 2280 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:07:15.0635 2280 SiSRaid2 - ok
18:07:15.0666 2280 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:07:15.0666 2280 SiSRaid4 - ok
18:07:15.0666 2280 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:07:15.0666 2280 Smb - ok
18:07:15.0713 2280 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:07:15.0713 2280 SNMPTRAP - ok
18:07:15.0729 2280 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:07:15.0729 2280 spldr - ok
18:07:15.0760 2280 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:07:15.0760 2280 Spooler - ok
18:07:15.0947 2280 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:07:15.0994 2280 sppsvc - ok
18:07:16.0088 2280 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:07:16.0088 2280 sppuinotify - ok
18:07:16.0228 2280 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
18:07:16.0228 2280 SRTSP - ok
18:07:16.0244 2280 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
18:07:16.0244 2280 SRTSPX - ok
18:07:16.0290 2280 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:07:16.0306 2280 srv - ok
18:07:16.0322 2280 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:07:16.0337 2280 srv2 - ok
18:07:16.0353 2280 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:07:16.0353 2280 srvnet - ok
18:07:16.0384 2280 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:07:16.0384 2280 SSDPSRV - ok
18:07:16.0415 2280 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:07:16.0415 2280 SstpSvc - ok
18:07:16.0446 2280 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:07:16.0446 2280 stexstor - ok
18:07:16.0509 2280 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:07:16.0524 2280 stisvc - ok
18:07:16.0540 2280 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:07:16.0540 2280 swenum - ok
18:07:16.0587 2280 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:07:16.0602 2280 swprv - ok
18:07:16.0696 2280 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
18:07:16.0712 2280 SymDS - ok
18:07:16.0790 2280 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
18:07:16.0805 2280 SymEFA - ok
18:07:16.0836 2280 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
18:07:16.0852 2280 SymEvent - ok
18:07:16.0883 2280 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
18:07:16.0883 2280 SymIRON - ok
18:07:16.0914 2280 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS
18:07:16.0914 2280 SymNetS - ok
18:07:17.0008 2280 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:07:17.0039 2280 SysMain - ok
18:07:17.0133 2280 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:07:17.0133 2280 TabletInputService - ok
18:07:17.0164 2280 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:07:17.0180 2280 TapiSrv - ok
18:07:17.0195 2280 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:07:17.0195 2280 TBS - ok
18:07:17.0320 2280 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:07:17.0336 2280 Tcpip - ok
18:07:17.0460 2280 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:07:17.0476 2280 TCPIP6 - ok
18:07:17.0523 2280 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:07:17.0523 2280 tcpipreg - ok
18:07:17.0538 2280 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:07:17.0538 2280 TDPIPE - ok
18:07:17.0570 2280 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:07:17.0585 2280 TDTCP - ok
18:07:17.0601 2280 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:07:17.0601 2280 tdx - ok
18:07:17.0616 2280 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:07:17.0616 2280 TermDD - ok
18:07:17.0663 2280 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:07:17.0679 2280 TermService - ok
18:07:17.0694 2280 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:07:17.0694 2280 Themes - ok
18:07:17.0726 2280 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:07:17.0726 2280 THREADORDER - ok
18:07:17.0741 2280 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:07:17.0741 2280 TrkWks - ok
18:07:17.0772 2280 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:07:17.0788 2280 TrustedInstaller - ok
18:07:17.0788 2280 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:07:17.0788 2280 tssecsrv - ok
18:07:17.0819 2280 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:07:17.0819 2280 TsUsbFlt - ok
18:07:17.0835 2280 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
18:07:17.0835 2280 TsUsbGD - ok
18:07:17.0866 2280 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:07:17.0866 2280 tunnel - ok
18:07:17.0882 2280 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:07:17.0882 2280 uagp35 - ok
18:07:17.0897 2280 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:07:17.0913 2280 udfs - ok
18:07:17.0944 2280 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:07:17.0944 2280 UI0Detect - ok
18:07:17.0960 2280 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:07:17.0960 2280 uliagpkx - ok
18:07:17.0991 2280 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
18:07:17.0991 2280 umbus - ok
18:07:18.0006 2280 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:07:18.0006 2280 UmPass - ok
18:07:18.0225 2280 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:07:18.0287 2280 UNS - ok
18:07:18.0396 2280 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:07:18.0396 2280 upnphost - ok
18:07:18.0428 2280 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:07:18.0428 2280 usbccgp - ok
18:07:18.0428 2280 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:07:18.0428 2280 usbcir - ok
18:07:18.0443 2280 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
18:07:18.0443 2280 usbehci - ok
18:07:18.0490 2280 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:07:18.0506 2280 usbhub - ok
18:07:18.0521 2280 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:07:18.0521 2280 usbohci - ok
18:07:18.0552 2280 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:07:18.0552 2280 usbprint - ok
18:07:18.0584 2280 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:07:18.0584 2280 usbscan - ok
18:07:18.0599 2280 USBSTOR (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:07:18.0599 2280 USBSTOR - ok
18:07:18.0630 2280 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
18:07:18.0630 2280 usbuhci - ok
18:07:18.0646 2280 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:07:18.0646 2280 UxSms - ok
18:07:18.0677 2280 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:07:18.0677 2280 VaultSvc - ok
18:07:18.0708 2280 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:07:18.0708 2280 vdrvroot - ok
18:07:18.0740 2280 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:07:18.0755 2280 vds - ok
18:07:18.0771 2280 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:07:18.0771 2280 vga - ok
18:07:18.0786 2280 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:07:18.0786 2280 VgaSave - ok
18:07:18.0802 2280 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:07:18.0802 2280 vhdmp - ok
18:07:18.0818 2280 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:07:18.0818 2280 viaide - ok
18:07:18.0833 2280 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:07:18.0833 2280 volmgr - ok
18:07:18.0880 2280 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:07:18.0880 2280 volmgrx - ok
18:07:18.0896 2280 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:07:18.0896 2280 volsnap - ok
18:07:18.0927 2280 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:07:18.0927 2280 vsmraid - ok
18:07:19.0020 2280 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:07:19.0052 2280 VSS - ok
18:07:19.0145 2280 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
18:07:19.0145 2280 vwifibus - ok
18:07:19.0192 2280 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:19.0192 2280 vwififlt - ok
18:07:19.0223 2280 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
18:07:19.0223 2280 vwifimp - ok
18:07:19.0270 2280 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:07:19.0286 2280 W32Time - ok
18:07:19.0286 2280 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:07:19.0286 2280 WacomPen - ok
18:07:19.0317 2280 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:07:19.0317 2280 WANARP - ok
18:07:19.0332 2280 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:07:19.0332 2280 Wanarpv6 - ok
18:07:19.0426 2280 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:07:19.0457 2280 WatAdminSvc - ok
18:07:19.0535 2280 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:07:19.0566 2280 wbengine - ok
18:07:19.0644 2280 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:07:19.0644 2280 WbioSrvc - ok
18:07:19.0691 2280 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:07:19.0691 2280 wcncsvc - ok
18:07:19.0707 2280 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:07:19.0707 2280 WcsPlugInService - ok
18:07:19.0722 2280 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:07:19.0722 2280 Wd - ok
18:07:19.0754 2280 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
18:07:19.0754 2280 WDC_SAM - ok
18:07:19.0800 2280 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:07:19.0816 2280 Wdf01000 - ok
18:07:19.0832 2280 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:07:19.0847 2280 WdiServiceHost - ok
18:07:19.0847 2280 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:07:19.0847 2280 WdiSystemHost - ok
18:07:19.0878 2280 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:07:19.0878 2280 WebClient - ok
18:07:19.0910 2280 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:07:19.0910 2280 Wecsvc - ok
18:07:19.0925 2280 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:07:19.0925 2280 wercplsupport - ok
18:07:19.0941 2280 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:07:19.0941 2280 WerSvc - ok
18:07:19.0956 2280 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:07:19.0956 2280 WfpLwf - ok
18:07:19.0956 2280 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:07:19.0956 2280 WIMMount - ok
18:07:19.0972 2280 WinDefend - ok
18:07:19.0988 2280 WinHttpAutoProxySvc - ok
18:07:20.0019 2280 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:07:20.0019 2280 Winmgmt - ok
18:07:20.0112 2280 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:07:20.0144 2280 WinRM - ok
18:07:20.0190 2280 WLANBelkinService (0f695800783c3f9e577b94bf1e71d95a) C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
18:07:20.0190 2280 WLANBelkinService - ok
18:07:20.0300 2280 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:07:20.0315 2280 Wlansvc - ok
18:07:20.0378 2280 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:07:20.0378 2280 wlcrasvc - ok
18:07:20.0519 2280 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:07:20.0581 2280 wlidsvc - ok
18:07:20.0644 2280 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:07:20.0644 2280 WmiAcpi - ok
18:07:20.0706 2280 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:07:20.0706 2280 wmiApSrv - ok
18:07:20.0722 2280 WMPNetworkSvc - ok
18:07:20.0753 2280 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:07:20.0753 2280 WPCSvc - ok
18:07:20.0769 2280 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:07:20.0769 2280 WPDBusEnum - ok
18:07:20.0784 2280 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:07:20.0784 2280 ws2ifsl - ok
18:07:20.0815 2280 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
18:07:20.0815 2280 wscsvc - ok
18:07:20.0815 2280 WSearch - ok
18:07:20.0987 2280 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:07:21.0034 2280 wuauserv - ok
18:07:21.0096 2280 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:07:21.0096 2280 WudfPf - ok
18:07:21.0112 2280 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:07:21.0112 2280 WUDFRd - ok
18:07:21.0143 2280 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:07:21.0143 2280 wudfsvc - ok
18:07:21.0159 2280 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:07:21.0174 2280 WwanSvc - ok
18:07:21.0205 2280 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:07:21.0502 2280 \Device\Harddisk0\DR0 - ok
18:07:21.0517 2280 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR1
18:07:21.0627 2280 \Device\Harddisk1\DR1 - ok
18:07:21.0627 2280 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
18:07:22.0297 2280 \Device\Harddisk2\DR2 - ok
18:07:22.0297 2280 Boot (0x1200) (9f732510e6cb18a4346af2dc7fa3ec8f) \Device\Harddisk0\DR0\Partition0
18:07:22.0297 2280 \Device\Harddisk0\DR0\Partition0 - ok
18:07:22.0297 2280 Boot (0x1200) (0f6873185a96326f080c76788e53cf6a) \Device\Harddisk0\DR0\Partition1
18:07:22.0313 2280 \Device\Harddisk0\DR0\Partition1 - ok
18:07:22.0313 2280 Boot (0x1200) (b580d7cc0a387b9d1fe8ce18c71ceea6) \Device\Harddisk1\DR1\Partition0
18:07:22.0313 2280 \Device\Harddisk1\DR1\Partition0 - ok
18:07:22.0313 2280 Boot (0x1200) (97793c6ebe782489632be676e2c9be30) \Device\Harddisk2\DR2\Partition0
18:07:22.0313 2280 \Device\Harddisk2\DR2\Partition0 - ok
18:07:22.0313 2280 ============================================================
18:07:22.0313 2280 Scan finished
18:07:22.0313 2280 ============================================================
18:07:22.0329 6392 Detected object count: 0
18:07:22.0329 6392 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-26 18:09:30
-----------------------------
18:09:30.216 OS Version: Windows x64 6.1.7601 Service Pack 1
18:09:30.216 Number of processors: 4 586 0x2A07
18:09:30.216 ComputerName: OCEANA-PC UserName: Oceana
18:09:32.368 Initialize success
18:10:24.048 AVAST engine defs: 12062601
18:19:25.401 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:19:25.401 Disk 0 Vendor: WDC_WD10 77.0 Size: 953869MB BusType: 3
18:19:25.417 Disk 0 MBR read successfully
18:19:25.417 Disk 0 MBR scan
18:19:25.417 Disk 0 Windows 7 default MBR code
18:19:25.417 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
18:19:25.448 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
18:19:25.464 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939431 MB offset 29566976
18:19:25.479 Disk 0 scanning C:\Windows\system32\drivers
18:19:30.705 Service scanning
18:19:46.274 Modules scanning
18:19:46.274 Disk 0 trace - called modules:
18:19:46.290 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
18:19:46.804 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e34060]
18:19:46.804 3 CLASSPNP.SYS[fffff88001d5e43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f9c050]
18:19:48.723 AVAST engine scan C:\Windows
18:19:50.814 AVAST engine scan C:\Windows\system32
18:21:50.861 AVAST engine scan C:\Windows\system32\drivers
18:21:59.910 AVAST engine scan C:\Users\Oceana
18:27:22.535 AVAST engine scan C:\ProgramData
18:28:16.419 Scan finished successfully
18:29:51.407 Disk 0 MBR has been saved successfully to "C:\Users\Oceana\Desktop\MBR.dat"
18:29:51.423 The log file has been saved successfully to "C:\Users\Oceana\Desktop\aswMBR.txt"


ESET Results:
C:\Users\Oceana\Downloads\cnet_lmltsetup_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined



MiniToolBox by Farbar Version: 25-06-2012
Ran by Oceana (administrator) on 26-06-2012 at 19:54:56
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Belkin USB Wireless Adaptor = Wireless Network Connection 3 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Oceana-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 08-86-3B-36-02-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Belkin USB Wireless Adaptor
Physical Address. . . . . . . . . : 08-86-3B-36-02-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d4b:1b05:c837:11e9%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 26, 2012 6:10:01 PM
Lease Expires . . . . . . . . . . : Saturday, August 03, 2148 2:23:19 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 503875131
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-1F-90-BA-E0-69-95-6F-3C-1F
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 68-A3-C4-92-0F-70
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::92:7eea:e2d5:2050%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 26, 2012 6:00:08 PM
Lease Expires . . . . . . . . . . : Saturday, August 03, 2148 2:23:19 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 224961476
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-1F-90-BA-E0-69-95-6F-3C-1F
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E0-69-95-6F-3C-1F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{91FF5EB0-5A38-4282-AD73-B0750202CE7D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:34ee:cd1:b3e8:9923(Preferred)
Link-local IPv6 Address . . . . . : fe80::34ee:cd1:b3e8:9923%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{3AD733E3-FF19-4E32-9FCB-9FADE22C4ACC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: router.belkin
Address: 192.168.2.1

Name: google.com
Addresses: 2001:4860:800a::71
74.125.134.138
74.125.134.113
74.125.134.100
74.125.134.101
74.125.134.102
74.125.134.139


Pinging google.com [74.125.134.138] with 32 bytes of data:
Reply from 74.125.134.138: bytes=32 time=38ms TTL=44
Reply from 74.125.134.138: bytes=32 time=40ms TTL=44

Ping statistics for 74.125.134.138:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 40ms, Average = 39ms
Server: router.belkin
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=58ms TTL=47
Reply from 209.191.122.70: bytes=32 time=56ms TTL=47

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 58ms, Average = 57ms
Server: router.belkin
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...08 86 3b 36 02 21 ......Microsoft Virtual WiFi Miniport Adapter #2
15...08 86 3b 36 02 21 ......Belkin USB Wireless Adaptor
12...68 a3 c4 92 0f 70 ......802.11n Wireless LAN Card
11...e0 69 95 6f 3c 1f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.6 25
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.6 281
192.168.2.0 255.255.255.0 On-link 192.168.2.2 281
192.168.2.2 255.255.255.255 On-link 192.168.2.2 281
192.168.2.6 255.255.255.255 On-link 192.168.2.6 281
192.168.2.255 255.255.255.255 On-link 192.168.2.6 281
192.168.2.255 255.255.255.255 On-link 192.168.2.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 281
224.0.0.0 240.0.0.0 On-link 192.168.2.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 281
255.255.255.255 255.255.255.255 On-link 192.168.2.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:34ee:cd1:b3e8:9923/128
On-link
15 281 fe80::/64 On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
12 281 fe80::92:7eea:e2d5:2050/128
On-link
15 281 fe80::d4b:1b05:c837:11e9/128
On-link
13 306 fe80::34ee:cd1:b3e8:9923/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
15 281 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/26/2012 06:30:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 06:30:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 06:30:44 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 06:30:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 05:01:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6038

Error: (06/26/2012 05:01:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6038

Error: (06/26/2012 05:01:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/26/2012 05:01:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5039

Error: (06/26/2012 05:01:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5039

Error: (06/26/2012 05:01:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/26/2012 04:39:35 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (06/26/2012 04:39:34 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (06/26/2012 03:14:57 PM) (Source: BugCheck) (User: )
Description: 0x0000001a (0x0000000000041790, 0xfffffa8001c8d1d0, 0x000000000000ffff, 0x0000000000000000)C:\Windows\MEMORY.DMP062612-49733-01

Error: (06/26/2012 03:14:38 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:10:47 PM on ?6/?26/?2012 was unexpected.

Error: (06/20/2012 09:00:35 AM) (Source: Service Control Manager) (User: )
Description: The QBIDPService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (06/18/2012 05:47:48 PM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/15/2012 07:20:29 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (06/14/2012 05:54:18 PM) (Source: DCOM) (User: )
Description: 109gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (06/14/2012 05:54:07 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%109

Error: (06/14/2012 03:34:18 AM) (Source: Service Control Manager) (User: )
Description: The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (06/26/2012 06:30:49 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Oceana\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 06:30:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Oceana\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 06:30:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Oceana\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 06:30:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Oceana\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 05:01:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6038

Error: (06/26/2012 05:01:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6038

Error: (06/26/2012 05:01:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/26/2012 05:01:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5039

Error: (06/26/2012 05:01:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5039

Error: (06/26/2012 05:01:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.4)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Photoshop Lightroom 4.1 (Version: 4.1.2)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Anti-phishing Domain Advisor (Version: 1.0.0.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression for Kodak (Version: 2.0.24.1050)
Belkin USB Wireless Adaptor (Version: 1.0.0.06)
Best Buy pc app (Version: 3.2.0.0)
Best Buy pc app (Version: 3.2.420.5)
Bing Bar (Version: 7.0.610.0)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-6490CW (Version: 1.0.1.0)
BufferChm (Version: 140.0.212.000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink PowerDVD 10 (Version: 10.0.2531.52)
D110 (Version: 140.0.283.000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
ESET Online Scanner v3
FlipShare (Version: 5.12.3.0)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Garmin Lifetime Updater (Version: 2.1.11)
Gateway Recovery Management (Version: 5.00.3002)
Gateway Registration (Version: 1.03.3003)
Gateway ScreenSaver (Version: 1.1.0225.2011)
Gateway Updater (Version: 1.02.3005)
Google Chrome (Version: 19.0.1084.56)
Google Chrome Frame (Version: 19.0.1084.56)
Google Desktop (Version: -)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 140.0.211.000)
Hotkey Utility (Version: 2.05.3014)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPAppStudio (Version: 140.0.95.000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Identity Card (Version: 1.00.3006)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
KODAK Share Button App (Version: 4.01.0000.0000)
LoanMaster Lite (Version: 1.00.0000)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2003 Primary Interop Assemblies (Version: 11.0.6553.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Network64 (Version: 140.0.215.000)
Norton 360 (Version: 6.2.1.5)
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickBooks (Version: 22.0.4001.2206)
QuickBooks Pro 2012 (Version: 22.0.4001.2206)
QuickTime (Version: 7.72.80.56)
QuickTransfer (Version: 140.0.98.000)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6257)
Scan (Version: 140.0.80.000)
Search.com Bar (Version: 1.0.0.0)
Shop for HP Supplies (Version: 14.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
Status (Version: 140.0.256.000)
SupportSoft Assisted Service (Version: 15)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebReg (Version: 140.0.212.017)
Welcome Center (Version: 1.02.3102)
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (Version: 01/29/2010 1.4.1.0)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 6056.49 MB
Available physical RAM: 3692.31 MB
Total Pagefile: 12111.18 MB
Available Pagefile: 9397.39 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.43 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:917.41 GB) (Free:778.48 GB) NTFS
8 Drive j: () (Removable) (Total:3.74 GB) (Free:3.7 GB) FAT32
9 Drive k: (My Book) (Fixed) (Total:1862.98 GB) (Free:1631.66 GB) NTFS

========================= Users: ========================================

User accounts for \\OCEANA-PC

Administrator Guest Oceana


**** End of log ****

#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:57 AM

Posted 26 June 2012 - 10:49 PM

I still need MBAM log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 Capt_Will

Capt_Will
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 26 June 2012 - 11:11 PM

Thank You,

Here is the MBAM log:

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.27.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Oceana :: OCEANA-PC [administrator]

Protection: Enabled

6/27/2012 12:06:39 AM
mbam-log-2012-06-27 (00-06-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 213628
Time elapsed: 3 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\$Recycle.Bin\S-1-5-21-1816849399-2866198441-2104614670-1000\$RBWAYL2.JPG (Extension.Mismatch) -> Quarantined and deleted successfully.

(end)

#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:57 AM

Posted 26 June 2012 - 11:14 PM

Still redirected?

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 Capt_Will

Capt_Will
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 26 June 2012 - 11:16 PM

No. Everything seems back to normal

#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:57 AM

Posted 26 June 2012 - 11:17 PM

Cool :)

Couple more scans....

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 Capt_Will

Capt_Will
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 27 June 2012 - 09:53 AM

ESET found no threats

#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:57 AM

Posted 27 June 2012 - 11:10 AM

I can see you missed Security Check scan from my original instructions.
Please post that.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 Capt_Will

Capt_Will
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 27 June 2012 - 11:26 AM

Oops! Sorry

Here it is

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Java™ 6 Update 31
Adobe Flash Player 11.3.300.262
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````

#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:57 AM

Posted 27 June 2012 - 11:32 AM

1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.

=========================================================

Your computer is clean Posted Image

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/

2. Make sure, Windows Updates are current.

3. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

5. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

6. Run Temporary File Cleaner (TFC) weekly.

7. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

8. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

9. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

10. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

11. Except for MBAM and TFC, which are keepers you can simply delete all other tools we used as they don't install.

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#13 Capt_Will

Capt_Will
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 27 June 2012 - 11:59 AM

Thanks Broni,

I downloaded and installed the recommended programs.

Really appreciate you helping me out with this.

Watch PayPal for a little token of my appreciation...

#14 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:08:57 AM

Posted 27 June 2012 - 12:13 PM

You're very welcome Posted Image

...and thank you :)

My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#15 Capt_Will

Capt_Will
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:57 PM

Posted 29 July 2012 - 08:35 PM

Hi Broni,

Looks like I got the NGIX virus again. Here are the logs

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
ESET Online Scanner v3
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

Secunia PSI (3.0.0.1002)
JavaFX 2.1.1
Java™ 6 Update 33
Java™ 7 Update 5
Out of date Java installed!
Adobe Flash Player 11.3.300.268
Adobe Reader X (10.1.3)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Norton ccSvcHst.exe
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
``````````End of Log````````````



Farbar Service Scanner Version: 26-07-2012
Ran by Oceana (administrator) on 29-07-2012 at 20:54:24
Running from "C:\Users\Oceana\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




MiniToolBox by Farbar Version: 25-06-2012
Ran by Oceana (administrator) on 29-07-2012 at 20:55:58
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Belkin USB Wireless Adaptor = Wireless Network Connection 3 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Oceana-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 08-86-3B-36-02-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Belkin USB Wireless Adaptor
Physical Address. . . . . . . . . : 08-86-3B-36-02-21
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d4b:1b05:c837:11e9%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, July 29, 2012 8:41:16 PM
Lease Expires . . . . . . . . . . : Thursday, September 05, 2148 3:24:18 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 503875131
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-1F-90-BA-E0-69-95-6F-3C-1F
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 68-A3-C4-92-0F-70
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::92:7eea:e2d5:2050%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, July 29, 2012 8:41:15 PM
Lease Expires . . . . . . . . . . : Thursday, September 05, 2148 3:24:18 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 224961476
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-1F-90-BA-E0-69-95-6F-3C-1F
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : E0-69-95-6F-3C-1F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:c4b:38d4:b3e8:9923(Preferred)
Link-local IPv6 Address . . . . . : fe80::c4b:38d4:b3e8:9923%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: router.belkin
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.45.100] with 32 bytes of data:
Reply from 74.125.45.100: bytes=32 time=37ms TTL=49
Reply from 74.125.45.100: bytes=32 time=37ms TTL=49

Ping statistics for 74.125.45.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 37ms, Average = 37ms
Server: router.belkin
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=93ms TTL=47
Reply from 98.139.183.24: bytes=32 time=241ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 241ms, Average = 167ms
Server: router.belkin
Address: 192.168.2.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 1ms, Average = 1ms
===========================================================================
Interface List
15...08 86 3b 36 02 21 ......Microsoft Virtual WiFi Miniport Adapter #2
14...08 86 3b 36 02 21 ......Belkin USB Wireless Adaptor
12...68 a3 c4 92 0f 70 ......802.11n Wireless LAN Card
11...e0 69 95 6f 3c 1f ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.5 30
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.5 286
192.168.2.0 255.255.255.0 On-link 192.168.2.2 286
192.168.2.2 255.255.255.255 On-link 192.168.2.2 286
192.168.2.5 255.255.255.255 On-link 192.168.2.5 286
192.168.2.255 255.255.255.255 On-link 192.168.2.5 286
192.168.2.255 255.255.255.255 On-link 192.168.2.2 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 286
224.0.0.0 240.0.0.0 On-link 192.168.2.5 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 286
255.255.255.255 255.255.255.255 On-link 192.168.2.5 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:9d38:953c:c4b:38d4:b3e8:9923/128
On-link
14 286 fe80::/64 On-link
12 286 fe80::/64 On-link
19 306 fe80::/64 On-link
12 286 fe80::92:7eea:e2d5:2050/128
On-link
19 306 fe80::c4b:38d4:b3e8:9923/128
On-link
14 286 fe80::d4b:1b05:c837:11e9/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
14 286 ff00::/8 On-link
12 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/29/2012 08:42:11 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (07/29/2012 08:42:11 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (07/29/2012 08:42:11 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (07/29/2012 08:41:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2012 03:26:53 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (07/29/2012 03:26:53 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (07/29/2012 03:26:53 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (07/29/2012 03:25:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2012 06:27:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584

Error: (07/28/2012 06:27:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584


System errors:
=============
Error: (07/28/2012 05:25:32 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (07/27/2012 08:15:41 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{D5FCAEA6-07B3-45EA-979B-09A09A3FA312} because another computer on the network has the same name. The server could not start.

Error: (07/27/2012 05:58:13 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (07/27/2012 05:58:00 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (07/27/2012 05:57:55 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.

Error: (07/27/2012 05:57:30 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

Error: (07/26/2012 06:29:09 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.

Error: (07/26/2012 06:29:08 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.

Error: (07/26/2012 06:29:07 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR10.

Error: (07/26/2012 05:58:41 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.


Microsoft Office Sessions:
=========================
Error: (07/29/2012 08:42:11 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (07/29/2012 08:42:11 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (07/29/2012 08:42:11 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (07/29/2012 08:41:19 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2012 03:26:53 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (07/29/2012 03:26:53 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (07/29/2012 03:26:53 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (07/29/2012 03:25:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2012 06:27:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584

Error: (07/28/2012 06:27:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.4)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.268)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Photoshop Lightroom 4.1 (Version: 4.1.2)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Anti-phishing Domain Advisor (Version: 1.0.0.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression for Kodak (Version: 2.0.24.1050)
Belkin USB Wireless Adaptor (Version: 1.0.0.06)
Best Buy pc app (Version: 3.2.0.0)
Best Buy pc app (Version: 3.2.420.5)
Bing Bar (Version: 7.0.610.0)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-6490CW (Version: 1.0.1.0)
BufferChm (Version: 140.0.212.000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 5.0.0.0)
CyberLink PowerDVD 10 (Version: 10.0.2531.52)
D110 (Version: 140.0.283.000)
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
ESET Online Scanner v3
FileHippo.com Update Checker
FlipShare (Version: 5.12.3.0)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Garmin Lifetime Updater (Version: 2.1.11)
Gateway Recovery Management (Version: 5.00.3002)
Gateway Registration (Version: 1.03.3003)
Gateway ScreenSaver (Version: 1.1.0225.2011)
Gateway Updater (Version: 1.02.3005)
Google Chrome (Version: 20.0.1132.57)
Google Chrome Frame (Version: 20.0.1132.57)
Google Desktop (Version: -)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 140.0.211.000)
Hotkey Utility (Version: 2.05.3014)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPAppStudio (Version: 140.0.95.000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Identity Card (Version: 1.00.3006)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 33 (Version: 6.0.330)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
KODAK Share Button App (Version: 4.01.0000.0000)
LoanMaster Lite (Version: 1.00.0000)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2003 Primary Interop Assemblies (Version: 11.0.6553.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nero Control Center 10 (Version: 10.2.11100.1.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.5.10000)
Nero Core Components 10 (Version: 2.0.18100.8.8)
Nero DiscSpeed 10 (Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (Version: 10.5.10000)
Nero Express 10 (Version: 10.2.12000.21.100)
Nero Express 10 Help (CHM) (Version: 10.5.10200)
Nero Multimedia Suite 10 Essentials (Version: 10.5.10300)
Nero StartSmart 10 (Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (Version: 10.5.10000)
Nero Update (Version: 1.0.0018)
Network64 (Version: 140.0.215.000)
Norton 360 (Version: 6.2.1.5)
PS_AIO_07_D110_SW_Min (Version: 140.0.142.000)
QuickBooks (Version: 22.0.4009.2206)
QuickBooks Pro 2012 (Version: 22.0.4009.2206)
QuickTime (Version: 7.72.80.56)
QuickTransfer (Version: 140.0.98.000)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6257)
Scan (Version: 140.0.80.000)
Search.com Bar (Version: 1.0.0.0)
Secunia PSI (3.0.0.1002) (Version: 3.0.0.1002)
Shop for HP Supplies (Version: 14.0)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.214.000)
Status (Version: 140.0.256.000)
SupportSoft Assisted Service (Version: 15)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebReg (Version: 140.0.212.017)
Welcome Center (Version: 1.02.3102)
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (Version: 01/29/2010 1.4.1.0)
Windows Live (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 36%
Total physical RAM: 6056.49 MB
Available physical RAM: 3842.28 MB
Total Pagefile: 12111.18 MB
Available Pagefile: 9831.27 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.33 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:917.41 GB) (Free:778.26 GB) NTFS
8 Drive j: () (Removable) (Total:3.74 GB) (Free:3.34 GB) FAT32
9 Drive k: (My Book) (Fixed) (Total:1862.98 GB) (Free:1613.13 GB) NTFS

========================= Users: ========================================

User accounts for \\OCEANA-PC

Administrator Guest Oceana


**** End of log ****


Malwarebytes Anti-Malware (PRO) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.29.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Oceana :: OCEANA-PC [administrator]

Protection: Enabled

7/29/2012 8:57:39 PM
mbam-log-2012-07-29 (20-57-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 194450
Time elapsed: 2 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-29 21:00:51
-----------------------------
21:00:51.777 OS Version: Windows x64 6.1.7601 Service Pack 1
21:00:51.777 Number of processors: 4 586 0x2A07
21:00:51.777 ComputerName: OCEANA-PC UserName: Oceana
21:00:54.211 Initialize success
21:02:48.520 AVAST engine defs: 12072901
21:03:41.747 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:03:41.763 Disk 0 Vendor: WDC_WD10 77.0 Size: 953869MB BusType: 3
21:03:41.779 Disk 0 MBR read successfully
21:03:41.779 Disk 0 MBR scan
21:03:41.779 Disk 0 Windows 7 default MBR code
21:03:41.779 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 14336 MB offset 2048
21:03:41.794 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 29362176
21:03:41.825 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 939431 MB offset 29566976
21:03:41.841 Disk 0 scanning C:\Windows\system32\drivers
21:03:47.722 Service scanning
21:04:03.901 Modules scanning
21:04:03.901 Disk 0 trace - called modules:
21:04:03.917 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
21:04:03.917 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007e36060]
21:04:03.933 3 CLASSPNP.SYS[fffff88001a0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005f9d050]
21:04:07.817 AVAST engine scan C:\Windows
21:04:11.327 AVAST engine scan C:\Windows\system32
21:06:50.526 AVAST engine scan C:\Windows\system32\drivers
21:07:23.427 AVAST engine scan C:\Users\Oceana
21:19:29.956 AVAST engine scan C:\ProgramData
21:20:31.767 Scan finished successfully
21:24:04.540 Disk 0 MBR has been saved successfully to "C:\Users\Oceana\Desktop\MBR.dat"
21:24:04.540 The log file has been saved successfully to "C:\Users\Oceana\Desktop\aswMBR.txt"



Thanks for any help you can provide....




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users