Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Error code 0X80070424


  • Please log in to reply
15 replies to this topic

#1 Dodoram

Dodoram

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 04 July 2012 - 07:36 PM

Once I had s.m.a.r.t HDD virus. I downloaded and ran Rkill and Malware bytes, but it did not help. I then deleted two files with some odlloking_random_number.exe by searching for files downloaded on that day. I then followed some instructions on a website(Unfortunately I forgot the site or the instructions).. The s.m.a.r.t HDD problem disappeared. I tried various on-line virus scanners and they all reported no viruses.

But I noticed Windows security essentials was turned off, so I tried to turn it on. I forgot what happenned but I could not turn it on. So I uninstalled and reinstalled MSE. It installed, updated database and then started to scan. But I got a message that windows encountered a critical error and the system will reboot. This kept happenning howmany ever times I try to uninstall, do some other virus check and re-install MSE.

When I tried Control panel->windows firewall ->use recommended settings and it gives me an error that it cannot change the settings error code 0X80070424

Trying to start windows defender gave me that this specified service does not exist as an installed service - error 0X80070424

By the way i checked http://answers.microsoft.com/en-us/windows/forum/windows_7-security/error-0x80070424-the-windows-security-center/077f0b46-03ab-4787-85b8-dccebb66d91c

I do not have a folder called system64 Also I did not find any file called consrv.dll.

Other than checking for this folder and file, I did not do anything that was on this website as I am not a computer expert and did not want to do something that I should not do.

Can you please help get back the windows firewall and possibly MSE?

Thanks

Arun

Edited by Orange Blossom, 05 July 2012 - 12:19 AM.
Moved to AII ~ OB


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:38 PM

Posted 04 July 2012 - 09:07 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Dodoram

Dodoram
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 07 July 2012 - 01:49 PM

Beofre I comeplted the folloiwng, I tried something else.
I noticed that when Microsft Security Essetials started, it had a check mark to load windows firewall, if no other firewall exists. As I get the error on Control panel->windows firewall ->use recommended settings ( error code 0X80070424), I unchecked this and installed MSE. This time it did not reboot my computer. I am able to turn the real time protection on.

I still have the problem with windows firewall.

Additionally I did not have the automatic wondows update running. When I try woindows update, I get a message that this service has not started. So I went to services-> Searched for windows update, then clicked on stop and then start. Afetr this I was able to start windows update. this found some non critical updates available. But when I tried to update, I get an error 80246008 - Windows update encountered an unknown error

If I try to start windows firewall from the services wondow, I get an error that the dependency services or group failed to start.

In any case, following are the logs you asked me to upload.

BTW, I am running Windows 7 Professional. Is there anyway I can do a "repair" from the windows disk? If this is not possible then' what if I updgare to windows ultimate? Do you think all these problems will disappear or they will all migrate to the new version?

Thanks

Arun



09:31:02.0118 4384 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
09:31:02.0352 4384 ============================================================
09:31:02.0352 4384 Current date / time: 2012/07/07 09:31:02.0352
09:31:02.0352 4384 SystemInfo:
09:31:02.0352 4384
09:31:02.0352 4384 OS Version: 6.1.7601 ServicePack: 1.0
09:31:02.0352 4384 Product type: Workstation
09:31:02.0352 4384 ComputerName: ARUNPUGET
09:31:02.0352 4384 UserName: Arun
09:31:02.0352 4384 Windows directory: C:\Windows
09:31:02.0352 4384 System windows directory: C:\Windows
09:31:02.0352 4384 Running under WOW64
09:31:02.0352 4384 Processor architecture: Intel x64
09:31:02.0352 4384 Number of processors: 12
09:31:02.0352 4384 Page size: 0x1000
09:31:02.0352 4384 Boot type: Normal boot
09:31:02.0352 4384 ============================================================
09:31:02.0726 4384 Drive \Device\Harddisk1\DR1 - Size: 0x1D1A8000000 (1862.63 Gb), SectorSize: 0x200, Cylinders: 0x3B5CE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
09:31:02.0726 4384 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:31:02.0773 4384 Drive \Device\Harddisk2\DR2 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:31:02.0773 4384 ============================================================
09:31:02.0773 4384 \Device\Harddisk1\DR1:
09:31:02.0773 4384 MBR partitions:
09:31:02.0773 4384 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8D3E800
09:31:02.0773 4384 \Device\Harddisk0\DR0:
09:31:02.0773 4384 MBR partitions:
09:31:02.0773 4384 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:31:02.0773 4384 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94DC800
09:31:02.0773 4384 \Device\Harddisk2\DR2:
09:31:02.0773 4384 MBR partitions:
09:31:02.0773 4384 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
09:31:02.0773 4384 ============================================================
09:31:02.0773 4384 C: <-> \Device\Harddisk0\DR0\Partition1
09:31:02.0788 4384 D: <-> \Device\Harddisk1\DR1\Partition0
09:31:02.0820 4384 K: <-> \Device\Harddisk2\DR2\Partition0
09:31:02.0820 4384 ============================================================
09:31:02.0820 4384 Initialize success
09:31:02.0820 4384 ============================================================
09:31:09.0309 5504 ============================================================
09:31:09.0309 5504 Scan started
09:31:09.0309 5504 Mode: Manual; TDLFS;
09:31:09.0309 5504 ============================================================
09:31:09.0996 5504 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:31:09.0996 5504 1394ohci - ok
09:31:10.0027 5504 3DM2 (f1ef74e19f26dbceea4ac73c767a5142) C:\Program Files\AMCC\3DM2/3dm2.exe
09:31:10.0027 5504 Suspicious file (Hidden): C:\Program Files\AMCC\3DM2/3dm2.exe. md5: f1ef74e19f26dbceea4ac73c767a5142
09:31:10.0027 5504 3DM2 ( HiddenFile.Multi.Generic ) - warning
09:31:10.0027 5504 3DM2 - detected HiddenFile.Multi.Generic (1)
09:31:10.0042 5504 3wareDrv (c42d2bd350f6a86f4e30eec5336c28c1) C:\Windows\system32\DRIVERS\3wareDrv.sys
09:31:10.0042 5504 3wareDrv - ok
09:31:10.0058 5504 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:31:10.0058 5504 ACPI - ok
09:31:10.0058 5504 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:31:10.0058 5504 AcpiPmi - ok
09:31:10.0074 5504 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:31:10.0074 5504 AdobeARMservice - ok
09:31:10.0089 5504 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:31:10.0089 5504 AdobeFlashPlayerUpdateSvc - ok
09:31:10.0105 5504 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:31:10.0105 5504 adp94xx - ok
09:31:10.0120 5504 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:31:10.0120 5504 adpahci - ok
09:31:10.0120 5504 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:31:10.0120 5504 adpu320 - ok
09:31:10.0136 5504 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:31:10.0136 5504 AeLookupSvc - ok
09:31:10.0152 5504 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:31:10.0152 5504 AFD - ok
09:31:10.0152 5504 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:31:10.0152 5504 agp440 - ok
09:31:10.0152 5504 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:31:10.0152 5504 ALG - ok
09:31:10.0167 5504 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:31:10.0167 5504 aliide - ok
09:31:10.0167 5504 ALSysIO - ok
09:31:10.0167 5504 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:31:10.0167 5504 amdide - ok
09:31:10.0183 5504 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:31:10.0183 5504 AmdK8 - ok
09:31:10.0183 5504 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:31:10.0183 5504 AmdPPM - ok
09:31:10.0183 5504 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:31:10.0183 5504 amdsata - ok
09:31:10.0198 5504 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:31:10.0198 5504 amdsbs - ok
09:31:10.0198 5504 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:31:10.0198 5504 amdxata - ok
09:31:10.0198 5504 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:31:10.0198 5504 AppID - ok
09:31:10.0198 5504 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:31:10.0198 5504 AppIDSvc - ok
09:31:10.0214 5504 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:31:10.0214 5504 Appinfo - ok
09:31:10.0214 5504 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:31:10.0214 5504 Apple Mobile Device - ok
09:31:10.0230 5504 Application Updater (b4a30f0a7494cdbec73f6bd30fb619d9) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
09:31:10.0230 5504 Application Updater - ok
09:31:10.0245 5504 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
09:31:10.0245 5504 AppMgmt - ok
09:31:10.0245 5504 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:31:10.0245 5504 arc - ok
09:31:10.0261 5504 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:31:10.0261 5504 arcsas - ok
09:31:10.0261 5504 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:31:10.0261 5504 AsyncMac - ok
09:31:10.0261 5504 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:31:10.0261 5504 atapi - ok
09:31:10.0276 5504 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:31:10.0276 5504 AudioEndpointBuilder - ok
09:31:10.0276 5504 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:31:10.0276 5504 AudioSrv - ok
09:31:10.0292 5504 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:31:10.0292 5504 AxInstSV - ok
09:31:10.0308 5504 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:31:10.0308 5504 b06bdrv - ok
09:31:10.0308 5504 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:31:10.0308 5504 b57nd60a - ok
09:31:10.0323 5504 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:31:10.0323 5504 BDESVC - ok
09:31:10.0323 5504 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:31:10.0323 5504 Beep - ok
09:31:10.0339 5504 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:31:10.0339 5504 BFE - ok
09:31:10.0339 5504 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:31:10.0339 5504 blbdrive - ok
09:31:10.0354 5504 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
09:31:10.0354 5504 Bonjour Service - ok
09:31:10.0354 5504 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:31:10.0354 5504 bowser - ok
09:31:10.0370 5504 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:31:10.0370 5504 BrFiltLo - ok
09:31:10.0370 5504 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:31:10.0370 5504 BrFiltUp - ok
09:31:10.0370 5504 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:31:10.0370 5504 Browser - ok
09:31:10.0386 5504 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:31:10.0386 5504 Brserid - ok
09:31:10.0386 5504 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:31:10.0386 5504 BrSerWdm - ok
09:31:10.0386 5504 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:31:10.0386 5504 BrUsbMdm - ok
09:31:10.0386 5504 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:31:10.0386 5504 BrUsbSer - ok
09:31:10.0386 5504 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:31:10.0386 5504 BTHMODEM - ok
09:31:10.0401 5504 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:31:10.0401 5504 bthserv - ok
09:31:10.0401 5504 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:31:10.0401 5504 cdfs - ok
09:31:10.0401 5504 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
09:31:10.0401 5504 cdrom - ok
09:31:10.0417 5504 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:31:10.0417 5504 CertPropSvc - ok
09:31:10.0417 5504 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:31:10.0417 5504 circlass - ok
09:31:10.0417 5504 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:31:10.0432 5504 CLFS - ok
09:31:10.0432 5504 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:31:10.0432 5504 clr_optimization_v2.0.50727_32 - ok
09:31:10.0432 5504 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:31:10.0432 5504 clr_optimization_v2.0.50727_64 - ok
09:31:10.0448 5504 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:31:10.0448 5504 clr_optimization_v4.0.30319_32 - ok
09:31:10.0448 5504 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:31:10.0448 5504 clr_optimization_v4.0.30319_64 - ok
09:31:10.0448 5504 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:31:10.0448 5504 CmBatt - ok
09:31:10.0464 5504 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:31:10.0464 5504 cmdide - ok
09:31:10.0464 5504 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:31:10.0464 5504 CNG - ok
09:31:10.0479 5504 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:31:10.0479 5504 Compbatt - ok
09:31:10.0479 5504 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:31:10.0479 5504 CompositeBus - ok
09:31:10.0479 5504 COMSysApp - ok
09:31:10.0479 5504 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:31:10.0479 5504 crcdisk - ok
09:31:10.0479 5504 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
09:31:10.0479 5504 CryptSvc - ok
09:31:10.0495 5504 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
09:31:10.0495 5504 CSC - ok
09:31:10.0510 5504 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
09:31:10.0510 5504 CscService - ok
09:31:10.0526 5504 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
09:31:10.0526 5504 ctxusbm - ok
09:31:10.0526 5504 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:31:10.0526 5504 DcomLaunch - ok
09:31:10.0542 5504 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:31:10.0542 5504 defragsvc - ok
09:31:10.0542 5504 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:31:10.0542 5504 DfsC - ok
09:31:10.0557 5504 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:31:10.0557 5504 Dhcp - ok
09:31:10.0557 5504 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:31:10.0557 5504 discache - ok
09:31:10.0557 5504 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:31:10.0557 5504 Disk - ok
09:31:10.0573 5504 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:31:10.0573 5504 Dnscache - ok
09:31:10.0573 5504 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:31:10.0573 5504 dot3svc - ok
09:31:10.0588 5504 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:31:10.0588 5504 DPS - ok
09:31:10.0588 5504 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:31:10.0588 5504 drmkaud - ok
09:31:10.0604 5504 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:31:10.0604 5504 DXGKrnl - ok
09:31:10.0604 5504 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:31:10.0620 5504 EapHost - ok
09:31:10.0666 5504 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:31:10.0682 5504 ebdrv - ok
09:31:10.0698 5504 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:31:10.0698 5504 EFS - ok
09:31:10.0713 5504 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:31:10.0713 5504 ehRecvr - ok
09:31:10.0729 5504 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:31:10.0729 5504 ehSched - ok
09:31:10.0744 5504 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:31:10.0744 5504 elxstor - ok
09:31:10.0744 5504 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:31:10.0744 5504 ErrDev - ok
09:31:10.0760 5504 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:31:10.0760 5504 EventSystem - ok
09:31:10.0760 5504 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:31:10.0760 5504 exfat - ok
09:31:10.0776 5504 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:31:10.0776 5504 fastfat - ok
09:31:10.0791 5504 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:31:10.0791 5504 Fax - ok
09:31:10.0791 5504 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:31:10.0791 5504 fdc - ok
09:31:10.0791 5504 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:31:10.0791 5504 fdPHost - ok
09:31:10.0807 5504 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:31:10.0807 5504 FDResPub - ok
09:31:10.0807 5504 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:31:10.0807 5504 FileInfo - ok
09:31:10.0807 5504 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:31:10.0807 5504 Filetrace - ok
09:31:10.0807 5504 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:31:10.0807 5504 flpydisk - ok
09:31:10.0822 5504 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:31:10.0822 5504 FltMgr - ok
09:31:10.0838 5504 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:31:10.0854 5504 FontCache - ok
09:31:10.0854 5504 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:31:10.0854 5504 FontCache3.0.0.0 - ok
09:31:10.0854 5504 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:31:10.0854 5504 FsDepends - ok
09:31:10.0869 5504 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
09:31:10.0869 5504 Fs_Rec - ok
09:31:10.0869 5504 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:31:10.0869 5504 fvevol - ok
09:31:10.0869 5504 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:31:10.0869 5504 gagp30kx - ok
09:31:10.0885 5504 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:31:10.0885 5504 GEARAspiWDM - ok
09:31:10.0900 5504 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:31:10.0900 5504 gpsvc - ok
09:31:10.0900 5504 GPU-Z - ok
09:31:10.0916 5504 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:31:10.0916 5504 gupdate - ok
09:31:10.0916 5504 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:31:10.0916 5504 gupdatem - ok
09:31:10.0916 5504 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:31:10.0916 5504 gusvc - ok
09:31:10.0916 5504 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:31:10.0916 5504 hcw85cir - ok
09:31:10.0932 5504 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:31:10.0932 5504 HdAudAddService - ok
09:31:10.0932 5504 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:31:10.0932 5504 HDAudBus - ok
09:31:10.0947 5504 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:31:10.0947 5504 HidBatt - ok
09:31:10.0947 5504 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:31:10.0947 5504 HidBth - ok
09:31:10.0947 5504 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:31:10.0947 5504 HidIr - ok
09:31:10.0947 5504 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:31:10.0947 5504 hidserv - ok
09:31:10.0963 5504 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:31:10.0963 5504 HidUsb - ok
09:31:10.0963 5504 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:31:10.0963 5504 hkmsvc - ok
09:31:10.0963 5504 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:31:10.0978 5504 HomeGroupListener - ok
09:31:10.0978 5504 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:31:10.0978 5504 HomeGroupProvider - ok
09:31:10.0978 5504 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:31:10.0978 5504 HpSAMD - ok
09:31:10.0994 5504 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:31:11.0010 5504 HTTP - ok
09:31:11.0010 5504 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:31:11.0010 5504 hwpolicy - ok
09:31:11.0010 5504 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:31:11.0010 5504 i8042prt - ok
09:31:11.0025 5504 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys
09:31:11.0025 5504 iaStor - ok
09:31:11.0025 5504 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:31:11.0025 5504 IAStorDataMgrSvc - ok
09:31:11.0041 5504 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:31:11.0041 5504 iaStorV - ok
09:31:11.0056 5504 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:31:11.0056 5504 idsvc - ok
09:31:11.0072 5504 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
09:31:11.0072 5504 IHA_MessageCenter - ok
09:31:11.0088 5504 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:31:11.0088 5504 iirsp - ok
09:31:11.0103 5504 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:31:11.0119 5504 IKEEXT - ok
09:31:11.0150 5504 IntcAzAudAddService (49a81307e807c0eaad6510589dd92a3d) C:\Windows\system32\drivers\RTKVHD64.sys
09:31:11.0166 5504 IntcAzAudAddService - ok
09:31:11.0181 5504 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:31:11.0181 5504 intelide - ok
09:31:11.0181 5504 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:31:11.0181 5504 intelppm - ok
09:31:11.0181 5504 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:31:11.0181 5504 IPBusEnum - ok
09:31:11.0197 5504 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:31:11.0197 5504 IpFilterDriver - ok
09:31:11.0197 5504 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:31:11.0197 5504 IPMIDRV - ok
09:31:11.0197 5504 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:31:11.0197 5504 IPNAT - ok
09:31:11.0228 5504 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
09:31:11.0228 5504 iPod Service - ok
09:31:11.0228 5504 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:31:11.0228 5504 IRENUM - ok
09:31:11.0228 5504 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:31:11.0228 5504 isapnp - ok
09:31:11.0244 5504 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:31:11.0244 5504 iScsiPrt - ok
09:31:11.0244 5504 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:31:11.0244 5504 kbdclass - ok
09:31:11.0244 5504 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:31:11.0244 5504 kbdhid - ok
09:31:11.0259 5504 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:31:11.0259 5504 KeyIso - ok
09:31:11.0259 5504 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:31:11.0259 5504 KSecDD - ok
09:31:11.0259 5504 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:31:11.0259 5504 KSecPkg - ok
09:31:11.0259 5504 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:31:11.0259 5504 ksthunk - ok
09:31:11.0275 5504 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:31:11.0275 5504 KtmRm - ok
09:31:11.0275 5504 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:31:11.0290 5504 LanmanServer - ok
09:31:11.0290 5504 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:31:11.0290 5504 LanmanWorkstation - ok
09:31:11.0306 5504 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
09:31:11.0306 5504 LBTServ - ok
09:31:11.0306 5504 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
09:31:11.0306 5504 LHidFilt - ok
09:31:11.0306 5504 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:31:11.0306 5504 lltdio - ok
09:31:11.0322 5504 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:31:11.0322 5504 lltdsvc - ok
09:31:11.0322 5504 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:31:11.0322 5504 lmhosts - ok
09:31:11.0322 5504 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
09:31:11.0322 5504 LMouFilt - ok
09:31:11.0337 5504 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:31:11.0337 5504 LSI_FC - ok
09:31:11.0337 5504 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:31:11.0337 5504 LSI_SAS - ok
09:31:11.0337 5504 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:31:11.0337 5504 LSI_SAS2 - ok
09:31:11.0337 5504 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:31:11.0353 5504 LSI_SCSI - ok
09:31:11.0353 5504 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:31:11.0353 5504 luafv - ok
09:31:11.0353 5504 LUsbFilt (29c733e1de824670dc9315cfc9bdbcd3) C:\Windows\system32\Drivers\LUsbFilt.Sys
09:31:11.0353 5504 LUsbFilt - ok
09:31:11.0353 5504 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:31:11.0353 5504 Mcx2Svc - ok
09:31:11.0353 5504 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:31:11.0353 5504 megasas - ok
09:31:11.0368 5504 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:31:11.0368 5504 MegaSR - ok
09:31:11.0368 5504 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:31:11.0368 5504 MMCSS - ok
09:31:11.0368 5504 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:31:11.0368 5504 Modem - ok
09:31:11.0384 5504 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:31:11.0384 5504 monitor - ok
09:31:11.0384 5504 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:31:11.0384 5504 mouclass - ok
09:31:11.0384 5504 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:31:11.0384 5504 mouhid - ok
09:31:11.0384 5504 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:31:11.0384 5504 mountmgr - ok
09:31:11.0400 5504 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:31:11.0400 5504 MozillaMaintenance - ok
09:31:11.0400 5504 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
09:31:11.0400 5504 MpFilter - ok
09:31:11.0400 5504 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:31:11.0400 5504 mpio - ok
09:31:11.0415 5504 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:31:11.0415 5504 mpsdrv - ok
09:31:11.0431 5504 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:31:11.0431 5504 MpsSvc - ok
09:31:11.0431 5504 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:31:11.0431 5504 MRxDAV - ok
09:31:11.0431 5504 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:31:11.0446 5504 mrxsmb - ok
09:31:11.0446 5504 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:31:11.0446 5504 mrxsmb10 - ok
09:31:11.0446 5504 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:31:11.0446 5504 mrxsmb20 - ok
09:31:11.0446 5504 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:31:11.0446 5504 msahci - ok
09:31:11.0462 5504 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:31:11.0462 5504 msdsm - ok
09:31:11.0462 5504 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:31:11.0462 5504 MSDTC - ok
09:31:11.0462 5504 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:31:11.0462 5504 Msfs - ok
09:31:11.0478 5504 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:31:11.0478 5504 mshidkmdf - ok
09:31:11.0478 5504 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:31:11.0478 5504 msisadrv - ok
09:31:11.0478 5504 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:31:11.0478 5504 MSiSCSI - ok
09:31:11.0478 5504 msiserver - ok
09:31:11.0478 5504 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:31:11.0478 5504 MSKSSRV - ok
09:31:11.0493 5504 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:31:11.0493 5504 MsMpSvc - ok
09:31:11.0493 5504 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:31:11.0493 5504 MSPCLOCK - ok
09:31:11.0493 5504 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:31:11.0493 5504 MSPQM - ok
09:31:11.0493 5504 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:31:11.0509 5504 MsRPC - ok
09:31:11.0509 5504 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:31:11.0509 5504 mssmbios - ok
09:31:11.0509 5504 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:31:11.0509 5504 MSTEE - ok
09:31:11.0509 5504 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:31:11.0509 5504 MTConfig - ok
09:31:11.0509 5504 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
09:31:11.0509 5504 MTsensor - ok
09:31:11.0509 5504 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:31:11.0524 5504 Mup - ok
09:31:11.0524 5504 mv91xx (77073c1af9c0921ff18ee628049bb1a9) C:\Windows\system32\DRIVERS\mv91xx.sys
09:31:11.0524 5504 mv91xx - ok
09:31:11.0540 5504 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:31:11.0540 5504 napagent - ok
09:31:11.0540 5504 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:31:11.0540 5504 NativeWifiP - ok
09:31:11.0571 5504 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:31:11.0571 5504 NDIS - ok
09:31:11.0571 5504 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:31:11.0571 5504 NdisCap - ok
09:31:11.0571 5504 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:31:11.0571 5504 NdisTapi - ok
09:31:11.0571 5504 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:31:11.0571 5504 Ndisuio - ok
09:31:11.0587 5504 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:31:11.0587 5504 NdisWan - ok
09:31:11.0587 5504 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:31:11.0587 5504 NDProxy - ok
09:31:11.0587 5504 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:31:11.0587 5504 NetBIOS - ok
09:31:11.0602 5504 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:31:11.0602 5504 NetBT - ok
09:31:11.0602 5504 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:31:11.0602 5504 Netlogon - ok
09:31:11.0602 5504 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:31:11.0618 5504 Netman - ok
09:31:11.0618 5504 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:31:11.0618 5504 netprofm - ok
09:31:11.0634 5504 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:31:11.0634 5504 NetTcpPortSharing - ok
09:31:11.0634 5504 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:31:11.0634 5504 nfrd960 - ok
09:31:11.0634 5504 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:31:11.0634 5504 NisDrv - ok
09:31:11.0649 5504 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
09:31:11.0649 5504 NisSrv - ok
09:31:11.0665 5504 NitroReaderDriverReadSpool2 (42390431e604c9513d4f23fb7bdec334) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
09:31:11.0665 5504 NitroReaderDriverReadSpool2 - ok
09:31:11.0665 5504 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:31:11.0665 5504 NlaSvc - ok
09:31:11.0665 5504 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
09:31:11.0665 5504 NPF - ok
09:31:11.0680 5504 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:31:11.0680 5504 Npfs - ok
09:31:11.0680 5504 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:31:11.0680 5504 nsi - ok
09:31:11.0680 5504 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:31:11.0680 5504 nsiproxy - ok
09:31:11.0712 5504 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:31:11.0712 5504 Ntfs - ok
09:31:11.0727 5504 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:31:11.0727 5504 Null - ok
09:31:11.0743 5504 nusb3hub (8ebcb9165ee7f1571842f4d9d624a74c) C:\Windows\system32\DRIVERS\nusb3hub.sys
09:31:11.0743 5504 nusb3hub - ok
09:31:11.0743 5504 nusb3xhc (5d54dbb12bbfe07cc283fd39f2cd6d63) C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:31:11.0743 5504 nusb3xhc - ok
09:31:11.0743 5504 NVHDA (ed9380f201c8126425c09bed96dbe1e5) C:\Windows\system32\drivers\nvhda64v.sys
09:31:11.0743 5504 NVHDA - ok
09:31:11.0992 5504 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:31:12.0024 5504 nvlddmkm - ok
09:31:12.0039 5504 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:31:12.0039 5504 nvraid - ok
09:31:12.0055 5504 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:31:12.0055 5504 nvstor - ok
09:31:12.0070 5504 nvsvc (dfda089bb2cd0ff7e789e2ef6ba1e4ba) C:\Windows\system32\nvvsvc.exe
09:31:12.0086 5504 nvsvc - ok
09:31:12.0117 5504 nvUpdatusService (e7818cd4fb51284c948d68a7a85a69b8) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
09:31:12.0133 5504 nvUpdatusService - ok
09:31:12.0148 5504 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:31:12.0148 5504 nv_agp - ok
09:31:12.0148 5504 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:31:12.0148 5504 ohci1394 - ok
09:31:12.0164 5504 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:31:12.0164 5504 ose - ok
09:31:12.0258 5504 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:31:12.0273 5504 osppsvc - ok
09:31:12.0304 5504 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:31:12.0304 5504 p2pimsvc - ok
09:31:12.0304 5504 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:31:12.0304 5504 p2psvc - ok
09:31:12.0320 5504 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:31:12.0320 5504 Parport - ok
09:31:12.0320 5504 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
09:31:12.0320 5504 partmgr - ok
09:31:12.0320 5504 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:31:12.0320 5504 PcaSvc - ok
09:31:12.0336 5504 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:31:12.0336 5504 pci - ok
09:31:12.0336 5504 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:31:12.0336 5504 pciide - ok
09:31:12.0336 5504 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:31:12.0336 5504 pcmcia - ok
09:31:12.0351 5504 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:31:12.0351 5504 pcw - ok
09:31:12.0351 5504 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:31:12.0367 5504 PEAUTH - ok
09:31:12.0382 5504 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
09:31:12.0382 5504 PeerDistSvc - ok
09:31:12.0398 5504 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:31:12.0398 5504 PerfHost - ok
09:31:12.0445 5504 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:31:12.0445 5504 pla - ok
09:31:12.0460 5504 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:31:12.0460 5504 PlugPlay - ok
09:31:12.0460 5504 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:31:12.0460 5504 PNRPAutoReg - ok
09:31:12.0476 5504 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:31:12.0476 5504 PNRPsvc - ok
09:31:12.0492 5504 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:31:12.0492 5504 PolicyAgent - ok
09:31:12.0492 5504 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:31:12.0492 5504 Power - ok
09:31:12.0492 5504 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:31:12.0507 5504 PptpMiniport - ok
09:31:12.0507 5504 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:31:12.0507 5504 Processor - ok
09:31:12.0507 5504 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
09:31:12.0507 5504 ProfSvc - ok
09:31:12.0507 5504 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:31:12.0507 5504 ProtectedStorage - ok
09:31:12.0523 5504 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:31:12.0523 5504 Psched - ok
09:31:12.0523 5504 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
09:31:12.0523 5504 PxHlpa64 - ok
09:31:12.0554 5504 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:31:12.0554 5504 ql2300 - ok
09:31:12.0570 5504 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:31:12.0570 5504 ql40xx - ok
09:31:12.0585 5504 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:31:12.0585 5504 QWAVE - ok
09:31:12.0585 5504 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:31:12.0585 5504 QWAVEdrv - ok
09:31:12.0585 5504 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:31:12.0585 5504 RasAcd - ok
09:31:12.0585 5504 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:31:12.0585 5504 RasAgileVpn - ok
09:31:12.0601 5504 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:31:12.0601 5504 RasAuto - ok
09:31:12.0601 5504 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:31:12.0601 5504 Rasl2tp - ok
09:31:12.0616 5504 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:31:12.0616 5504 RasMan - ok
09:31:12.0616 5504 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:31:12.0616 5504 RasPppoe - ok
09:31:12.0616 5504 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:31:12.0616 5504 RasSstp - ok
09:31:12.0632 5504 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:31:12.0632 5504 rdbss - ok
09:31:12.0632 5504 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:31:12.0632 5504 rdpbus - ok
09:31:12.0632 5504 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:31:12.0632 5504 RDPCDD - ok
09:31:12.0632 5504 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
09:31:12.0632 5504 RDPDR - ok
09:31:12.0648 5504 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:31:12.0648 5504 RDPENCDD - ok
09:31:12.0648 5504 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:31:12.0648 5504 RDPREFMP - ok
09:31:12.0648 5504 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
09:31:12.0648 5504 RDPWD - ok
09:31:12.0663 5504 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:31:12.0663 5504 rdyboost - ok
09:31:12.0663 5504 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:31:12.0663 5504 RemoteAccess - ok
09:31:12.0663 5504 RemoteControl-USBLAN (bfa4873cd96d7144dc0059a70e1e358f) C:\Windows\system32\DRIVERS\rcblan.sys
09:31:12.0663 5504 RemoteControl-USBLAN - ok
09:31:12.0679 5504 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:31:12.0679 5504 RemoteRegistry - ok
09:31:12.0679 5504 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
09:31:12.0679 5504 rpcapd - ok
09:31:12.0694 5504 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:31:12.0694 5504 RpcEptMapper - ok
09:31:12.0694 5504 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:31:12.0694 5504 RpcLocator - ok
09:31:12.0710 5504 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:31:12.0710 5504 RpcSs - ok
09:31:12.0710 5504 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:31:12.0710 5504 rspndr - ok
09:31:12.0710 5504 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
09:31:12.0710 5504 s3cap - ok
09:31:12.0710 5504 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:31:12.0710 5504 SamSs - ok
09:31:12.0726 5504 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:31:12.0726 5504 sbp2port - ok
09:31:12.0726 5504 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:31:12.0726 5504 SCardSvr - ok
09:31:12.0726 5504 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:31:12.0726 5504 scfilter - ok
09:31:12.0757 5504 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:31:12.0757 5504 Schedule - ok
09:31:12.0757 5504 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:31:12.0757 5504 SCPolicySvc - ok
09:31:12.0757 5504 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:31:12.0772 5504 SDRSVC - ok
09:31:12.0772 5504 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:31:12.0772 5504 secdrv - ok
09:31:12.0772 5504 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:31:12.0772 5504 seclogon - ok
09:31:12.0772 5504 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:31:12.0772 5504 SENS - ok
09:31:12.0788 5504 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:31:12.0788 5504 SensrSvc - ok
09:31:12.0788 5504 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:31:12.0788 5504 Serenum - ok
09:31:12.0788 5504 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:31:12.0788 5504 Serial - ok
09:31:12.0788 5504 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:31:12.0788 5504 sermouse - ok
09:31:12.0804 5504 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:31:12.0804 5504 SessionEnv - ok
09:31:12.0804 5504 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:31:12.0804 5504 sffdisk - ok
09:31:12.0804 5504 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:31:12.0804 5504 sffp_mmc - ok
09:31:12.0804 5504 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:31:12.0804 5504 sffp_sd - ok
09:31:12.0804 5504 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:31:12.0819 5504 sfloppy - ok
09:31:12.0819 5504 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:31:12.0819 5504 SharedAccess - ok
09:31:12.0835 5504 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:31:12.0835 5504 ShellHWDetection - ok
09:31:12.0835 5504 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:31:12.0835 5504 SiSRaid2 - ok
09:31:12.0835 5504 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:31:12.0835 5504 SiSRaid4 - ok
09:31:12.0835 5504 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:31:12.0835 5504 Smb - ok
09:31:12.0850 5504 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:31:12.0850 5504 SNMPTRAP - ok
09:31:12.0850 5504 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:31:12.0850 5504 spldr - ok
09:31:12.0866 5504 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:31:12.0866 5504 Spooler - ok
09:31:12.0928 5504 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:31:12.0944 5504 sppsvc - ok
09:31:12.0960 5504 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:31:12.0960 5504 sppuinotify - ok
09:31:12.0975 5504 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:31:12.0975 5504 srv - ok
09:31:12.0991 5504 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:31:12.0991 5504 srv2 - ok
09:31:12.0991 5504 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:31:12.0991 5504 srvnet - ok
09:31:13.0006 5504 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:31:13.0006 5504 SSDPSRV - ok
09:31:13.0006 5504 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:31:13.0006 5504 SstpSvc - ok
09:31:13.0022 5504 Stereo Service (8d01686ae82b466f4cd074f31f2942ca) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:31:13.0022 5504 Stereo Service - ok
09:31:13.0022 5504 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:31:13.0022 5504 stexstor - ok
09:31:13.0022 5504 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
09:31:13.0022 5504 StillCam - ok
09:31:13.0038 5504 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:31:13.0038 5504 stisvc - ok
09:31:13.0038 5504 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
09:31:13.0038 5504 storflt - ok
09:31:13.0053 5504 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
09:31:13.0053 5504 StorSvc - ok
09:31:13.0053 5504 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
09:31:13.0053 5504 storvsc - ok
09:31:13.0053 5504 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:31:13.0053 5504 swenum - ok
09:31:13.0069 5504 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:31:13.0069 5504 SwitchBoard - ok
09:31:13.0084 5504 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:31:13.0084 5504 swprv - ok
09:31:13.0116 5504 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:31:13.0131 5504 SysMain - ok
09:31:13.0147 5504 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:31:13.0147 5504 TabletInputService - ok
09:31:13.0147 5504 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:31:13.0147 5504 TapiSrv - ok
09:31:13.0147 5504 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:31:13.0147 5504 TBS - ok
09:31:13.0194 5504 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
09:31:13.0194 5504 Tcpip - ok
09:31:13.0240 5504 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
09:31:13.0256 5504 TCPIP6 - ok
09:31:13.0272 5504 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:31:13.0272 5504 tcpipreg - ok
09:31:13.0272 5504 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:31:13.0272 5504 TDPIPE - ok
09:31:13.0272 5504 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:31:13.0272 5504 TDTCP - ok
09:31:13.0287 5504 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:31:13.0287 5504 tdx - ok
09:31:13.0287 5504 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:31:13.0287 5504 TermDD - ok
09:31:13.0303 5504 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:31:13.0303 5504 TermService - ok
09:31:13.0303 5504 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:31:13.0318 5504 Themes - ok
09:31:13.0318 5504 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:31:13.0318 5504 THREADORDER - ok
09:31:13.0318 5504 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:31:13.0318 5504 TrkWks - ok
09:31:13.0334 5504 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:31:13.0334 5504 TrustedInstaller - ok
09:31:13.0334 5504 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:31:13.0334 5504 tssecsrv - ok
09:31:13.0334 5504 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:31:13.0334 5504 TsUsbFlt - ok
09:31:13.0350 5504 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:31:13.0350 5504 tunnel - ok
09:31:13.0350 5504 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:31:13.0350 5504 uagp35 - ok
09:31:13.0365 5504 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:31:13.0365 5504 udfs - ok
09:31:13.0365 5504 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:31:13.0365 5504 UI0Detect - ok
09:31:13.0365 5504 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:31:13.0365 5504 uliagpkx - ok
09:31:13.0381 5504 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:31:13.0381 5504 umbus - ok
09:31:13.0381 5504 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:31:13.0381 5504 UmPass - ok
09:31:13.0381 5504 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
09:31:13.0381 5504 UmRdpService - ok
09:31:13.0396 5504 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:31:13.0396 5504 upnphost - ok
09:31:13.0396 5504 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
09:31:13.0396 5504 USBAAPL64 - ok
09:31:13.0412 5504 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:31:13.0412 5504 usbccgp - ok
09:31:13.0412 5504 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:31:13.0412 5504 usbcir - ok
09:31:13.0412 5504 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
09:31:13.0412 5504 usbehci - ok
09:31:13.0428 5504 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:31:13.0428 5504 usbhub - ok
09:31:13.0428 5504 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
09:31:13.0428 5504 usbohci - ok
09:31:13.0428 5504 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:31:13.0428 5504 usbprint - ok
09:31:13.0443 5504 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:31:13.0443 5504 USBSTOR - ok
09:31:13.0443 5504 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
09:31:13.0443 5504 usbuhci - ok
09:31:13.0443 5504 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:31:13.0443 5504 UxSms - ok
09:31:13.0459 5504 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:31:13.0459 5504 VaultSvc - ok
09:31:13.0459 5504 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:31:13.0459 5504 vdrvroot - ok
09:31:13.0474 5504 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:31:13.0474 5504 vds - ok
09:31:13.0474 5504 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:31:13.0474 5504 vga - ok
09:31:13.0474 5504 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:31:13.0474 5504 VgaSave - ok
09:31:13.0490 5504 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:31:13.0490 5504 vhdmp - ok
09:31:13.0490 5504 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:31:13.0490 5504 viaide - ok
09:31:13.0490 5504 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
09:31:13.0490 5504 vmbus - ok
09:31:13.0506 5504 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
09:31:13.0506 5504 VMBusHID - ok
09:31:13.0506 5504 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:31:13.0506 5504 volmgr - ok
09:31:13.0506 5504 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:31:13.0521 5504 volmgrx - ok
09:31:13.0521 5504 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:31:13.0521 5504 volsnap - ok
09:31:13.0537 5504 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:31:13.0537 5504 vsmraid - ok
09:31:13.0568 5504 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:31:13.0568 5504 VSS - ok
09:31:13.0584 5504 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
09:31:13.0584 5504 vwifibus - ok
09:31:13.0599 5504 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:31:13.0599 5504 W32Time - ok
09:31:13.0615 5504 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:31:13.0615 5504 WacomPen - ok
09:31:13.0615 5504 WajamUpdater (4aa2cc5979aff984227364f2c23b04f3) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
09:31:13.0615 5504 WajamUpdater - ok
09:31:13.0630 5504 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:31:13.0630 5504 WANARP - ok
09:31:13.0630 5504 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:31:13.0630 5504 Wanarpv6 - ok
09:31:13.0646 5504 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:31:13.0662 5504 WatAdminSvc - ok
09:31:13.0693 5504 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:31:13.0693 5504 wbengine - ok
09:31:13.0708 5504 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:31:13.0708 5504 WbioSrvc - ok
09:31:13.0724 5504 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:31:13.0724 5504 wcncsvc - ok
09:31:13.0724 5504 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:31:13.0724 5504 WcsPlugInService - ok
09:31:13.0740 5504 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:31:13.0740 5504 Wd - ok
09:31:13.0740 5504 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:31:13.0755 5504 Wdf01000 - ok
09:31:13.0755 5504 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:31:13.0755 5504 WdiServiceHost - ok
09:31:13.0755 5504 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:31:13.0755 5504 WdiSystemHost - ok
09:31:13.0771 5504 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:31:13.0771 5504 WebClient - ok
09:31:13.0771 5504 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:31:13.0771 5504 Wecsvc - ok
09:31:13.0771 5504 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:31:13.0786 5504 wercplsupport - ok
09:31:13.0786 5504 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:31:13.0786 5504 WerSvc - ok
09:31:13.0786 5504 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:31:13.0786 5504 WfpLwf - ok
09:31:13.0786 5504 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:31:13.0786 5504 WIMMount - ok
09:31:13.0802 5504 WinHttpAutoProxySvc - ok
09:31:13.0802 5504 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:31:13.0802 5504 Winmgmt - ok
09:31:13.0849 5504 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:31:13.0849 5504 WinRM - ok
09:31:13.0864 5504 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:31:13.0864 5504 WinUsb - ok
09:31:13.0880 5504 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:31:13.0896 5504 Wlansvc - ok
09:31:13.0896 5504 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:31:13.0896 5504 WmiAcpi - ok
09:31:13.0896 5504 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:31:13.0896 5504 wmiApSrv - ok
09:31:13.0911 5504 WMPNetworkSvc - ok
09:31:13.0911 5504 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:31:13.0911 5504 WPCSvc - ok
09:31:13.0911 5504 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:31:13.0911 5504 WPDBusEnum - ok
09:31:13.0911 5504 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:31:13.0927 5504 ws2ifsl - ok
09:31:13.0927 5504 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
09:31:13.0927 5504 wscsvc - ok
09:31:13.0927 5504 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:31:13.0927 5504 WSDPrintDevice - ok
09:31:13.0927 5504 WSearch - ok
09:31:13.0974 5504 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
09:31:13.0989 5504 wuauserv - ok
09:31:14.0005 5504 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:31:14.0005 5504 WudfPf - ok
09:31:14.0005 5504 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:31:14.0005 5504 wudfsvc - ok
09:31:14.0020 5504 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:31:14.0020 5504 WwanSvc - ok
09:31:14.0036 5504 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:31:14.0036 5504 YahooAUService - ok
09:31:14.0052 5504 yukonw7 (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
09:31:14.0052 5504 yukonw7 - ok
09:31:14.0067 5504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
09:31:14.0145 5504 \Device\Harddisk1\DR1 - ok
09:31:14.0145 5504 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:31:14.0208 5504 \Device\Harddisk0\DR0 - ok
09:31:14.0208 5504 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
09:31:14.0332 5504 \Device\Harddisk2\DR2 - ok
09:31:14.0332 5504 Boot (0x1200) (2047f73a6ea9eabbfbe92dd1b57fb57f) \Device\Harddisk1\DR1\Partition0
09:31:14.0332 5504 \Device\Harddisk1\DR1\Partition0 - ok
09:31:14.0332 5504 Boot (0x1200) (4c2e4fc5a16b25e1b7c7be7851b8f393) \Device\Harddisk0\DR0\Partition0
09:31:14.0332 5504 \Device\Harddisk0\DR0\Partition0 - ok
09:31:14.0348 5504 Boot (0x1200) (8abe53d9082802983a9921b1eee03a9f) \Device\Harddisk0\DR0\Partition1
09:31:14.0348 5504 \Device\Harddisk0\DR0\Partition1 - ok
09:31:14.0348 5504 Boot (0x1200) (fe331f97840c33471e871ac4bd82afae) \Device\Harddisk2\DR2\Partition0
09:31:14.0348 5504 \Device\Harddisk2\DR2\Partition0 - ok
09:31:14.0348 5504 ============================================================
09:31:14.0348 5504 Scan finished
09:31:14.0348 5504 ============================================================
09:31:14.0348 2124 Detected object count: 1
09:31:14.0348 2124 Actual detected object count: 1
09:31:20.0042 2124 3DM2 ( HiddenFile.Multi.Generic ) - skipped by user
09:31:20.0042 2124 3DM2 ( HiddenFile.Multi.Generic ) - User select action: Skip
09:31:22.0616 1728 Deinitialize success

===========================================================================================================================================================================

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-07 09:33:54
-----------------------------
09:33:54.816 OS Version: Windows x64 6.1.7601 Service Pack 1
09:33:54.816 Number of processors: 12 586 0x2C02
09:33:54.816 ComputerName: ARUNPUGET UserName: Arun
09:33:55.487 Initialize success
09:34:15.291 AVAST engine defs: 12070700
09:34:53.215 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:34:53.231 Disk 0 Vendor: INTEL_SS 2CV1 Size: 76319MB BusType: 3
09:34:53.231 Disk 1 \Device\Harddisk1\DR1 -> \Device\Scsi\3wareDrv1Port2Path0Target0Lun0
09:34:53.231 Disk 1 Vendor: AMCC____ 4.10 Size: 1907328MB BusType: 8
09:34:53.231 Disk 0 MBR read successfully
09:34:53.231 Disk 0 MBR scan
09:34:53.246 Disk 0 Windows 7 default MBR code
09:34:53.246 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:34:53.278 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 76217 MB offset 206848
09:34:53.309 Disk 0 scanning C:\Windows\system32\drivers
09:34:57.084 Service scanning
09:35:07.130 Modules scanning
09:35:07.130 Disk 0 trace - called modules:
09:35:07.645 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:35:07.645 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a61b790]
09:35:07.645 3 CLASSPNP.SYS[fffff88001d8343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800a3ed050]
09:35:08.316 AVAST engine scan C:\Windows
09:35:08.971 AVAST engine scan C:\Windows\system32
09:36:42.525 AVAST engine scan C:\Windows\system32\drivers
09:36:46.971 AVAST engine scan C:\Users\Arun
09:43:34.173 AVAST engine scan C:\ProgramData
09:44:40.379 Scan finished successfully
11:32:30.869 Disk 0 MBR has been saved successfully to "D:\Arun documents\MBR.dat"
11:32:30.900 The log file has been saved successfully to "D:\Arun documents\aswMBR.txt"

=============================================================================================================================================================================
ESET log:
C:\Windows\Installer\{1dead4b1-8fcb-462d-4b89-ec4ebd2e0e5d}\U\80000000.@ Win64/Sirefef.AL trojan cleaned by deleting - quarantined

==============================================================================================================================================================================

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:38 PM

Posted 07 July 2012 - 01:55 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{1dead4b1-8fcb-462d-4b89-ec4ebd2e0e5d}

Click on LOOK,post the generated log


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 Dodoram

Dodoram
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 08 July 2012 - 08:42 AM

Here are th elogs:




SystemLook 30.07.11 by jpshortstuff
Log created at 22:50 on 07/07/2012 by Arun
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{1dead4b1-8fcb-462d-4b89-ec4ebd2e0e5d}"
C:\Users\Arun\AppData\Local\{1dead4b1-8fcb-462d-4b89-ec4ebd2e0e5d} d--hs-- [10:02 11/01/2012]
C:\Windows\Installer\{1dead4b1-8fcb-462d-4b89-ec4ebd2e0e5d} d--hs-- [10:02 11/01/2012]

-= EOF =-
==================================================================================================================================
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.07.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Arun :: ARUNPUGET [administrator]

7/7/2012 11:19:26 PM
mbam-log-2012-07-07 (23-19-26).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 478645
Time elapsed: 17 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
========================================================================================================================================
MiniToolBox by Farbar Version: 25-06-2012
Ran by Arun (administrator) on 08-07-2012 at 09:20:04
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Connected)
Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration

========================================================================================================================
Farbar Service Scanner Version: 08-07-2012
Ran by Arun (administrator) on 08-07-2012 at 09:36:26
Running from "C:\Users\Arun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MQ6RFAS"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
=============================================================================================================================================================================
Thanks.


Arun

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:38 PM

Posted 08 July 2012 - 08:51 AM

Minitoolbox log is incomplete.Post the complete one.

#7 Dodoram

Dodoram
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 08 July 2012 - 09:56 AM

Sorry, Here is the complete log.

Thanks

Arun


MiniToolBox by Farbar Version: 25-06-2012
Ran by Arun (administrator) on 08-07-2012 at 10:54:20
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================




127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection 2 (Connected)
Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ArunPuget
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller #2
Physical Address. . . . . . . . . : 20-CF-30-7F-49-C8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::602b:e218:53c8:86b1%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 07, 2012 11:17:29 PM
Lease Expires . . . . . . . . . . : Monday, July 09, 2012 6:07:58 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 304140080
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-B7-E8-A2-20-CF-30-7F-48-65
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 20-CF-30-7F-48-65
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:800::1008
74.125.226.206
74.125.226.198
74.125.226.193
74.125.226.197
74.125.226.200
74.125.226.199
74.125.226.192
74.125.226.201
74.125.226.195
74.125.226.196
74.125.226.194


Pinging google.com [173.194.43.5] with 32 bytes of data:
Reply from 173.194.43.5: bytes=32 time=12ms TTL=252
Reply from 173.194.43.5: bytes=32 time=10ms TTL=252

Ping statistics for 173.194.43.5:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 12ms, Average = 11ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=88ms TTL=250
Reply from 72.30.38.140: bytes=32 time=87ms TTL=250

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 87ms, Maximum = 88ms, Average = 87ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...20 cf 30 7f 49 c8 ......Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller #2
10...20 cf 30 7f 48 65 ......Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 276
192.168.1.4 255.255.255.255 On-link 192.168.1.4 276
192.168.1.255 255.255.255.255 On-link 192.168.1.4 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
12 276 fe80::602b:e218:53c8:86b1/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/07/2012 02:02:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2012 02:02:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2012 11:34:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2012 11:34:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2012 11:32:58 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/07/2012 11:32:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/06/2012 08:57:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2012 03:52:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (07/05/2012 03:52:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (07/05/2012 03:52:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/08/2012 06:17:49 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.1154.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/08/2012 06:17:49 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.1154.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/08/2012 06:08:21 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.1154.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/08/2012 06:08:21 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.1154.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/08/2012 06:07:59 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (07/07/2012 11:27:39 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.1154.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/07/2012 11:27:39 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.1154.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (07/07/2012 11:18:31 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (07/07/2012 11:17:32 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5

Error: (07/07/2012 11:17:31 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (07/07/2012 02:02:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Arun\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\1XCIA3QC\esetsmartinstaller_enu.exe

Error: (07/07/2012 02:02:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Arun\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\1XCIA3QC\esetsmartinstaller_enu.exe

Error: (07/07/2012 11:34:41 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XCIA3QC\esetsmartinstaller_enu.exe

Error: (07/07/2012 11:34:41 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XCIA3QC\esetsmartinstaller_enu.exe

Error: (07/07/2012 11:32:58 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XCIA3QC\esetsmartinstaller_enu.exe

Error: (07/07/2012 11:32:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Arun\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1XCIA3QC\esetsmartinstaller_enu.exe

Error: (07/06/2012 08:57:41 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/05/2012 03:52:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003

Error: (07/05/2012 03:52:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8003

Error: (07/05/2012 03:52:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

3ware Disk Management Tools (Version: 9.5.3)
Adobe AIR (Version: 3.3.0.3650)
Adobe Community Help (Version: 3.5.23)
Adobe Creative Suite 5 Production Premium (Version: 5.0)
Adobe Dreamweaver CS5 (Version: 11.0)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Brother MFL-Pro Suite MFC-7840W (Version: 1.0.1.0)
CCleaner (Version: 3.03)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DiskAid 5.06 (Version: 5.06)
EPSON Printer Software
eReg (Version: 1.20.138.34)
ffdshow v1.2.4436 [2012-04-22] (Version: 1.2.4436.0)
Fidelity Active Trader ProŽ (Version: 9.6.96.0)
File Type Assistant
Free File Viewer 2011
Garmin Communicator Plugin (Version: 3.0.1)
Garmin Lifetime Updater (Version: 2.1.7)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.4)
Google Chrome (Version: 20.0.1132.47)
Google Talk Plugin (Version: 3.1.4.8140)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
H&R Block Deluxe + Efile + State 2011 (Version: 11.05.7102)
H&R Block New York 2011 (Version: 1.11.4401)
iCloud (Version: 1.1.0.40)
IHA_MessageCenter (Version: 1.8.8)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
Internet Explorer (Enable DEP)
IrfanView (remove only) (Version: 4.32)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (64-bit) (Version: 6.0.330)
Java™ 6 Update 33 (Version: 6.0.330)
K-Lite Mega Codec Pack 7.9.0 (Version: 7.9.0)
Logitech Harmony Remote Software 7 (Version: 7.6.0.8)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0)
Logitech Scroll App 3.0 (Version: 3.00.31)
Logitech SetPoint 6.32 (Version: 6.32.20)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
marvell 91xx driver (Version: 1.0.0.1036)
Marvell Miniport Driver (Version: 11.10.5.3)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.70.1104.04)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
NEC Electronics USB 3.0 Host Controller Driver (Version: 1.0.19.0)
Nitro Reader 2 (Version: 2.4.1.15)
NVIDIA 3D Vision Driver 260.99 (Version: 260.99)
NVIDIA Control Panel 275.33 (Version: 275.33)
NVIDIA Graphics Driver 275.33 (Version: 275.33)
NVIDIA HD Audio Driver 1.1.9.0 (Version: 1.1.9.0)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6099)
NVIDIA Update 1.3.5 (Version: 1.3.5)
NVIDIA Update Components (Version: 1.3.5)
Octoshape add-in for Adobe Flash Player
OpenAL
PC Optimizer Pro (Version: 6.1.7.4)
PDF Settings CS5 (Version: 10.0)
Picasa 3 (Version: 3.8)
psykopaint (Version: 1.1.6)
PVSonyDll (Version: 1.00.0001)
PxMergeModule (Version: 1.00.0000)
Question Writer 4 (Version: 4.0.0)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.5973)
Remote Control USB Driver (Version: 2.3.2.317)
Safari (Version: 5.34.57.2)
Snagit 10.0.1 (Version: 10.0.1)
Snagit 11 (Version: 11.0.0)
Tweaking.com - Windows Repair (All in One) (Version: 1.7.5)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Virtual Account Numbers (Version: 1.0.1.0)
Virtual Account Numbers (Version: 3.7.11.0)
VLC media player 2.0.1 (Version: 2.0.1)
Vz In Home Agent (Version: 8.03.53)
Wajam (Version: 1.28)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WM Capture 5 (Version: 5.0)
WM Recorder
WM Splitter 1.9 (Version: 1.9)
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers Runtime 1.10.01 (Version: 1.10.01)
YouTube Downloader Toolbar v6.0 (Version: 6.0)
YTD Video Downloader 3.9

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 12279.11 MB
Available physical RAM: 7870.64 MB
Total Pagefile: 12277.3 MB
Available Pagefile: 7607.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3956.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:74.43 GB) (Free:5.25 GB) NTFS
2 Drive d: () (Fixed) (Total:1862.62 GB) (Free:1703.71 GB) NTFS
4 Drive k: (FreeAgent Drive) (Fixed) (Total:698.64 GB) (Free:2.98 GB) NTFS

========================= Users: ========================================

User accounts for \\ARUNPUGET

Administrator Arun Guest
UpdatusUser


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:38 PM

Posted 08 July 2012 - 11:29 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Arun\AppData\Local\{1dead4b1-8fcb-462d-4b89-ec4ebd2e0e5d}
C:\Windows\Installer\{1dead4b1-8fcb-462d-4b89-ec4ebd2e0e5d}

delete both the folders

Create a restore point before this

DOwnload

BITS
Windefend

Launch the registry keys,click YES,restart the PC

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

Edited by narenxp, 08 July 2012 - 11:32 PM.


#9 Dodoram

Dodoram
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 09 July 2012 - 11:30 AM

I did them all, here is the FSSlog after completing the steps:


Farbar Service Scanner Version: 08-07-2012
Ran by Arun (administrator) on 09-07-2012 at 12:28:59
Running from "D:\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:38 PM

Posted 09 July 2012 - 11:36 AM

Press Windows+R key and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok

Press Windows+R key and type


services.msc
and click ok

start the base filtering engine and then windows firewall service

Post the new FSS log

#11 Dodoram

Dodoram
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 09 July 2012 - 11:58 AM

Following is the FSS log. (pls note that I have not re-started the computer. It appears windows Firewall and BFE started fine.
Thanks for all your help,you saved me the frustration of reinstalling wondows. Please let me know next steps.



Farbar Service Scanner Version: 08-07-2012
Ran by Arun (administrator) on 09-07-2012 at 12:55:07
Running from "D:\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:38 PM

Posted 09 July 2012 - 10:14 PM

grt :thumbsup:

Remove all the tools we have used

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#13 Dodoram

Dodoram
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 10 July 2012 - 04:23 PM

How do I turn off system restore?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:38 PM

Posted 10 July 2012 - 06:27 PM

Please follow the guide given in the link

#15 Dodoram

Dodoram
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:07:38 PM

Posted 11 July 2012 - 10:11 PM

Thanks. The main problem is solved with your help. One question though. When I clicked on "configure" button in the system protection , the option "turn off system restore" was already checked. Is this normal? The restore point I created appeasr in the retore points, so that went well anyway.

After it created the system restore, I got a blue screen with Error 0X0000007E (...) and volsnap.sys address.....

But after I rebooted, windows started normally. Should I post this in another forum or is this the right place for this? (Should I have to post this as a new post?)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users