Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trying to deal with Trojan.Dropper.Generic_c.MMI and Trojan.Dropper.BCMiner


  • Please log in to reply
52 replies to this topic

#1 zeiss

zeiss

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 12:43 AM

Yesterday, one of my PC's was infected with Trojan.Dropper.Generic_c.MMI . I realized something was wrong when Google Chrome stopped me from logging into my Facebook because the connection was insecure. Then, the trojan was detected by AVG. I had a friend (who is a lot more tech-savvy than me) come over and take a look at it. He downloaded a tool called "Combofix" and apparently it fixed the issue on that PC. I haven't had any issues with that PC since then, even after several scans with MalwareBytes, AVG, and Security Essentials.

Today, I woke up to a DIFFERENT PC being infected. This time, the symptoms were a bit different. I had tried logging into my Facebook and the same Google Chrome error appeared. Suddenly, I realized Security Essentials was offline and I got error messages when I tried reenabling it. Also, Windows Firewall was offline and when I tried to enable it, I got error 0x8007042. I ran a scan with MalwareBytes and Trojan.Dropper.BCMiner was detected. I called my friend over again and he reinstalled Security Essentials and did a scan and nothing was found. Then he installed AVG Free and "Trojan.Dropper.Generic_c.MMI" was detected. I thought that was extremely odd since my other PC had the same trojan the day before. He then ran "Combofix" on this PC. According to him, it was successful, saying that "services.exe was disinfected" or something along that line. However, Windows Firewall was still having the previously stated issue. He has already left and I'm unconvinced. I don't trust this PC whatsoever.

Any assistance would be greatly appreciated. Thanks so much.

(I read through the pinned threads and apparently Combofix shouldn't be run unless stated by someone trained. I don't think my friend is trained but he is a Computer Science major. I hope this doesn't affect my ability to get help. :( )

EDIT: I'm running Windows 7 Professional 64bit on the currently infected PC. I was running Windows 7 Home Premium 64bit on the PC that was infected yesterday.

Edited by zeiss, 09 July 2012 - 01:01 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:13 AM

Posted 09 July 2012 - 03:00 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 zeiss

zeiss
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 04:40 PM

Thanks for the quick reply. Would you suggest I run these scans on my previously infected PC as well? Here are the logs from my currently infected PC:

--TDSSKiller Log--

10:17:32.0195 5888 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
10:17:32.0398 5888 ============================================================
10:17:32.0398 5888 Current date / time: 2012/07/09 10:17:32.0398
10:17:32.0398 5888 SystemInfo:
10:17:32.0398 5888
10:17:32.0398 5888 OS Version: 6.1.7601 ServicePack: 1.0
10:17:32.0398 5888 Product type: Workstation
10:17:32.0398 5888 ComputerName: XZEISS-PC
10:17:32.0398 5888 UserName: xZeiss
10:17:32.0398 5888 Windows directory: C:\Windows
10:17:32.0398 5888 System windows directory: C:\Windows
10:17:32.0398 5888 Running under WOW64
10:17:32.0398 5888 Processor architecture: Intel x64
10:17:32.0398 5888 Number of processors: 4
10:17:32.0398 5888 Page size: 0x1000
10:17:32.0398 5888 Boot type: Normal boot
10:17:32.0398 5888 ============================================================
10:17:35.0374 5888 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:17:35.0383 5888 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:17:35.0415 5888 Drive \Device\Harddisk6\DR6 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:17:35.0416 5888 ============================================================
10:17:35.0416 5888 \Device\Harddisk0\DR0:
10:17:35.0416 5888 MBR partitions:
10:17:35.0416 5888 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A3848C8
10:17:35.0416 5888 \Device\Harddisk1\DR1:
10:17:35.0416 5888 MBR partitions:
10:17:35.0416 5888 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
10:17:35.0416 5888 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0xE8DA38B0
10:17:35.0416 5888 \Device\Harddisk6\DR6:
10:17:35.0417 5888 MBR partitions:
10:17:35.0417 5888 \Device\Harddisk6\DR6\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:17:35.0417 5888 ============================================================
10:17:35.0429 5888 C: <-> \Device\Harddisk1\DR1\Partition1
10:17:35.0435 5888 E: <-> \Device\Harddisk0\DR0\Partition0
10:17:35.0529 5888 K: <-> \Device\Harddisk6\DR6\Partition0
10:17:35.0529 5888 ============================================================
10:17:35.0529 5888 Initialize success
10:17:35.0529 5888 ============================================================
10:18:10.0694 2784 ============================================================
10:18:10.0694 2784 Scan started
10:18:10.0694 2784 Mode: Manual; TDLFS;
10:18:10.0694 2784 ============================================================
10:18:11.0677 2784 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:18:11.0677 2784 !SASCORE - ok
10:18:12.0207 2784 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:18:12.0223 2784 1394ohci - ok
10:18:12.0254 2784 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:18:12.0254 2784 ACPI - ok
10:18:12.0269 2784 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:18:12.0269 2784 AcpiPmi - ok
10:18:12.0379 2784 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:18:12.0379 2784 AdobeARMservice - ok
10:18:12.0410 2784 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:18:12.0410 2784 adp94xx - ok
10:18:12.0441 2784 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:18:12.0441 2784 adpahci - ok
10:18:12.0457 2784 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:18:12.0457 2784 adpu320 - ok
10:18:12.0488 2784 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:18:12.0488 2784 AeLookupSvc - ok
10:18:12.0535 2784 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:18:12.0550 2784 AFD - ok
10:18:12.0566 2784 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:18:12.0566 2784 agp440 - ok
10:18:12.0597 2784 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:18:12.0597 2784 ALG - ok
10:18:12.0613 2784 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:18:12.0613 2784 aliide - ok
10:18:12.0613 2784 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:18:12.0628 2784 amdide - ok
10:18:12.0628 2784 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:18:12.0644 2784 AmdK8 - ok
10:18:12.0659 2784 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:18:12.0659 2784 AmdPPM - ok
10:18:12.0659 2784 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:18:12.0675 2784 amdsata - ok
10:18:12.0691 2784 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:18:12.0691 2784 amdsbs - ok
10:18:12.0706 2784 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:18:12.0706 2784 amdxata - ok
10:18:12.0737 2784 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:18:12.0753 2784 AppID - ok
10:18:12.0769 2784 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:18:12.0784 2784 AppIDSvc - ok
10:18:12.0815 2784 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:18:12.0815 2784 Appinfo - ok
10:18:12.0847 2784 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
10:18:12.0862 2784 AppMgmt - ok
10:18:12.0878 2784 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:18:12.0878 2784 arc - ok
10:18:12.0893 2784 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:18:12.0893 2784 arcsas - ok
10:18:12.0971 2784 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:18:13.0018 2784 aspnet_state - ok
10:18:13.0034 2784 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:18:13.0049 2784 AsyncMac - ok
10:18:13.0049 2784 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:18:13.0049 2784 atapi - ok
10:18:13.0081 2784 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:18:13.0096 2784 AudioEndpointBuilder - ok
10:18:13.0096 2784 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:18:13.0096 2784 AudioSrv - ok
10:18:13.0408 2784 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
10:18:13.0471 2784 AVGIDSAgent - ok
10:18:13.0954 2784 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:18:13.0954 2784 AVGIDSDriver - ok
10:18:13.0985 2784 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
10:18:13.0985 2784 AVGIDSFilter - ok
10:18:14.0001 2784 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
10:18:14.0001 2784 AVGIDSHA - ok
10:18:14.0048 2784 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
10:18:14.0048 2784 Avgldx64 - ok
10:18:14.0063 2784 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
10:18:14.0063 2784 Avgmfx64 - ok
10:18:14.0095 2784 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
10:18:14.0095 2784 Avgrkx64 - ok
10:18:14.0126 2784 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
10:18:14.0126 2784 Avgtdia - ok
10:18:14.0235 2784 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:18:14.0235 2784 avgwd - ok
10:18:14.0297 2784 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:18:14.0313 2784 AxInstSV - ok
10:18:14.0344 2784 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:18:14.0344 2784 b06bdrv - ok
10:18:14.0407 2784 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:18:14.0422 2784 b57nd60a - ok
10:18:14.0485 2784 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:18:14.0500 2784 BDESVC - ok
10:18:14.0516 2784 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:18:14.0531 2784 Beep - ok
10:18:14.0594 2784 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:18:14.0609 2784 BFE - ok
10:18:14.0656 2784 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
10:18:14.0656 2784 BITS - ok
10:18:14.0687 2784 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
10:18:14.0687 2784 blbdrive - ok
10:18:14.0750 2784 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:18:14.0750 2784 bowser - ok
10:18:14.0765 2784 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:18:14.0765 2784 BrFiltLo - ok
10:18:14.0781 2784 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:18:14.0781 2784 BrFiltUp - ok
10:18:14.0797 2784 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
10:18:14.0797 2784 BridgeMP - ok
10:18:14.0812 2784 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:18:14.0828 2784 Browser - ok
10:18:14.0859 2784 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:18:14.0859 2784 Brserid - ok
10:18:14.0875 2784 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:18:14.0875 2784 BrSerWdm - ok
10:18:14.0890 2784 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:18:14.0890 2784 BrUsbMdm - ok
10:18:14.0890 2784 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:18:14.0906 2784 BrUsbSer - ok
10:18:14.0921 2784 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:18:14.0921 2784 BTHMODEM - ok
10:18:14.0937 2784 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:18:14.0953 2784 bthserv - ok
10:18:14.0999 2784 catchme - ok
10:18:15.0015 2784 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:18:15.0031 2784 cdfs - ok
10:18:15.0062 2784 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:18:15.0062 2784 cdrom - ok
10:18:15.0109 2784 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:18:15.0124 2784 CertPropSvc - ok
10:18:15.0140 2784 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:18:15.0140 2784 circlass - ok
10:18:15.0155 2784 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:18:15.0171 2784 CLFS - ok
10:18:15.0218 2784 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:18:15.0218 2784 clr_optimization_v2.0.50727_32 - ok
10:18:15.0265 2784 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:18:15.0265 2784 clr_optimization_v2.0.50727_64 - ok
10:18:15.0327 2784 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:18:15.0405 2784 clr_optimization_v4.0.30319_32 - ok
10:18:15.0452 2784 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:18:15.0467 2784 clr_optimization_v4.0.30319_64 - ok
10:18:15.0483 2784 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
10:18:15.0483 2784 CmBatt - ok
10:18:15.0499 2784 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:18:15.0499 2784 cmdide - ok
10:18:15.0561 2784 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:18:15.0561 2784 CNG - ok
10:18:15.0561 2784 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
10:18:15.0561 2784 Compbatt - ok
10:18:15.0592 2784 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:18:15.0592 2784 CompositeBus - ok
10:18:15.0608 2784 COMSysApp - ok
10:18:15.0623 2784 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:18:15.0623 2784 crcdisk - ok
10:18:15.0686 2784 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
10:18:15.0701 2784 CryptSvc - ok
10:18:15.0733 2784 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
10:18:15.0748 2784 CSC - ok
10:18:15.0795 2784 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
10:18:15.0811 2784 CscService - ok
10:18:15.0857 2784 dc3d (1ca90212a99db6975c344826d11055c9) C:\Windows\system32\DRIVERS\dc3d.sys
10:18:15.0857 2784 dc3d - ok
10:18:15.0904 2784 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:18:15.0920 2784 DcomLaunch - ok
10:18:15.0951 2784 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:18:15.0967 2784 defragsvc - ok
10:18:15.0998 2784 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:18:15.0998 2784 DfsC - ok
10:18:16.0045 2784 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:18:16.0060 2784 Dhcp - ok
10:18:16.0076 2784 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:18:16.0076 2784 discache - ok
10:18:16.0107 2784 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:18:16.0107 2784 Disk - ok
10:18:16.0123 2784 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
10:18:16.0138 2784 dmvsc - ok
10:18:16.0185 2784 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:18:16.0201 2784 Dnscache - ok
10:18:16.0216 2784 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:18:16.0232 2784 dot3svc - ok
10:18:16.0247 2784 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:18:16.0263 2784 DPS - ok
10:18:16.0279 2784 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:18:16.0279 2784 drmkaud - ok
10:18:16.0325 2784 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:18:16.0325 2784 dtsoftbus01 - ok
10:18:16.0357 2784 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:18:16.0372 2784 DXGKrnl - ok
10:18:16.0388 2784 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:18:16.0403 2784 EapHost - ok
10:18:16.0497 2784 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:18:16.0559 2784 ebdrv - ok
10:18:17.0043 2784 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:18:17.0043 2784 EFS - ok
10:18:17.0090 2784 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:18:17.0105 2784 ehRecvr - ok
10:18:17.0137 2784 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:18:17.0152 2784 ehSched - ok
10:18:17.0183 2784 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:18:17.0199 2784 elxstor - ok
10:18:17.0199 2784 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:18:17.0215 2784 ErrDev - ok
10:18:17.0246 2784 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:18:17.0246 2784 EventSystem - ok
10:18:17.0293 2784 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:18:17.0308 2784 exfat - ok
10:18:17.0324 2784 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:18:17.0339 2784 fastfat - ok
10:18:17.0371 2784 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:18:17.0386 2784 Fax - ok
10:18:17.0386 2784 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:18:17.0402 2784 fdc - ok
10:18:17.0449 2784 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:18:17.0449 2784 fdPHost - ok
10:18:17.0464 2784 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:18:17.0464 2784 FDResPub - ok
10:18:17.0464 2784 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:18:17.0464 2784 FileInfo - ok
10:18:17.0480 2784 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:18:17.0495 2784 Filetrace - ok
10:18:17.0511 2784 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:18:17.0511 2784 flpydisk - ok
10:18:17.0542 2784 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:18:17.0542 2784 FltMgr - ok
10:18:17.0589 2784 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:18:17.0589 2784 FontCache - ok
10:18:17.0651 2784 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:18:17.0651 2784 FontCache3.0.0.0 - ok
10:18:17.0667 2784 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:18:17.0667 2784 FsDepends - ok
10:18:17.0698 2784 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:18:17.0698 2784 Fs_Rec - ok
10:18:17.0729 2784 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:18:17.0729 2784 fvevol - ok
10:18:17.0745 2784 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:18:17.0745 2784 gagp30kx - ok
10:18:17.0776 2784 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:18:17.0807 2784 gpsvc - ok
10:18:17.0854 2784 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:18:17.0854 2784 gupdate - ok
10:18:17.0854 2784 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:18:17.0854 2784 gupdatem - ok
10:18:17.0870 2784 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:18:17.0870 2784 hcw85cir - ok
10:18:17.0917 2784 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:18:17.0932 2784 HdAudAddService - ok
10:18:17.0963 2784 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:18:17.0963 2784 HDAudBus - ok
10:18:17.0979 2784 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:18:17.0979 2784 HidBatt - ok
10:18:17.0995 2784 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:18:18.0010 2784 HidBth - ok
10:18:18.0026 2784 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:18:18.0026 2784 HidIr - ok
10:18:18.0041 2784 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
10:18:18.0041 2784 hidserv - ok
10:18:18.0057 2784 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
10:18:18.0057 2784 HidUsb - ok
10:18:18.0151 2784 HiPatchService (7388756bc5f9fe857c400e340b878af2) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
10:18:18.0151 2784 HiPatchService - ok
10:18:18.0182 2784 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:18:18.0197 2784 hkmsvc - ok
10:18:18.0213 2784 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:18:18.0229 2784 HomeGroupListener - ok
10:18:18.0260 2784 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:18:18.0260 2784 HomeGroupProvider - ok
10:18:18.0275 2784 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:18:18.0275 2784 HpSAMD - ok
10:18:18.0322 2784 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:18:18.0322 2784 HTTP - ok
10:18:18.0353 2784 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:18:18.0353 2784 hwpolicy - ok
10:18:18.0369 2784 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:18:18.0369 2784 i8042prt - ok
10:18:18.0400 2784 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:18:18.0416 2784 iaStorV - ok
10:18:18.0525 2784 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:18:18.0525 2784 idsvc - ok
10:18:18.0868 2784 igfx (efe5a0af39a8e179624117c521f1e012) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:18:19.0071 2784 igfx - ok
10:18:19.0539 2784 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:18:19.0539 2784 iirsp - ok
10:18:19.0601 2784 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:18:19.0617 2784 IKEEXT - ok
10:18:19.0742 2784 IntcAzAudAddService (88798b4381fd58fae2da07880c177c5c) C:\Windows\system32\drivers\RTKVHD64.sys
10:18:19.0742 2784 IntcAzAudAddService - ok
10:18:19.0835 2784 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:18:19.0851 2784 IntcDAud - ok
10:18:19.0867 2784 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:18:19.0867 2784 intelide - ok
10:18:19.0882 2784 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:18:19.0882 2784 intelppm - ok
10:18:19.0913 2784 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:18:19.0929 2784 IPBusEnum - ok
10:18:19.0960 2784 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:18:19.0960 2784 IpFilterDriver - ok
10:18:20.0007 2784 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:18:20.0023 2784 iphlpsvc - ok
10:18:20.0054 2784 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:18:20.0069 2784 IPMIDRV - ok
10:18:20.0101 2784 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:18:20.0116 2784 IPNAT - ok
10:18:20.0147 2784 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:18:20.0147 2784 IRENUM - ok
10:18:20.0163 2784 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:18:20.0163 2784 isapnp - ok
10:18:20.0179 2784 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:18:20.0194 2784 iScsiPrt - ok
10:18:20.0210 2784 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:18:20.0210 2784 kbdclass - ok
10:18:20.0225 2784 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
10:18:20.0225 2784 kbdhid - ok
10:18:20.0257 2784 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:18:20.0257 2784 KeyIso - ok
10:18:20.0303 2784 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:18:20.0303 2784 KSecDD - ok
10:18:20.0319 2784 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:18:20.0319 2784 KSecPkg - ok
10:18:20.0335 2784 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:18:20.0335 2784 ksthunk - ok
10:18:20.0366 2784 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:18:20.0381 2784 KtmRm - ok
10:18:20.0413 2784 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
10:18:20.0428 2784 LanmanServer - ok
10:18:20.0444 2784 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:18:20.0459 2784 LanmanWorkstation - ok
10:18:20.0491 2784 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:18:20.0506 2784 lltdio - ok
10:18:20.0537 2784 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:18:20.0553 2784 lltdsvc - ok
10:18:20.0584 2784 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:18:20.0584 2784 lmhosts - ok
10:18:20.0662 2784 LMS (50c7ce53ef461870410355f1f2e7d515) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:18:20.0662 2784 LMS - ok
10:18:20.0693 2784 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:18:20.0693 2784 LSI_FC - ok
10:18:20.0725 2784 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:18:20.0725 2784 LSI_SAS - ok
10:18:20.0740 2784 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:18:20.0740 2784 LSI_SAS2 - ok
10:18:20.0771 2784 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:18:20.0771 2784 LSI_SCSI - ok
10:18:20.0787 2784 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:18:20.0787 2784 luafv - ok
10:18:20.0818 2784 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:18:20.0834 2784 Mcx2Svc - ok
10:18:20.0849 2784 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:18:20.0849 2784 megasas - ok
10:18:20.0896 2784 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:18:20.0896 2784 MegaSR - ok
10:18:20.0927 2784 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
10:18:20.0927 2784 MEIx64 - ok
10:18:21.0005 2784 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:18:21.0005 2784 Microsoft Office Groove Audit Service - ok
10:18:21.0021 2784 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:18:21.0037 2784 MMCSS - ok
10:18:21.0052 2784 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:18:21.0052 2784 Modem - ok
10:18:21.0083 2784 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:18:21.0083 2784 monitor - ok
10:18:21.0099 2784 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:18:21.0099 2784 mouclass - ok
10:18:21.0115 2784 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:18:21.0130 2784 mouhid - ok
10:18:21.0161 2784 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:18:21.0161 2784 mountmgr - ok
10:18:21.0208 2784 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:18:21.0239 2784 MozillaMaintenance - ok
10:18:21.0302 2784 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
10:18:21.0302 2784 MpFilter - ok
10:18:21.0317 2784 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:18:21.0317 2784 mpio - ok
10:18:21.0333 2784 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:18:21.0333 2784 mpsdrv - ok
10:18:21.0395 2784 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:18:21.0411 2784 MpsSvc - ok
10:18:21.0427 2784 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:18:21.0442 2784 MRxDAV - ok
10:18:21.0473 2784 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:18:21.0473 2784 mrxsmb - ok
10:18:21.0505 2784 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:18:21.0505 2784 mrxsmb10 - ok
10:18:21.0520 2784 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:18:21.0536 2784 mrxsmb20 - ok
10:18:21.0551 2784 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:18:21.0551 2784 msahci - ok
10:18:21.0567 2784 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:18:21.0567 2784 msdsm - ok
10:18:21.0598 2784 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:18:21.0598 2784 MSDTC - ok
10:18:21.0614 2784 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:18:21.0629 2784 Msfs - ok
10:18:21.0645 2784 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:18:21.0645 2784 mshidkmdf - ok
10:18:21.0661 2784 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:18:21.0661 2784 msisadrv - ok
10:18:21.0676 2784 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:18:21.0692 2784 MSiSCSI - ok
10:18:21.0692 2784 msiserver - ok
10:18:21.0723 2784 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:18:21.0723 2784 MSKSSRV - ok
10:18:21.0817 2784 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:18:21.0817 2784 MsMpSvc - ok
10:18:21.0848 2784 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:18:21.0848 2784 MSPCLOCK - ok
10:18:21.0848 2784 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:18:21.0863 2784 MSPQM - ok
10:18:21.0879 2784 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:18:21.0879 2784 MsRPC - ok
10:18:21.0895 2784 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:18:21.0895 2784 mssmbios - ok
10:18:21.0895 2784 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:18:21.0910 2784 MSTEE - ok
10:18:21.0910 2784 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
10:18:21.0910 2784 MTConfig - ok
10:18:21.0926 2784 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:18:21.0926 2784 Mup - ok
10:18:21.0957 2784 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:18:21.0957 2784 napagent - ok
10:18:21.0988 2784 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:18:22.0004 2784 NativeWifiP - ok
10:18:22.0113 2784 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:18:22.0113 2784 NDIS - ok
10:18:22.0129 2784 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:18:22.0144 2784 NdisCap - ok
10:18:22.0160 2784 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:18:22.0160 2784 NdisTapi - ok
10:18:22.0207 2784 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:18:22.0207 2784 Ndisuio - ok
10:18:22.0238 2784 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:18:22.0238 2784 NdisWan - ok
10:18:22.0269 2784 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:18:22.0285 2784 NDProxy - ok
10:18:22.0300 2784 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:18:22.0316 2784 NetBIOS - ok
10:18:22.0331 2784 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:18:22.0331 2784 NetBT - ok
10:18:22.0363 2784 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:18:22.0363 2784 Netlogon - ok
10:18:22.0409 2784 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:18:22.0409 2784 Netman - ok
10:18:22.0503 2784 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:22.0534 2784 NetMsmqActivator - ok
10:18:22.0534 2784 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:22.0534 2784 NetPipeActivator - ok
10:18:22.0550 2784 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:18:22.0550 2784 netprofm - ok
10:18:22.0628 2784 netr28x (f1814e62eb6e50472afc9903525ecec1) C:\Windows\system32\DRIVERS\netr28x.sys
10:18:22.0643 2784 netr28x - ok
10:18:22.0675 2784 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:22.0675 2784 NetTcpActivator - ok
10:18:22.0675 2784 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:18:22.0675 2784 NetTcpPortSharing - ok
10:18:23.0080 2784 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:18:23.0080 2784 nfrd960 - ok
10:18:23.0127 2784 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:18:23.0127 2784 NisDrv - ok
10:18:23.0205 2784 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
10:18:23.0205 2784 NisSrv - ok
10:18:23.0236 2784 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:18:23.0236 2784 NlaSvc - ok
10:18:23.0252 2784 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:18:23.0252 2784 Npfs - ok
10:18:23.0267 2784 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:18:23.0267 2784 nsi - ok
10:18:23.0283 2784 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:18:23.0283 2784 nsiproxy - ok
10:18:23.0361 2784 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:18:23.0361 2784 Ntfs - ok
10:18:23.0486 2784 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:18:23.0486 2784 Null - ok
10:18:23.0891 2784 nvlddmkm (ba0b4889c40380a01ecdf84c227a89c9) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:18:23.0954 2784 nvlddmkm - ok
10:18:24.0079 2784 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:18:24.0079 2784 nvraid - ok
10:18:24.0094 2784 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:18:24.0094 2784 nvstor - ok
10:18:24.0141 2784 nvsvc (06633cf95bea62164c3bfca24bce6b11) C:\Windows\system32\nvvsvc.exe
10:18:24.0157 2784 nvsvc - ok
10:18:24.0203 2784 nvUpdatusService (53b629ce436b110c5689c2f6439e567b) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:18:24.0219 2784 nvUpdatusService - ok
10:18:24.0313 2784 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:18:24.0313 2784 nv_agp - ok
10:18:24.0437 2784 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:18:24.0437 2784 odserv - ok
10:18:24.0453 2784 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:18:24.0469 2784 ohci1394 - ok
10:18:24.0484 2784 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:18:24.0515 2784 ose - ok
10:18:24.0562 2784 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:18:24.0578 2784 p2pimsvc - ok
10:18:24.0609 2784 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:18:24.0625 2784 p2psvc - ok
10:18:24.0640 2784 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
10:18:24.0640 2784 Parport - ok
10:18:24.0671 2784 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:18:24.0671 2784 partmgr - ok
10:18:24.0687 2784 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:18:24.0703 2784 PcaSvc - ok
10:18:24.0718 2784 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:18:24.0718 2784 pci - ok
10:18:24.0734 2784 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:18:24.0734 2784 pciide - ok
10:18:24.0749 2784 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:18:24.0749 2784 pcmcia - ok
10:18:24.0765 2784 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:18:24.0765 2784 pcw - ok
10:18:24.0796 2784 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:18:24.0812 2784 PEAUTH - ok
10:18:24.0859 2784 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
10:18:24.0890 2784 PeerDistSvc - ok
10:18:24.0952 2784 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:18:24.0952 2784 PerfHost - ok
10:18:25.0373 2784 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:18:25.0389 2784 pla - ok
10:18:25.0451 2784 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:18:25.0467 2784 PlugPlay - ok
10:18:25.0467 2784 PnkBstrA - ok
10:18:25.0498 2784 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:18:25.0514 2784 PNRPAutoReg - ok
10:18:25.0529 2784 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:18:25.0529 2784 PNRPsvc - ok
10:18:25.0592 2784 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
10:18:25.0592 2784 Point64 - ok
10:18:25.0623 2784 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:18:25.0639 2784 PolicyAgent - ok
10:18:25.0670 2784 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:18:25.0685 2784 Power - ok
10:18:25.0717 2784 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:18:25.0732 2784 PptpMiniport - ok
10:18:25.0732 2784 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:18:25.0748 2784 Processor - ok
10:18:25.0779 2784 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
10:18:25.0795 2784 ProfSvc - ok
10:18:25.0810 2784 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:18:25.0810 2784 ProtectedStorage - ok
10:18:25.0826 2784 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:18:25.0841 2784 Psched - ok
10:18:25.0888 2784 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:18:25.0919 2784 ql2300 - ok
10:18:26.0372 2784 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:18:26.0372 2784 ql40xx - ok
10:18:26.0403 2784 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:18:26.0403 2784 QWAVE - ok
10:18:26.0419 2784 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:18:26.0419 2784 QWAVEdrv - ok
10:18:26.0434 2784 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:18:26.0450 2784 RasAcd - ok
10:18:26.0481 2784 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:18:26.0481 2784 RasAgileVpn - ok
10:18:26.0512 2784 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:18:26.0512 2784 RasAuto - ok
10:18:26.0528 2784 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:18:26.0543 2784 Rasl2tp - ok
10:18:26.0575 2784 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:18:26.0590 2784 RasMan - ok
10:18:26.0606 2784 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:18:26.0621 2784 RasPppoe - ok
10:18:26.0637 2784 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:18:26.0653 2784 RasSstp - ok
10:18:26.0668 2784 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:18:26.0684 2784 rdbss - ok
10:18:26.0684 2784 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
10:18:26.0699 2784 rdpbus - ok
10:18:26.0715 2784 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:18:26.0715 2784 RDPCDD - ok
10:18:26.0746 2784 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
10:18:26.0762 2784 RDPDR - ok
10:18:26.0762 2784 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:18:26.0762 2784 RDPENCDD - ok
10:18:26.0793 2784 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:18:26.0809 2784 RDPREFMP - ok
10:18:26.0840 2784 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
10:18:26.0840 2784 RDPWD - ok
10:18:26.0855 2784 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:18:26.0855 2784 rdyboost - ok
10:18:26.0918 2784 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:18:26.0918 2784 RemoteAccess - ok
10:18:26.0949 2784 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:18:26.0965 2784 RemoteRegistry - ok
10:18:26.0980 2784 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:18:26.0996 2784 RpcEptMapper - ok
10:18:26.0996 2784 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:18:27.0011 2784 RpcLocator - ok
10:18:27.0027 2784 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:18:27.0027 2784 RpcSs - ok
10:18:27.0043 2784 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:18:27.0043 2784 rspndr - ok
10:18:27.0121 2784 RTL8167 (ed5873f7dfb2f96d37f13322211b6bdc) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:18:27.0121 2784 RTL8167 - ok
10:18:27.0152 2784 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
10:18:27.0152 2784 s3cap - ok
10:18:27.0167 2784 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:18:27.0167 2784 SamSs - ok
10:18:27.0214 2784 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:18:27.0214 2784 SASDIFSV - ok
10:18:27.0214 2784 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:18:27.0214 2784 SASKUTIL - ok
10:18:27.0230 2784 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:18:27.0230 2784 sbp2port - ok
10:18:27.0245 2784 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:18:27.0261 2784 SCardSvr - ok
10:18:27.0277 2784 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:18:27.0277 2784 scfilter - ok
10:18:27.0323 2784 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:18:27.0339 2784 Schedule - ok
10:18:27.0370 2784 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:18:27.0370 2784 SCPolicySvc - ok
10:18:27.0386 2784 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:18:27.0401 2784 SDRSVC - ok
10:18:27.0448 2784 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:18:27.0464 2784 secdrv - ok
10:18:27.0464 2784 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:18:27.0479 2784 seclogon - ok
10:18:27.0495 2784 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
10:18:27.0495 2784 SENS - ok
10:18:27.0511 2784 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:18:27.0526 2784 SensrSvc - ok
10:18:27.0542 2784 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
10:18:27.0542 2784 Serenum - ok
10:18:27.0557 2784 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
10:18:27.0573 2784 Serial - ok
10:18:27.0604 2784 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:18:27.0620 2784 sermouse - ok
10:18:27.0635 2784 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:18:27.0651 2784 SessionEnv - ok
10:18:27.0651 2784 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:18:27.0667 2784 sffdisk - ok
10:18:27.0667 2784 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:18:27.0682 2784 sffp_mmc - ok
10:18:27.0682 2784 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:18:27.0682 2784 sffp_sd - ok
10:18:27.0698 2784 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:18:27.0698 2784 sfloppy - ok
10:18:27.0823 2784 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:18:27.0838 2784 SharedAccess - ok
10:18:27.0854 2784 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:18:27.0869 2784 ShellHWDetection - ok
10:18:27.0885 2784 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:18:27.0885 2784 SiSRaid2 - ok
10:18:27.0901 2784 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:18:27.0901 2784 SiSRaid4 - ok
10:18:28.0057 2784 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:18:28.0057 2784 Skype C2C Service - ok
10:18:28.0135 2784 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
10:18:28.0135 2784 SkypeUpdate - ok
10:18:28.0603 2784 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:18:28.0618 2784 Smb - ok
10:18:28.0649 2784 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:18:28.0649 2784 SNMPTRAP - ok
10:18:28.0665 2784 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:18:28.0665 2784 spldr - ok
10:18:28.0696 2784 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:18:28.0696 2784 Spooler - ok
10:18:28.0805 2784 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:18:28.0805 2784 sppsvc - ok
10:18:28.0915 2784 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:18:28.0915 2784 sppuinotify - ok
10:18:28.0977 2784 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:18:28.0993 2784 srv - ok
10:18:29.0024 2784 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:18:29.0024 2784 srv2 - ok
10:18:29.0055 2784 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:18:29.0055 2784 srvnet - ok
10:18:29.0086 2784 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:18:29.0086 2784 SSDPSRV - ok
10:18:29.0102 2784 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:18:29.0102 2784 SstpSvc - ok
10:18:29.0164 2784 Steam Client Service - ok
10:18:29.0242 2784 Stereo Service (c354621b6b94e10ae7f5cdbe745feb86) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:18:29.0242 2784 Stereo Service - ok
10:18:29.0258 2784 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:18:29.0258 2784 stexstor - ok
10:18:29.0305 2784 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:18:29.0320 2784 stisvc - ok
10:18:29.0367 2784 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
10:18:29.0367 2784 storflt - ok
10:18:29.0383 2784 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
10:18:29.0398 2784 StorSvc - ok
10:18:29.0414 2784 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
10:18:29.0414 2784 storvsc - ok
10:18:29.0429 2784 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:18:29.0429 2784 swenum - ok
10:18:29.0445 2784 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:18:29.0461 2784 swprv - ok
10:18:29.0554 2784 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:18:29.0570 2784 SysMain - ok
10:18:30.0022 2784 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:18:30.0022 2784 TabletInputService - ok
10:18:30.0069 2784 tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
10:18:30.0085 2784 tap0901t - ok
10:18:30.0100 2784 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:18:30.0116 2784 TapiSrv - ok
10:18:30.0131 2784 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:18:30.0147 2784 TBS - ok
10:18:30.0209 2784 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:18:30.0225 2784 Tcpip - ok
10:18:30.0350 2784 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:18:30.0365 2784 TCPIP6 - ok
10:18:30.0490 2784 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:18:30.0490 2784 tcpipreg - ok
10:18:30.0506 2784 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:18:30.0506 2784 TDPIPE - ok
10:18:30.0537 2784 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:18:30.0537 2784 TDTCP - ok
10:18:30.0568 2784 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:18:30.0584 2784 tdx - ok
10:18:30.0709 2784 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
10:18:30.0724 2784 TeamViewer7 - ok
10:18:30.0802 2784 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:18:30.0802 2784 TermDD - ok
10:18:30.0865 2784 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:18:30.0880 2784 TermService - ok
10:18:30.0896 2784 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:18:30.0911 2784 Themes - ok
10:18:30.0927 2784 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:18:30.0927 2784 THREADORDER - ok
10:18:30.0943 2784 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:18:30.0943 2784 TrkWks - ok
10:18:30.0989 2784 truecrypt (370a6907ddf79532a39319492b1fa38a) C:\Windows\system32\drivers\truecrypt.sys
10:18:30.0989 2784 truecrypt - ok
10:18:31.0036 2784 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:18:31.0036 2784 TrustedInstaller - ok
10:18:31.0067 2784 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:18:31.0083 2784 tssecsrv - ok
10:18:31.0099 2784 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:18:31.0114 2784 TsUsbFlt - ok
10:18:31.0130 2784 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
10:18:31.0130 2784 TsUsbGD - ok
10:18:31.0161 2784 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:18:31.0177 2784 tunnel - ok
10:18:31.0255 2784 TunngleService (f8302e3e534af5e3f2588a974bea80df) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
10:18:31.0442 2784 TunngleService - ok
10:18:31.0457 2784 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:18:31.0457 2784 uagp35 - ok
10:18:31.0473 2784 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:18:31.0489 2784 udfs - ok
10:18:31.0504 2784 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:18:31.0520 2784 UI0Detect - ok
10:18:31.0551 2784 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:18:31.0551 2784 uliagpkx - ok
10:18:31.0582 2784 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:18:31.0582 2784 umbus - ok
10:18:31.0598 2784 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
10:18:31.0613 2784 UmPass - ok
10:18:31.0645 2784 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
10:18:31.0660 2784 UmRdpService - ok
10:18:31.0801 2784 UNS (374ebda379a8f38e0cfc2211611e7167) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:18:31.0847 2784 UNS - ok
10:18:32.0300 2784 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:18:32.0300 2784 upnphost - ok
10:18:32.0347 2784 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
10:18:32.0362 2784 usbaudio - ok
10:18:32.0378 2784 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:18:32.0393 2784 usbccgp - ok
10:18:32.0409 2784 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:18:32.0409 2784 usbcir - ok
10:18:32.0440 2784 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:18:32.0440 2784 usbehci - ok
10:18:32.0627 2784 USBET (1f8762a4d23b2be5783fc305640b6935) C:\Windows\system32\DRIVERS\ETdrv.sys
10:18:32.0752 2784 USBET - ok
10:18:32.0861 2784 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
10:18:32.0861 2784 usbhub - ok
10:18:32.0877 2784 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:18:32.0893 2784 usbohci - ok
10:18:32.0908 2784 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:18:32.0908 2784 usbprint - ok
10:18:32.0955 2784 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:18:32.0955 2784 usbscan - ok
10:18:32.0971 2784 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:18:32.0971 2784 USBSTOR - ok
10:18:33.0002 2784 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:18:33.0002 2784 usbuhci - ok
10:18:33.0033 2784 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
10:18:33.0049 2784 usbvideo - ok
10:18:33.0064 2784 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:18:33.0080 2784 UxSms - ok
10:18:33.0095 2784 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:18:33.0095 2784 VaultSvc - ok
10:18:33.0111 2784 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:18:33.0111 2784 vdrvroot - ok
10:18:33.0158 2784 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:18:33.0173 2784 vds - ok
10:18:33.0189 2784 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:18:33.0205 2784 vga - ok
10:18:33.0205 2784 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:18:33.0220 2784 VgaSave - ok
10:18:33.0236 2784 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:18:33.0236 2784 vhdmp - ok
10:18:33.0251 2784 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:18:33.0251 2784 viaide - ok
10:18:33.0267 2784 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
10:18:33.0267 2784 vmbus - ok
10:18:33.0283 2784 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
10:18:33.0283 2784 VMBusHID - ok
10:18:33.0314 2784 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:18:33.0314 2784 volmgr - ok
10:18:33.0329 2784 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:18:33.0329 2784 volmgrx - ok
10:18:33.0345 2784 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:18:33.0361 2784 volsnap - ok
10:18:33.0376 2784 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:18:33.0376 2784 vsmraid - ok
10:18:33.0423 2784 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:18:33.0439 2784 VSS - ok
10:18:33.0891 2784 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:18:33.0907 2784 vwifibus - ok
10:18:33.0938 2784 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:18:33.0938 2784 vwififlt - ok
10:18:33.0969 2784 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:18:33.0985 2784 W32Time - ok
10:18:34.0000 2784 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:18:34.0016 2784 WacomPen - ok
10:18:34.0031 2784 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:18:34.0047 2784 WANARP - ok
10:18:34.0047 2784 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:18:34.0063 2784 Wanarpv6 - ok
10:18:34.0125 2784 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:18:34.0156 2784 WatAdminSvc - ok
10:18:34.0203 2784 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:18:34.0234 2784 wbengine - ok
10:18:34.0328 2784 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:18:34.0343 2784 WbioSrvc - ok
10:18:34.0375 2784 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:18:34.0390 2784 wcncsvc - ok
10:18:34.0390 2784 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:18:34.0406 2784 WcsPlugInService - ok
10:18:34.0437 2784 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:18:34.0453 2784 Wd - ok
10:18:34.0484 2784 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:18:34.0484 2784 Wdf01000 - ok
10:18:34.0499 2784 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:18:34.0499 2784 WdiServiceHost - ok
10:18:34.0499 2784 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:18:34.0499 2784 WdiSystemHost - ok
10:18:34.0531 2784 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:18:34.0546 2784 WebClient - ok
10:18:34.0562 2784 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:18:34.0577 2784 Wecsvc - ok
10:18:34.0593 2784 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:18:34.0609 2784 wercplsupport - ok
10:18:34.0624 2784 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:18:34.0640 2784 WerSvc - ok
10:18:34.0671 2784 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:18:34.0671 2784 WfpLwf - ok
10:18:34.0687 2784 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:18:34.0687 2784 WIMMount - ok
10:18:34.0765 2784 WinDefend - ok
10:18:34.0765 2784 WinHttpAutoProxySvc - ok
10:18:35.0404 2784 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:18:35.0420 2784 Winmgmt - ok
10:18:35.0482 2784 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:18:35.0498 2784 WinRM - ok
10:18:35.0981 2784 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:18:35.0997 2784 Wlansvc - ok
10:18:36.0059 2784 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:18:36.0059 2784 wlcrasvc - ok
10:18:36.0137 2784 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:18:36.0153 2784 wlidsvc - ok
10:18:36.0247 2784 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:18:36.0247 2784 WmiAcpi - ok
10:18:36.0293 2784 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:18:36.0309 2784 wmiApSrv - ok
10:18:36.0356 2784 WMPNetworkSvc - ok
10:18:36.0371 2784 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:18:36.0387 2784 WPCSvc - ok
10:18:36.0668 2784 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:18:36.0668 2784 WPDBusEnum - ok
10:18:36.0699 2784 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:18:36.0699 2784 ws2ifsl - ok
10:18:36.0715 2784 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
10:18:36.0715 2784 wscsvc - ok
10:18:36.0715 2784 WSearch - ok
10:18:36.0808 2784 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
10:18:36.0824 2784 wuauserv - ok
10:18:36.0917 2784 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:18:36.0917 2784 WudfPf - ok
10:18:36.0964 2784 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:18:36.0964 2784 WUDFRd - ok
10:18:36.0980 2784 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:18:36.0995 2784 wudfsvc - ok
10:18:37.0011 2784 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:18:37.0027 2784 WwanSvc - ok
10:18:37.0058 2784 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:18:37.0323 2784 \Device\Harddisk0\DR0 - ok
10:18:37.0339 2784 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
10:18:37.0619 2784 \Device\Harddisk1\DR1 - ok
10:18:37.0619 2784 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk6\DR6
10:18:37.0791 2784 \Device\Harddisk6\DR6 - ok
10:18:37.0807 2784 Boot (0x1200) (545f931bc0c5c26d4f6083823d49b023) \Device\Harddisk0\DR0\Partition0
10:18:37.0807 2784 \Device\Harddisk0\DR0\Partition0 - ok
10:18:37.0807 2784 Boot (0x1200) (a30e26a0d3f122b4eb7059af360390b7) \Device\Harddisk1\DR1\Partition0
10:18:37.0807 2784 \Device\Harddisk1\DR1\Partition0 - ok
10:18:37.0822 2784 Boot (0x1200) (e0afbe46f0cde4059a29aff52fba2dcf) \Device\Harddisk1\DR1\Partition1
10:18:37.0822 2784 \Device\Harddisk1\DR1\Partition1 - ok
10:18:37.0822 2784 Boot (0x1200) (43e347db6c255cf0a0a6040163b44af8) \Device\Harddisk6\DR6\Partition0
10:18:37.0822 2784 \Device\Harddisk6\DR6\Partition0 - ok
10:18:37.0822 2784 ============================================================
10:18:37.0822 2784 Scan finished
10:18:37.0822 2784 ============================================================
10:18:37.0822 2396 Detected object count: 0
10:18:37.0822 2396 Actual detected object count: 0


--aswMBR Log--


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-09 10:19:18
-----------------------------
10:19:18.148 OS Version: Windows x64 6.1.7601 Service Pack 1
10:19:18.148 Number of processors: 4 586 0x2A07
10:19:18.148 ComputerName: XZEISS-PC UserName: xZeiss
10:19:29.711 Initialize success
10:20:26.986 AVAST engine defs: 12070900
10:20:35.763 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
10:20:35.763 Disk 0 Vendor: WDC_WD5000AAKS-65A7B0 01.03B01 Size: 476940MB BusType: 3
10:20:35.763 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-3
10:20:35.763 Disk 1 Vendor: ST2000DL003-9VT166 CC3C Size: 1907729MB BusType: 3
10:20:35.809 Disk 1 MBR read successfully
10:20:35.809 Disk 1 MBR scan
10:20:35.809 Disk 1 Windows 7 default MBR code
10:20:35.825 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
10:20:35.841 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 1907527 MB offset 411648
10:20:35.887 Disk 1 scanning C:\Windows\system32\drivers
10:20:50.132 Service scanning
10:21:22.534 Modules scanning
10:21:22.538 Disk 1 trace - called modules:
10:21:22.553 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
10:21:22.556 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007da2060]
10:21:22.559 3 CLASSPNP.SYS[fffff880019c743f] -> nt!IofCallDriver -> [0xfffffa8006cbf7f0]
10:21:22.562 5 ACPI.sys[fffff88000f5e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa8007aef060]
10:21:26.131 AVAST engine scan C:\Windows
10:21:31.482 AVAST engine scan C:\Windows\system32
10:27:05.499 AVAST engine scan C:\Windows\system32\drivers
10:27:49.382 AVAST engine scan C:\Users\xZeiss
10:34:04.698 AVAST engine scan C:\ProgramData
10:37:28.965 Scan finished successfully
10:38:41.875 Disk 1 MBR has been saved successfully to "C:\MBR.dat"
10:38:41.922 The log file has been saved successfully to "C:\aswMBR.txt"

--ESET Log--
E:\PC\bootloader\tools\rageagainstthecage Android/Exploit.Lotoor.AK trojan cleaned by deleting - quarantined

----

I'm pretty sure that last result is a false positive. That was a program to unlock the bootloader on my phone that I got from XDA Developers. Anyway, thanks for the support.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:13 AM

Posted 09 July 2012 - 10:38 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

I do not find anything suspicious in your logs.Can you post the log when malwarebytes detected trojan dropper BC miner?

#5 zeiss

zeiss
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 10:54 PM

I'm in the process of scanning, but while I'm free, here's the log from Malwarebytes that detected BCMiner
---

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.05.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
xZeiss :: XZEISS-PC [administrator]

7/8/2012 11:56:18 AM
mbam-log-2012-07-08 (11-56-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 251913
Time elapsed: 3 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\Installer\{b72a0436-dff0-ae83-ebf4-5f5900539d92}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)
---

And here's the log from when AVG's resident shield detected Dropper Generic c MMI as well as something else that I was unaware of until now:

--

Resident Shield detection
Infection;"Object";"Result";"Detection time";"Object Type";"Process"
Trojan horse Dropper.Generic_c.MMI;"c:\Windows\System32\services.exe";"Object is white-listed (critical/system file that should not be removed)";"7/9/2012, 12:02:27 AM";"file";"C:\32788R22FWJFW\pev.3XE"
Trojan horse Dropper.Generic_c.MMI;"c:\Windows\System32\services.exe";"Object is white-listed (critical/system file that should not be removed)";"7/8/2012, 11:58:20 PM";"file";"C:\Windows\System32\perfmon.exe"
Trojan horse Dropper.Generic_c.MMI;"c:\Windows\System32\services.exe";"Object is white-listed (critical/system file that should not be removed)";"7/8/2012, 11:54:30 PM";"file";"C:\Windows\System32\svchost.exe"
Trojan horse Dropper.Generic_c.MMI;"c:\Windows\System32\services.exe";"Object is white-listed (critical/system file that should not be removed)";"7/8/2012, 12:49:20 PM";"file";"C:\Windows\System32\svchost.exe"
Trojan horse BackDoor.Generic15.BHGZ;"c:\Users\Aamir\AppData\Local\{b72a0436-dff0-ae83-ebf4-5f5900539d92}\n";"Infected";"7/8/2012, 12:44:38 PM";"file";"C:\Windows\explorer.exe"
Trojan horse BackDoor.Generic15.BHGZ;"c:\Users\Aamir\AppData\Local\{b72a0436-dff0-ae83-ebf4-5f5900539d92}\n";"Infected";"7/8/2012, 12:40:44 PM";"file";"C:\Windows\explorer.exe"

--

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:13 AM

Posted 09 July 2012 - 10:56 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{b72a0436-dff0-ae83-ebf4-5f5900539d92}

Click on LOOK,post the generated log

#7 zeiss

zeiss
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 11:00 PM

systemlook log:

SystemLook 30.07.11 by jpshortstuff
Log created at 23:58 on 09/07/2012 by xZeiss
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\erdnt\cache64\Services.exe --a---- 328704 bytes [04:23 09/07/2012] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\Services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{b72a0436-dff0-ae83-ebf4-5f5900539d92}"
No folders found.

-= EOF =-

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:13 AM

Posted 09 July 2012 - 11:12 PM

That looks good.What are the current issues you have on this PC?

#9 zeiss

zeiss
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 11:22 PM

I currently am unable to enable Windows Firewall. I was receiving error 0x8007042 when I tried to enable it. When I try to enable it now, Control Panel just hangs when, I'm assuming, I'm supposed to get a UAC prompt.

On a side note: I noticed svchost.exe was infected in the resident shield log. I checked out Resource Manager just now and one of its processes is using up roughly 257MB of RAM at the moment. Is this normal?

EDIT: By the way, would you still like me to run mini toolbox?

Edited by zeiss, 09 July 2012 - 11:22 PM.


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:13 AM

Posted 09 July 2012 - 11:24 PM

You were previously infected but not now.Everything looks clean.Yes i need minitoolbox log

Also

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#11 zeiss

zeiss
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 11:32 PM

minitoolbox:

MiniToolBox by Farbar Version: 25-06-2012
Ran by xZeiss (administrator) on 10-07-2012 at 00:27:00
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : xZeiss-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Tunngle:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physical Address. . . . . . . . . : 00-FF-4B-1C-C1-8F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : C8-9C-DC-EE-61-BF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::12d:c230:1908:ff16%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 09, 2012 10:15:53 AM
Lease Expires . . . . . . . . . . : Tuesday, July 10, 2012 1:49:34 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 449354972
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-51-F7-E4-C8-9C-DC-EE-61-BF
DNS Servers . . . . . . . . . . . : 167.206.245.130
167.206.245.129
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{96D54A55-90B0-486A-B986-EAE86137A8A7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:200f:31c1:3f57:ff97(Preferred)
Link-local IPv6 Address . . . . . : fe80::200f:31c1:3f57:ff97%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{4B1CC18F-03C2-4EF3-A984-868A6E816BF5}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: vdns2.srv.prnynj.cv.net
Address: 167.206.245.130

Name: google.com
Addresses: 2607:f8b0:4006:802::1001
173.194.43.6
173.194.43.14
173.194.43.2
173.194.43.9
173.194.43.5
173.194.43.8
173.194.43.3
173.194.43.0
173.194.43.1
173.194.43.4
173.194.43.7


Pinging google.com [173.194.43.9] with 32 bytes of data:
Reply from 173.194.43.9: bytes=32 time=14ms TTL=55
Reply from 173.194.43.9: bytes=32 time=12ms TTL=55

Ping statistics for 173.194.43.9:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 14ms, Average = 13ms
Server: vdns2.srv.prnynj.cv.net
Address: 167.206.245.130

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=93ms TTL=49
Reply from 72.30.38.140: bytes=32 time=159ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 93ms, Maximum = 159ms, Average = 126ms
Server: vdns2.srv.prnynj.cv.net
Address: 167.206.245.130

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...00 ff 4b 1c c1 8f ......TAP-Win32 Adapter V9 (Tunngle)
11...c8 9c dc ee 61 bf ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.104 276
192.168.0.104 255.255.255.255 On-link 192.168.0.104 276
192.168.0.255 255.255.255.255 On-link 192.168.0.104 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.104 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.104 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:200f:31c1:3f57:ff97/128
On-link
11 276 fe80::/64 On-link
12 306 fe80::/64 On-link
11 276 fe80::12d:c230:1908:ff16/128
On-link
12 306 fe80::200f:31c1:3f57:ff97/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 04 C:\Windows\SysWOW64\nwprovau.dll [File Not found] ()
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 26 C:\Windows\SysWOW64\rsvpsp.dll [File Not found] ()
Catalog9 27 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\winrnr.dll"

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/09/2012 06:18:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: Dolphin.exe, version: 0.0.0.0, time stamp: 0x4e042d4a
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000374
Fault offset: 0x00000000000c40f2
Faulting process id: 0xf34
Faulting application start time: 0xDolphin.exe0
Faulting application path: Dolphin.exe1
Faulting module path: Dolphin.exe2
Report Id: Dolphin.exe3

Error: (07/09/2012 03:51:25 PM) (Source: Application Hang) (User: )
Description: The program Dolphin.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1404

Start Time: 01cd5e0c150e7f3d

Termination Time: 196

Application Path: C:\Users\xZeiss\Documents\Dolphin\Dolphin.exe

Report Id: 75867874-c9ff-11e1-9407-c89cdcee61bf

Error: (07/09/2012 02:14:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/09/2012 10:39:47 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/09/2012 10:39:22 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/09/2012 10:33:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/09/2012 10:17:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2012 01:06:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2012 00:27:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2012 00:23:09 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/10/2012 00:17:06 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (07/10/2012 00:16:44 AM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (07/09/2012 08:09:30 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/09/2012 08:09:30 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/09/2012 10:39:37 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/09/2012 10:39:37 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/09/2012 10:16:23 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/09/2012 10:16:23 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/09/2012 10:16:23 AM) (Source: WMPNetworkSvc) (User: )
Description: 0x800700b7

Error: (07/09/2012 10:16:23 AM) (Source: WMPNetworkSvc) (User: )
Description: 00x800700b7http://+:10243/WMPNSSv4/2811996591/


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Audacity 2.0
AVG 2012 (Version: 12.0.2195)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2195)
Bandicam
Bandisoft MPEG-1 Decoder
Blacklight Retribution
BOSS (Version: 2.0.0)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
D3DX10 (Version: 15.4.2368.0902)
DDS Thumbnail Viewer (Version: 1.00.000)
Dota 2
DVD Shrink 3.2
ESET Online Scanner v3
Everything 1.2.1.371
F.lux
Fallout New Vegas
Fences Pro (Version: 1.01.222)
Fences Pro (Version: 1.01.222.18677)
FileZilla Client 3.5.3 (Version: 3.5.3)
GIMP 2.8.0 (Version: 2.8.0)
Google Chrome (Version: 20.0.1132.47)
Google Drive (Version: 1.2.3123.250)
Google Update Helper (Version: 1.3.21.111)
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
ImgBurn (Version: 2.5.7.0)
Intel® Management Engine Components (Version: 7.0.0.1144)
IrfanView (remove only) (Version: 4.32)
Java Auto Updater (Version: 2.1.6.0)
Java SE Development Kit 7 Update 4 (Version: 1.7.0.40)
Java™ 6 Update 32 (Version: 6.0.320)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
JavaFX 2.1.0 SDK (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Just Cause 2
K-Lite Codec Pack 8.8.0 (Full) (Version: 8.8.0)
Katawa Shoujo
Launchy 2.5
League of Legends (Version: 1.3)
Lightscreen
Logitech Gaming Software 5.10 (Version: 5.10.127)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nexus Mod Manager (Version: 0.18.7)
Notepad++ (Version: 6.1.2)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
Pando Media Booster (Version: 2.6.0.7)
PeerBlock 1.1 (r518) (Version: 1.1.0.518)
PunkBuster Services (Version: 0.992)
QuickTime (Version: 7.72.80.56)
Rainlendar2 (remove only)
Realtek High Definition Audio Driver (Version: 6.0.1.6343)
Revo Uninstaller 1.94 (Version: 1.94)
Skype Click to Call (Version: 6.0.10297)
Skype™ 5.10 (Version: 5.10.114)
Steam (Version: 1.0.0.0)
Super Monday Night Combat
SUPERAntiSpyware (Version: 5.0.1150)
swMSM (Version: 12.0.0.1)
Team Fortress 2
TeamViewer 7 (Version: 7.0.12979)
The Walking Dead © 3 version 1 (Version: 1)
Thrustmaster Force Feedback Driver (Version: 1.FFD.2009)
Tribes Ascend (Version: 1.0.1016.3)
TrueCrypt (Version: 7.1a)
Tunngle beta
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.1 (Version: 2.0.1)
Webcam (Version: 1.0.3.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.11 (64-bit) (Version: 4.11.0)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 8174.01 MB
Available physical RAM: 4912.68 MB
Total Pagefile: 16346.21 MB
Available Pagefile: 13224.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.32 MB

========================= Partitions: =====================================

1 Drive c: (Chocolate Muffin) (Fixed) (Total:1862.82 GB) (Free:1707.72 GB) NTFS
2 Drive d: (LGS_5_10_127) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
3 Drive e: (Strawberry Pancake) (Fixed) (Total:465.76 GB) (Free:7.77 GB) NTFS

========================= Users: ========================================

User accounts for \\XZEISS-PC

Aamir Administrator Guest
UpdatusUser xZeiss


**** End of log ****
--

FSS:

Farbar Service Scanner Version: 08-07-2012
Ran by xZeiss (administrator) on 10-07-2012 at 00:28:43
Running from "C:\Users\xZeiss\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#12 zeiss

zeiss
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 11:35 PM

By the way, the MBAM results came up clean (both the full scan and regular scan).

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:13 AM

Posted 09 July 2012 - 11:37 PM

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

Edited by narenxp, 09 July 2012 - 11:41 PM.


#14 zeiss

zeiss
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Local time:09:13 AM

Posted 09 July 2012 - 11:39 PM

The link to Windows repair tool appears to be broken. It redirects me to Tweaking.com's homepage.
Found the link to it myself on Tweaking. Running Windows repair tool now.

Also, I'm assuming since you stated "Post the FSS log", you want me to run a scan with FSS after using Windows repair tool?

Edited by zeiss, 09 July 2012 - 11:40 PM.


#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:13 AM

Posted 09 July 2012 - 11:40 PM

yes :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users