Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection Removal Help


  • Please log in to reply
12 replies to this topic

#1 Bulls729

Bulls729

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 09 July 2012 - 10:35 PM

OS: Windows 7 SP1 x64

Infection: Norton 360: Trojan.Patcep!sys (services.exe), MalwareBytes: "PUM.Hujack.StartMenu" and "Trojan.Dropper.BCMiner"

Attempted Removal: Norton 360: Fix Failed, Instructed to download NPE., Norton Power Eraser: Failed Instructed to run NBRT., Malware Bytes: Found two infections, states infections are removed, never removed., Norton Bootable Recovery Tool Power Eraser: Nothing Found, Norton Bootable Recovery Tool Advanced: Repair Failed, Instructs to install Norton Product

Upon reboot I received the following error now in Norton Autofix, 5013, 3, Product Service Dependency Failed, websites redirect every so often.

I am attempting to fix a friends computer, After the Norton Advanced Repair, I ran FRST from the Windows RE environment and got a log, I then ran DDS from inside the OS and got another log. I then ran ComboFix, I ran it from the Downloads folder as Admin, I didn't realize to run i from the Desktop, it did not appear to cause an issue however, Computer is running normal, it appears to have resolved the "services.exe" issueI also have a log from that. I am now currently running the online ESET scanner, it is currently in progress, in the threats found list it now lists.

Win64/Patched.B.Gen trojan
a varient of Win32/Sirefef.FD trojan
Win64/Agent.BA trojan
a varient of Win32/HiddenStart.A application

What should my next steps be in resolving these issues? I have not included any log file in order to comply with this forums wishes, but will provide if requested. Thank you.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:16 PM

Posted 09 July 2012 - 10:40 PM

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Bulls729

Bulls729
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 09 July 2012 - 10:57 PM

Farbar Service Scanner Version: 08-07-2012
Ran by User (administrator) on 09-07-2012 at 23:52:15
Running from "C:\Users\User\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by Bulls729, 09 July 2012 - 10:58 PM.


#4 Bulls729

Bulls729
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 09 July 2012 - 10:58 PM

23:46:56.0280 0980 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
23:46:56.0826 0980 ============================================================
23:46:56.0826 0980 Current date / time: 2012/07/09 23:46:56.0826
23:46:56.0826 0980 SystemInfo:
23:46:56.0826 0980
23:46:56.0826 0980 OS Version: 6.1.7601 ServicePack: 1.0
23:46:56.0826 0980 Product type: Workstation
23:46:56.0826 0980 ComputerName: USER-PC
23:46:56.0826 0980 UserName: User
23:46:56.0826 0980 Windows directory: C:\Windows
23:46:56.0826 0980 System windows directory: C:\Windows
23:46:56.0826 0980 Running under WOW64
23:46:56.0826 0980 Processor architecture: Intel x64
23:46:56.0826 0980 Number of processors: 3
23:46:56.0826 0980 Page size: 0x1000
23:46:56.0826 0980 Boot type: Normal boot
23:46:56.0826 0980 ============================================================
23:46:58.0527 0980 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:58.0542 0980 ============================================================
23:46:58.0542 0980 \Device\Harddisk0\DR0:
23:46:58.0542 0980 MBR partitions:
23:46:58.0542 0980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
23:46:58.0542 0980 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
23:46:58.0542 0980 ============================================================
23:46:58.0558 0980 C: <-> \Device\Harddisk0\DR0\Partition1
23:46:58.0558 0980 ============================================================
23:46:58.0558 0980 Initialize success
23:46:58.0558 0980 ============================================================
23:48:10.0595 3412 ============================================================
23:48:10.0595 3412 Scan started
23:48:10.0595 3412 Mode: Manual; TDLFS;
23:48:10.0595 3412 ============================================================
23:48:13.0357 3412 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
23:48:13.0357 3412 1394ohci - ok
23:48:13.0825 3412 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
23:48:13.0840 3412 ACPI - ok
23:48:13.0871 3412 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
23:48:13.0887 3412 AcpiPmi - ok
23:48:14.0027 3412 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
23:48:14.0043 3412 adp94xx - ok
23:48:14.0152 3412 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
23:48:14.0168 3412 adpahci - ok
23:48:14.0433 3412 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
23:48:14.0449 3412 adpu320 - ok
23:48:14.0495 3412 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
23:48:14.0495 3412 AeLookupSvc - ok
23:48:14.0870 3412 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
23:48:14.0885 3412 AESTFilters - ok
23:48:15.0385 3412 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
23:48:15.0400 3412 AFD - ok
23:48:15.0431 3412 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
23:48:15.0447 3412 agp440 - ok
23:48:15.0697 3412 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
23:48:15.0712 3412 ALG - ok
23:48:15.0743 3412 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
23:48:15.0743 3412 aliide - ok
23:48:15.0899 3412 AMD External Events Utility (c6469ced96fedef508aeb74553135cdc) C:\Windows\system32\atiesrxx.exe
23:48:15.0899 3412 AMD External Events Utility - ok
23:48:16.0040 3412 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
23:48:16.0071 3412 amdide - ok
23:48:16.0165 3412 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
23:48:16.0180 3412 AmdK8 - ok
23:48:18.0988 3412 amdkmdag (18ad9ad00ffad95dc820762fb7f4b80f) C:\Windows\system32\DRIVERS\atikmdag.sys
23:48:19.0129 3412 amdkmdag - ok
23:48:19.0768 3412 amdkmdap (dbf0db9a8b60a2c029eb70824afccbda) C:\Windows\system32\DRIVERS\atikmpag.sys
23:48:19.0784 3412 amdkmdap - ok
23:48:20.0002 3412 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
23:48:20.0002 3412 AmdPPM - ok
23:48:20.0501 3412 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
23:48:20.0533 3412 amdsata - ok
23:48:20.0657 3412 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
23:48:20.0673 3412 amdsbs - ok
23:48:20.0704 3412 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
23:48:20.0704 3412 amdxata - ok
23:48:20.0751 3412 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
23:48:20.0751 3412 AppID - ok
23:48:20.0782 3412 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
23:48:20.0782 3412 AppIDSvc - ok
23:48:20.0813 3412 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
23:48:20.0845 3412 Appinfo - ok
23:48:21.0188 3412 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:48:21.0188 3412 Apple Mobile Device - ok
23:48:21.0437 3412 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
23:48:21.0453 3412 arc - ok
23:48:21.0515 3412 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
23:48:21.0531 3412 arcsas - ok
23:48:21.0671 3412 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
23:48:21.0671 3412 AsyncMac - ok
23:48:21.0874 3412 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
23:48:21.0874 3412 atapi - ok
23:48:22.0295 3412 AtiHdmiService (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
23:48:22.0295 3412 AtiHdmiService - ok
23:48:22.0529 3412 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys
23:48:22.0545 3412 AtiPcie - ok
23:48:22.0935 3412 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:48:22.0935 3412 AudioEndpointBuilder - ok
23:48:22.0935 3412 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
23:48:22.0951 3412 AudioSrv - ok
23:48:23.0060 3412 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
23:48:23.0075 3412 AxInstSV - ok
23:48:23.0497 3412 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
23:48:23.0512 3412 b06bdrv - ok
23:48:23.0606 3412 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
23:48:23.0621 3412 b57nd60a - ok
23:48:23.0746 3412 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
23:48:23.0746 3412 BCM42RLY - ok
23:48:25.0119 3412 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
23:48:25.0213 3412 BCM43XX - ok
23:48:26.0149 3412 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
23:48:26.0149 3412 BcmVWL - ok
23:48:26.0273 3412 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
23:48:26.0273 3412 BDESVC - ok
23:48:26.0414 3412 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
23:48:26.0429 3412 Beep - ok
23:48:26.0757 3412 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
23:48:26.0757 3412 BFE - ok
23:48:28.0910 3412 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\BASHDefs\20120619.001\BHDrvx64.sys
23:48:28.0988 3412 BHDrvx64 - ok
23:48:30.0751 3412 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
23:48:30.0751 3412 BITS - ok
23:48:30.0860 3412 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
23:48:30.0860 3412 blbdrive - ok
23:48:31.0203 3412 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
23:48:31.0203 3412 Bonjour Service - ok
23:48:31.0250 3412 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
23:48:31.0265 3412 bowser - ok
23:48:31.0312 3412 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:48:31.0312 3412 BrFiltLo - ok
23:48:31.0343 3412 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:48:31.0343 3412 BrFiltUp - ok
23:48:31.0421 3412 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
23:48:31.0437 3412 BridgeMP - ok
23:48:31.0453 3412 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
23:48:31.0453 3412 Browser - ok
23:48:31.0499 3412 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
23:48:31.0515 3412 Brserid - ok
23:48:31.0546 3412 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
23:48:31.0546 3412 BrSerWdm - ok
23:48:31.0577 3412 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
23:48:31.0577 3412 BrUsbMdm - ok
23:48:31.0577 3412 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
23:48:31.0577 3412 BrUsbSer - ok
23:48:31.0609 3412 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
23:48:31.0609 3412 BTHMODEM - ok
23:48:31.0640 3412 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
23:48:31.0640 3412 bthserv - ok
23:48:31.0655 3412 catchme - ok
23:48:31.0765 3412 ccSet_MCLIENT (e41f70406c34f1cb667b4b27d81ad162) C:\Windows\system32\drivers\MCLIENTx64\0300000.085\ccSetx64.sys
23:48:31.0765 3412 ccSet_MCLIENT - ok
23:48:32.0607 3412 ccSet_N360 (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\N360x64\0602010.005\ccSetx64.sys
23:48:32.0623 3412 ccSet_N360 - ok
23:48:33.0091 3412 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
23:48:33.0122 3412 cdfs - ok
23:48:33.0512 3412 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
23:48:33.0512 3412 cdrom - ok
23:48:33.0559 3412 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:48:33.0574 3412 CertPropSvc - ok
23:48:33.0605 3412 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
23:48:33.0605 3412 circlass - ok
23:48:33.0964 3412 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
23:48:33.0980 3412 CLFS - ok
23:48:34.0837 3412 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:48:34.0857 3412 clr_optimization_v2.0.50727_32 - ok
23:48:35.0367 3412 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:48:35.0397 3412 clr_optimization_v2.0.50727_64 - ok
23:48:36.0140 3412 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:48:36.0171 3412 clr_optimization_v4.0.30319_32 - ok
23:48:36.0327 3412 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:48:36.0327 3412 clr_optimization_v4.0.30319_64 - ok
23:48:36.0389 3412 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
23:48:36.0389 3412 CmBatt - ok
23:48:36.0421 3412 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
23:48:36.0421 3412 cmdide - ok
23:48:36.0733 3412 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
23:48:36.0748 3412 CNG - ok
23:48:36.0920 3412 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
23:48:36.0920 3412 Compbatt - ok
23:48:37.0107 3412 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
23:48:37.0107 3412 CompositeBus - ok
23:48:37.0123 3412 COMSysApp - ok
23:48:37.0232 3412 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
23:48:37.0232 3412 crcdisk - ok
23:48:37.0497 3412 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
23:48:37.0497 3412 CryptSvc - ok
23:48:37.0622 3412 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
23:48:37.0637 3412 CtClsFlt - ok
23:48:37.0887 3412 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:48:37.0903 3412 DcomLaunch - ok
23:48:38.0152 3412 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
23:48:38.0168 3412 defragsvc - ok
23:48:38.0745 3412 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
23:48:38.0761 3412 DfsC - ok
23:48:39.0744 3412 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
23:48:39.0775 3412 dg_ssudbus - ok
23:48:40.0742 3412 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
23:48:40.0742 3412 Dhcp - ok
23:48:40.0773 3412 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
23:48:40.0789 3412 discache - ok
23:48:40.0820 3412 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
23:48:40.0820 3412 Disk - ok
23:48:40.0882 3412 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
23:48:40.0882 3412 Dnscache - ok
23:48:41.0038 3412 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
23:48:41.0038 3412 DockLoginService - ok
23:48:41.0085 3412 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
23:48:41.0085 3412 dot3svc - ok
23:48:41.0116 3412 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
23:48:41.0116 3412 DPS - ok
23:48:41.0163 3412 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
23:48:41.0163 3412 drmkaud - ok
23:48:41.0226 3412 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
23:48:41.0226 3412 DXGKrnl - ok
23:48:41.0272 3412 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
23:48:41.0272 3412 EapHost - ok
23:48:41.0460 3412 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
23:48:41.0491 3412 ebdrv - ok
23:48:42.0895 3412 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
23:48:42.0926 3412 eeCtrl - ok
23:48:44.0205 3412 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
23:48:44.0205 3412 EFS - ok
23:48:45.0063 3412 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
23:48:45.0079 3412 ehRecvr - ok
23:48:45.0141 3412 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
23:48:45.0141 3412 ehSched - ok
23:48:45.0266 3412 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
23:48:45.0282 3412 elxstor - ok
23:48:45.0453 3412 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
23:48:45.0453 3412 EraserUtilRebootDrv - ok
23:48:45.0500 3412 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
23:48:45.0500 3412 ErrDev - ok
23:48:46.0249 3412 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
23:48:46.0249 3412 EventSystem - ok
23:48:46.0467 3412 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
23:48:46.0467 3412 exfat - ok
23:48:46.0623 3412 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
23:48:46.0623 3412 fastfat - ok
23:48:48.0994 3412 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
23:48:49.0041 3412 Fax - ok
23:48:49.0228 3412 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
23:48:49.0244 3412 fdc - ok
23:48:49.0353 3412 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
23:48:49.0353 3412 fdPHost - ok
23:48:49.0494 3412 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
23:48:49.0509 3412 FDResPub - ok
23:48:49.0743 3412 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
23:48:49.0743 3412 FileInfo - ok
23:48:49.0821 3412 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
23:48:49.0852 3412 Filetrace - ok
23:48:49.0962 3412 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
23:48:49.0962 3412 flpydisk - ok
23:48:50.0695 3412 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
23:48:50.0742 3412 FltMgr - ok
23:48:51.0818 3412 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
23:48:51.0927 3412 FontCache - ok
23:48:52.0380 3412 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:48:52.0380 3412 FontCache3.0.0.0 - ok
23:48:52.0660 3412 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
23:48:52.0676 3412 FsDepends - ok
23:48:52.0972 3412 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
23:48:52.0972 3412 Fs_Rec - ok
23:48:53.0035 3412 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
23:48:53.0035 3412 fvevol - ok
23:48:53.0050 3412 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
23:48:53.0050 3412 gagp30kx - ok
23:48:53.0082 3412 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:48:53.0082 3412 GEARAspiWDM - ok
23:48:53.0144 3412 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
23:48:53.0144 3412 GoToAssist - ok
23:48:53.0238 3412 GoToAssist Express Customer (49ddf0aa20060a92d132069ab21e64af) C:\Program Files (x86)\Citrix\GoToAssist Express Customer\290\g2ax_service.exe
23:48:53.0253 3412 GoToAssist Express Customer - ok
23:48:53.0316 3412 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
23:48:53.0316 3412 gpsvc - ok
23:48:53.0347 3412 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
23:48:53.0347 3412 hcw85cir - ok
23:48:53.0409 3412 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
23:48:53.0409 3412 HdAudAddService - ok
23:48:53.0440 3412 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
23:48:53.0440 3412 HDAudBus - ok
23:48:53.0456 3412 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
23:48:53.0456 3412 HidBatt - ok
23:48:53.0487 3412 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
23:48:53.0487 3412 HidBth - ok
23:48:53.0518 3412 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
23:48:53.0518 3412 HidIr - ok
23:48:53.0550 3412 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
23:48:53.0581 3412 hidserv - ok
23:48:53.0752 3412 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
23:48:53.0768 3412 HidUsb - ok
23:48:53.0893 3412 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
23:48:53.0908 3412 hkmsvc - ok
23:48:54.0969 3412 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
23:48:55.0000 3412 HomeGroupListener - ok
23:48:55.0484 3412 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
23:48:58.0417 3412 HomeGroupProvider - ok
23:48:58.0510 3412 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
23:48:59.0634 3412 HpSAMD - ok
23:48:59.0712 3412 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
23:49:00.0055 3412 HTTP - ok
23:49:00.0180 3412 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
23:49:00.0195 3412 hwpolicy - ok
23:49:00.0492 3412 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
23:49:00.0523 3412 i8042prt - ok
23:49:03.0518 3412 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
23:49:03.0549 3412 iaStorV - ok
23:49:05.0234 3412 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:49:05.0811 3412 idsvc - ok
23:49:06.0638 3412 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\IPSDefs\20120707.001\IDSvia64.sys
23:49:06.0638 3412 IDSVia64 - ok
23:49:25.0264 3412 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
23:49:25.0389 3412 igfx - ok
23:49:27.0948 3412 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
23:49:27.0994 3412 iirsp - ok
23:49:29.0445 3412 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
23:49:29.0476 3412 IKEEXT - ok
23:49:29.0570 3412 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
23:49:29.0570 3412 intelide - ok
23:49:29.0648 3412 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
23:49:29.0648 3412 intelppm - ok
23:49:29.0835 3412 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
23:49:29.0851 3412 IPBusEnum - ok
23:49:29.0991 3412 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:49:30.0007 3412 IpFilterDriver - ok
23:49:33.0127 3412 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
23:49:33.0174 3412 iphlpsvc - ok
23:49:33.0392 3412 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
23:49:45.0326 3412 IPMIDRV - ok
23:49:45.0638 3412 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
23:49:45.0654 3412 IPNAT - ok
23:49:46.0449 3412 iPod Service (fdf57f795098ab29af780824315c9859) C:\Program Files\iPod\bin\iPodService.exe
23:49:46.0480 3412 iPod Service - ok
23:49:46.0636 3412 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
23:49:46.0652 3412 IRENUM - ok
23:49:46.0714 3412 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
23:49:46.0714 3412 isapnp - ok
23:49:46.0824 3412 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
23:49:46.0839 3412 iScsiPrt - ok
23:49:46.0995 3412 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
23:49:46.0995 3412 kbdclass - ok
23:49:47.0026 3412 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
23:49:47.0026 3412 kbdhid - ok
23:49:47.0120 3412 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:49:47.0120 3412 KeyIso - ok
23:49:47.0276 3412 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
23:49:47.0276 3412 KSecDD - ok
23:49:47.0463 3412 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
23:49:47.0463 3412 KSecPkg - ok
23:49:47.0557 3412 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
23:49:47.0572 3412 ksthunk - ok
23:49:47.0760 3412 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
23:49:47.0822 3412 KtmRm - ok
23:49:48.0009 3412 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
23:49:48.0025 3412 LanmanServer - ok
23:49:48.0228 3412 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
23:49:48.0540 3412 LanmanWorkstation - ok
23:49:48.0727 3412 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
23:49:48.0742 3412 lltdio - ok
23:49:49.0086 3412 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
23:49:49.0132 3412 lltdsvc - ok
23:49:49.0179 3412 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
23:49:49.0179 3412 lmhosts - ok
23:49:49.0226 3412 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
23:49:49.0242 3412 LSI_FC - ok
23:49:49.0288 3412 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
23:49:49.0288 3412 LSI_SAS - ok
23:49:49.0320 3412 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:49:49.0320 3412 LSI_SAS2 - ok
23:49:49.0647 3412 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:49:49.0678 3412 LSI_SCSI - ok
23:49:50.0068 3412 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
23:49:50.0178 3412 luafv - ok
23:49:50.0770 3412 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
23:49:50.0786 3412 MBAMProtector - ok
23:49:51.0706 3412 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:49:58.0882 3412 MBAMService - ok
23:49:59.0197 3412 MCLIENT (c5046bbdbc044eebc339d800f75a62db) C:\Program Files (x86)\Norton Management\Engine\3.0.0.133\ccSvcHst.exe
23:49:59.0197 3412 MCLIENT - ok
23:49:59.0237 3412 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
23:49:59.0247 3412 Mcx2Svc - ok
23:49:59.0277 3412 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
23:49:59.0277 3412 megasas - ok
23:49:59.0307 3412 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
23:49:59.0307 3412 MegaSR - ok
23:49:59.0337 3412 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:49:59.0337 3412 MMCSS - ok
23:49:59.0367 3412 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
23:49:59.0377 3412 Modem - ok
23:49:59.0387 3412 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
23:49:59.0387 3412 monitor - ok
23:49:59.0427 3412 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
23:49:59.0427 3412 mouclass - ok
23:49:59.0547 3412 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
23:49:59.0587 3412 mouhid - ok
23:49:59.0707 3412 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
23:49:59.0707 3412 mountmgr - ok
23:49:59.0757 3412 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
23:49:59.0767 3412 mpio - ok
23:49:59.0797 3412 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
23:49:59.0797 3412 mpsdrv - ok
23:49:59.0917 3412 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
23:49:59.0917 3412 MpsSvc - ok
23:50:00.0210 3412 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
23:50:00.0226 3412 MRxDAV - ok
23:50:00.0272 3412 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
23:50:00.0272 3412 mrxsmb - ok
23:50:00.0319 3412 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:50:00.0335 3412 mrxsmb10 - ok
23:50:00.0382 3412 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:50:00.0382 3412 mrxsmb20 - ok
23:50:00.0413 3412 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
23:50:00.0413 3412 msahci - ok
23:50:00.0974 3412 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
23:50:01.0006 3412 msdsm - ok
23:50:01.0115 3412 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
23:50:01.0208 3412 MSDTC - ok
23:50:01.0255 3412 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
23:50:01.0255 3412 Msfs - ok
23:50:01.0271 3412 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
23:50:01.0286 3412 mshidkmdf - ok
23:50:01.0302 3412 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
23:50:01.0302 3412 msisadrv - ok
23:50:01.0396 3412 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
23:50:01.0411 3412 MSiSCSI - ok
23:50:01.0411 3412 msiserver - ok
23:50:01.0442 3412 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
23:50:01.0442 3412 MSKSSRV - ok
23:50:01.0458 3412 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
23:50:01.0458 3412 MSPCLOCK - ok
23:50:01.0474 3412 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
23:50:01.0474 3412 MSPQM - ok
23:50:01.0536 3412 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
23:50:01.0536 3412 MsRPC - ok
23:50:01.0661 3412 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
23:50:01.0661 3412 mssmbios - ok
23:50:01.0692 3412 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
23:50:01.0692 3412 MSTEE - ok
23:50:01.0739 3412 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
23:50:01.0739 3412 MTConfig - ok
23:50:01.0848 3412 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
23:50:01.0848 3412 Mup - ok
23:50:02.0612 3412 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\ccSvcHst.exe
23:50:02.0612 3412 N360 - ok
23:50:03.0065 3412 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
23:50:03.0080 3412 napagent - ok
23:50:03.0174 3412 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
23:50:03.0174 3412 NativeWifiP - ok
23:50:03.0533 3412 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120709.021\ENG64.SYS
23:50:03.0533 3412 NAVENG - ok
23:50:03.0767 3412 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.1.2\Definitions\VirusDefs\20120709.021\EX64.SYS
23:50:03.0798 3412 NAVEX15 - ok
23:50:04.0250 3412 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
23:50:04.0250 3412 NDIS - ok
23:50:04.0313 3412 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
23:50:04.0313 3412 NdisCap - ok
23:50:04.0375 3412 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
23:50:04.0375 3412 NdisTapi - ok
23:50:04.0531 3412 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
23:50:04.0547 3412 Ndisuio - ok
23:50:04.0594 3412 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
23:50:04.0609 3412 NdisWan - ok
23:50:04.0718 3412 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
23:50:04.0718 3412 NDProxy - ok
23:50:04.0781 3412 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
23:50:04.0781 3412 NetBIOS - ok
23:50:04.0890 3412 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
23:50:04.0906 3412 NetBT - ok
23:50:05.0046 3412 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:50:05.0046 3412 Netlogon - ok
23:50:05.0701 3412 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
23:50:05.0717 3412 Netman - ok
23:50:06.0636 3412 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
23:50:06.0676 3412 netprofm - ok
23:50:06.0976 3412 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:50:06.0996 3412 NetTcpPortSharing - ok
23:50:07.0076 3412 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
23:50:07.0076 3412 nfrd960 - ok
23:50:08.0560 3412 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
23:50:08.0591 3412 NlaSvc - ok
23:50:08.0653 3412 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
23:50:08.0653 3412 Npfs - ok
23:50:08.0825 3412 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
23:50:08.0825 3412 nsi - ok
23:50:08.0950 3412 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
23:50:08.0950 3412 nsiproxy - ok
23:50:12.0210 3412 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
23:50:12.0304 3412 Ntfs - ok
23:50:14.0300 3412 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
23:50:14.0940 3412 Null - ok
23:50:15.0361 3412 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
23:50:15.0377 3412 nvraid - ok
23:50:16.0266 3412 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
23:50:16.0297 3412 nvstor - ok
23:50:16.0734 3412 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
23:50:16.0750 3412 nv_agp - ok
23:50:16.0906 3412 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
23:50:16.0921 3412 ohci1394 - ok
23:50:17.0264 3412 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:50:17.0264 3412 ose - ok
23:50:19.0542 3412 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:50:20.0821 3412 osppsvc - ok
23:50:21.0258 3412 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:50:21.0679 3412 p2pimsvc - ok
23:50:24.0176 3412 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
23:50:24.0207 3412 p2psvc - ok
23:50:25.0346 3412 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
23:50:25.0362 3412 Parport - ok
23:50:25.0471 3412 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
23:50:25.0486 3412 partmgr - ok
23:50:25.0658 3412 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
23:50:25.0674 3412 PcaSvc - ok
23:50:25.0798 3412 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
23:50:25.0876 3412 pci - ok
23:50:25.0939 3412 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
23:50:25.0954 3412 pciide - ok
23:50:26.0454 3412 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
23:50:26.0532 3412 pcmcia - ok
23:50:26.0625 3412 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
23:50:26.0641 3412 pcw - ok
23:50:27.0156 3412 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
23:50:27.0218 3412 PEAUTH - ok
23:50:31.0867 3412 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
23:50:32.0319 3412 PerfHost - ok
23:50:43.0871 3412 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
23:50:43.0964 3412 pla - ok
23:50:46.0086 3412 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
23:50:46.0117 3412 PlugPlay - ok
23:50:46.0289 3412 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
23:50:46.0289 3412 PNRPAutoReg - ok
23:50:47.0303 3412 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
23:50:47.0303 3412 PNRPsvc - ok
23:50:47.0755 3412 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
23:50:47.0802 3412 PolicyAgent - ok
23:50:48.0613 3412 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
23:50:48.0629 3412 Power - ok
23:50:48.0941 3412 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
23:50:48.0956 3412 PptpMiniport - ok
23:50:49.0081 3412 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
23:50:49.0097 3412 Processor - ok
23:50:49.0736 3412 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
23:50:49.0767 3412 ProfSvc - ok
23:50:49.0877 3412 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:50:49.0877 3412 ProtectedStorage - ok
23:50:49.0970 3412 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
23:50:49.0970 3412 Psched - ok
23:50:50.0048 3412 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
23:50:50.0064 3412 PxHlpa64 - ok
23:50:51.0764 3412 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
23:50:51.0920 3412 ql2300 - ok
23:50:56.0007 3412 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
23:50:56.0023 3412 ql40xx - ok
23:50:56.0585 3412 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
23:50:56.0585 3412 QWAVE - ok
23:50:56.0881 3412 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
23:50:56.0881 3412 QWAVEdrv - ok
23:50:56.0990 3412 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
23:50:57.0006 3412 RasAcd - ok
23:50:57.0427 3412 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
23:50:57.0443 3412 RasAgileVpn - ok
23:50:58.0223 3412 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
23:50:58.0238 3412 RasAuto - ok
23:50:59.0065 3412 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
23:50:59.0112 3412 Rasl2tp - ok
23:51:00.0765 3412 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
23:51:00.0797 3412 RasMan - ok
23:51:01.0608 3412 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
23:51:01.0623 3412 RasPppoe - ok
23:51:02.0403 3412 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
23:51:02.0403 3412 RasSstp - ok
23:51:03.0792 3412 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
23:51:03.0823 3412 rdbss - ok
23:51:03.0901 3412 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
23:51:03.0917 3412 rdpbus - ok
23:51:03.0948 3412 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
23:51:03.0948 3412 RDPCDD - ok
23:51:04.0151 3412 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
23:51:04.0151 3412 RDPENCDD - ok
23:51:04.0229 3412 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
23:51:04.0229 3412 RDPREFMP - ok
23:51:04.0915 3412 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
23:51:04.0946 3412 RDPWD - ok
23:51:05.0243 3412 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
23:51:05.0243 3412 rdyboost - ok
23:51:05.0539 3412 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
23:51:05.0555 3412 RemoteAccess - ok
23:51:05.0586 3412 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
23:51:05.0601 3412 RemoteRegistry - ok
23:51:05.0617 3412 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
23:51:05.0617 3412 RpcEptMapper - ok
23:51:05.0633 3412 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
23:51:05.0633 3412 RpcLocator - ok
23:51:05.0711 3412 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
23:51:05.0711 3412 RpcSs - ok
23:51:05.0757 3412 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
23:51:05.0757 3412 rspndr - ok
23:51:05.0789 3412 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
23:51:05.0804 3412 RSUSBSTOR - ok
23:51:05.0851 3412 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
23:51:05.0851 3412 RTL8167 - ok
23:51:05.0882 3412 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:51:05.0882 3412 SamSs - ok
23:51:05.0913 3412 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
23:51:05.0913 3412 sbp2port - ok
23:51:05.0945 3412 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
23:51:05.0945 3412 SCardSvr - ok
23:51:05.0991 3412 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
23:51:05.0991 3412 scfilter - ok
23:51:06.0288 3412 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
23:51:06.0303 3412 Schedule - ok
23:51:06.0428 3412 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
23:51:06.0428 3412 SCPolicySvc - ok
23:51:06.0709 3412 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
23:51:06.0709 3412 SDRSVC - ok
23:51:07.0083 3412 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
23:51:07.0083 3412 secdrv - ok
23:51:07.0364 3412 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
23:51:07.0380 3412 seclogon - ok
23:51:07.0723 3412 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
23:51:07.0723 3412 SENS - ok
23:51:07.0817 3412 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
23:51:07.0832 3412 SensrSvc - ok
23:51:07.0941 3412 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
23:51:07.0941 3412 Serenum - ok
23:51:08.0160 3412 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
23:51:08.0222 3412 Serial - ok
23:51:08.0347 3412 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
23:51:08.0363 3412 sermouse - ok
23:51:08.0690 3412 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
23:51:08.0706 3412 SessionEnv - ok
23:51:08.0924 3412 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
23:51:09.0002 3412 sffdisk - ok
23:51:09.0096 3412 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
23:51:09.0096 3412 sffp_mmc - ok
23:51:09.0221 3412 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
23:51:09.0236 3412 sffp_sd - ok
23:51:09.0361 3412 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
23:51:09.0392 3412 sfloppy - ok
23:51:10.0453 3412 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
23:51:10.0484 3412 SftService - ok
23:51:11.0108 3412 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
23:51:11.0139 3412 SharedAccess - ok
23:51:11.0249 3412 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
23:51:11.0264 3412 ShellHWDetection - ok
23:51:11.0358 3412 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:51:11.0358 3412 SiSRaid2 - ok
23:51:11.0389 3412 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
23:51:11.0389 3412 SiSRaid4 - ok
23:51:11.0717 3412 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
23:51:11.0717 3412 SkypeUpdate - ok
23:51:11.0763 3412 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
23:51:11.0763 3412 Smb - ok
23:51:11.0904 3412 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
23:51:11.0904 3412 SNMPTRAP - ok
23:51:11.0935 3412 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
23:51:11.0935 3412 spldr - ok
23:51:12.0044 3412 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
23:51:12.0044 3412 Spooler - ok
23:51:13.0308 3412 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
23:51:15.0679 3412 sppsvc - ok
23:51:15.0913 3412 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
23:51:17.0005 3412 sppuinotify - ok
23:51:17.0379 3412 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\N360x64\0602010.005\SRTSP64.SYS
23:51:17.0769 3412 SRTSP - ok
23:51:17.0988 3412 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\N360x64\0602010.005\SRTSPX64.SYS
23:51:18.0003 3412 SRTSPX - ok
23:51:19.0656 3412 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
23:51:19.0716 3412 srv - ok
23:51:21.0163 3412 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
23:51:21.0179 3412 srv2 - ok
23:51:21.0381 3412 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
23:51:21.0397 3412 srvnet - ok
23:51:21.0662 3412 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
23:51:21.0693 3412 SSDPSRV - ok
23:51:21.0865 3412 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
23:51:21.0896 3412 SstpSvc - ok
23:51:22.0395 3412 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
23:51:22.0536 3412 ssudmdm - ok
23:51:22.0879 3412 STacSV (463e33b1ea7af1e6eb87b66b831db41a) C:\Program Files\IDT\WDM\STacSV64.exe
23:51:22.0879 3412 STacSV - ok
23:51:22.0973 3412 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
23:51:23.0285 3412 stexstor - ok
23:51:25.0359 3412 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
23:51:27.0575 3412 STHDA - ok
23:51:30.0320 3412 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
23:51:31.0007 3412 stisvc - ok
23:51:31.0178 3412 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
23:51:31.0178 3412 swenum - ok
23:51:34.0267 3412 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
23:51:34.0470 3412 swprv - ok
23:51:37.0652 3412 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\N360x64\0602010.005\SYMDS64.SYS
23:51:45.0655 3412 SymDS - ok
23:51:47.0855 3412 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\N360x64\0602010.005\SYMEFA64.SYS
23:51:47.0901 3412 SymEFA - ok
23:51:48.0104 3412 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
23:51:48.0104 3412 SymEvent - ok
23:51:48.0416 3412 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\N360x64\0602010.005\Ironx64.SYS
23:51:48.0416 3412 SymIRON - ok
23:51:49.0539 3412 SymNetS (3911bd0e68c010e5438a87706abbe9ab) C:\Windows\System32\Drivers\N360x64\0602010.005\SYMNETS.SYS
23:51:49.0571 3412 SymNetS - ok
23:51:50.0709 3412 SynTP (8a3fbcb3d6d4710730d27da4392a4863) C:\Windows\system32\DRIVERS\SynTP.sys
23:51:50.0756 3412 SynTP - ok
23:51:52.0659 3412 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
23:51:52.0706 3412 SysMain - ok
23:51:53.0939 3412 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
23:51:53.0954 3412 TabletInputService - ok
23:51:54.0032 3412 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
23:51:54.0032 3412 TapiSrv - ok
23:51:54.0095 3412 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
23:51:54.0095 3412 TBS - ok
23:51:55.0296 3412 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
23:51:55.0311 3412 Tcpip - ok
23:51:57.0215 3412 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
23:51:57.0230 3412 TCPIP6 - ok
23:51:58.0026 3412 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
23:51:58.0026 3412 tcpipreg - ok
23:51:58.0104 3412 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
23:51:58.0104 3412 TDPIPE - ok
23:51:58.0197 3412 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
23:51:58.0197 3412 TDTCP - ok
23:51:58.0447 3412 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
23:51:58.0447 3412 tdx - ok
23:51:58.0509 3412 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
23:51:58.0525 3412 TermDD - ok
23:51:58.0665 3412 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
23:51:58.0665 3412 TermService - ok
23:51:58.0697 3412 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
23:51:58.0712 3412 Themes - ok
23:51:58.0728 3412 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
23:51:58.0728 3412 THREADORDER - ok
23:51:58.0759 3412 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
23:51:58.0759 3412 TrkWks - ok
23:51:58.0821 3412 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
23:51:58.0821 3412 TrustedInstaller - ok
23:51:58.0853 3412 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
23:51:58.0853 3412 tssecsrv - ok
23:51:58.0899 3412 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
23:51:58.0899 3412 TsUsbFlt - ok
23:51:58.0962 3412 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
23:51:58.0962 3412 tunnel - ok
23:51:58.0993 3412 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
23:51:58.0993 3412 uagp35 - ok
23:51:59.0040 3412 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
23:51:59.0055 3412 udfs - ok
23:51:59.0087 3412 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
23:51:59.0087 3412 UI0Detect - ok
23:51:59.0118 3412 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
23:51:59.0118 3412 uliagpkx - ok
23:51:59.0165 3412 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
23:51:59.0165 3412 umbus - ok
23:51:59.0180 3412 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
23:51:59.0180 3412 UmPass - ok
23:51:59.0211 3412 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
23:51:59.0227 3412 upnphost - ok
23:51:59.0289 3412 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
23:51:59.0289 3412 usbccgp - ok
23:51:59.0321 3412 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
23:51:59.0321 3412 usbcir - ok
23:51:59.0367 3412 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
23:51:59.0367 3412 usbehci - ok
23:51:59.0399 3412 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
23:51:59.0399 3412 usbfilter - ok
23:51:59.0414 3412 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
23:51:59.0430 3412 usbhub - ok
23:51:59.0461 3412 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
23:51:59.0461 3412 usbohci - ok
23:51:59.0492 3412 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
23:51:59.0492 3412 usbprint - ok
23:51:59.0539 3412 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
23:51:59.0539 3412 usbscan - ok
23:51:59.0601 3412 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:51:59.0601 3412 USBSTOR - ok
23:51:59.0633 3412 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
23:51:59.0633 3412 usbuhci - ok
23:51:59.0679 3412 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
23:51:59.0679 3412 usbvideo - ok
23:51:59.0711 3412 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
23:51:59.0711 3412 UxSms - ok
23:51:59.0742 3412 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
23:51:59.0742 3412 VaultSvc - ok
23:51:59.0773 3412 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
23:51:59.0773 3412 vdrvroot - ok
23:51:59.0820 3412 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
23:51:59.0835 3412 vds - ok
23:51:59.0898 3412 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
23:51:59.0929 3412 vga - ok
23:52:00.0225 3412 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
23:52:00.0225 3412 VgaSave - ok
23:52:00.0834 3412 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
23:52:00.0849 3412 vhdmp - ok
23:52:00.0881 3412 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
23:52:00.0927 3412 viaide - ok
23:52:00.0990 3412 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
23:52:00.0990 3412 volmgr - ok
23:52:01.0021 3412 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
23:52:01.0037 3412 volmgrx - ok
23:52:01.0083 3412 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
23:52:01.0083 3412 volsnap - ok
23:52:01.0130 3412 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
23:52:01.0130 3412 vsmraid - ok
23:52:01.0536 3412 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
23:52:01.0536 3412 VSS - ok
23:52:02.0066 3412 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
23:52:02.0082 3412 vwifibus - ok
23:52:02.0300 3412 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
23:52:02.0316 3412 vwififlt - ok
23:52:02.0643 3412 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
23:52:02.0659 3412 W32Time - ok
23:52:02.0753 3412 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
23:52:02.0768 3412 WacomPen - ok
23:52:03.0111 3412 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:52:03.0111 3412 WANARP - ok
23:52:03.0127 3412 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
23:52:03.0127 3412 Wanarpv6 - ok
23:52:03.0548 3412 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
23:52:03.0611 3412 WatAdminSvc - ok
23:52:04.0874 3412 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
23:52:04.0983 3412 wbengine - ok
23:52:05.0451 3412 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
23:52:05.0483 3412 WbioSrvc - ok
23:52:06.0715 3412 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
23:52:06.0731 3412 wcncsvc - ok
23:52:06.0871 3412 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
23:52:06.0871 3412 WcsPlugInService - ok
23:52:06.0949 3412 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
23:52:06.0949 3412 Wd - ok
23:52:07.0089 3412 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
23:52:07.0089 3412 WDC_SAM - ok
23:52:07.0199 3412 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
23:52:07.0214 3412 Wdf01000 - ok
23:52:07.0401 3412 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:52:07.0401 3412 WdiServiceHost - ok
23:52:07.0417 3412 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
23:52:07.0417 3412 WdiSystemHost - ok
23:52:07.0885 3412 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
23:52:07.0916 3412 WebClient - ok
23:52:07.0979 3412 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
23:52:07.0994 3412 Wecsvc - ok
23:52:08.0041 3412 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
23:52:08.0041 3412 wercplsupport - ok
23:52:08.0072 3412 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
23:52:08.0088 3412 WerSvc - ok
23:52:08.0244 3412 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
23:52:08.0259 3412 WfpLwf - ok
23:52:08.0634 3412 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
23:52:08.0634 3412 WimFltr - ok
23:52:08.0727 3412 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
23:52:08.0727 3412 WIMMount - ok
23:52:08.0790 3412 WinDefend - ok
23:52:08.0805 3412 WinHttpAutoProxySvc - ok
23:52:09.0258 3412 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
23:52:09.0258 3412 Winmgmt - ok
23:52:10.0568 3412 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
23:52:10.0677 3412 WinRM - ok
23:52:11.0910 3412 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
23:52:11.0910 3412 WinUsb - ok
23:52:12.0971 3412 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
23:52:13.0017 3412 Wlansvc - ok
23:52:13.0283 3412 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
23:52:13.0283 3412 wlcrasvc - ok
23:52:17.0245 3412 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:52:17.0323 3412 wlidsvc - ok
23:52:17.0417 3412 wltrysvc (de816a0624d54d68e1fb8a9028dcf81a) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
23:52:17.0417 3412 wltrysvc - ok
23:52:19.0445 3412 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
23:52:19.0445 3412 WmiAcpi - ok
23:52:19.0866 3412 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
23:52:19.0866 3412 wmiApSrv - ok
23:52:20.0037 3412 WMPNetworkSvc - ok
23:52:20.0147 3412 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
23:52:20.0162 3412 WPCSvc - ok
23:52:20.0443 3412 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
23:52:20.0443 3412 WPDBusEnum - ok
23:52:20.0474 3412 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
23:52:20.0490 3412 ws2ifsl - ok
23:52:20.0505 3412 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
23:52:20.0521 3412 wscsvc - ok
23:52:20.0521 3412 WSearch - ok
23:52:21.0270 3412 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
23:52:21.0285 3412 wuauserv - ok
23:52:21.0426 3412 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
23:52:21.0426 3412 WudfPf - ok
23:52:21.0457 3412 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
23:52:21.0457 3412 WUDFRd - ok
23:52:21.0473 3412 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
23:52:21.0473 3412 wudfsvc - ok
23:52:21.0535 3412 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
23:52:21.0551 3412 WwanSvc - ok
23:52:21.0629 3412 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
23:52:21.0644 3412 yukonw7 - ok
23:52:21.0738 3412 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
23:52:21.0738 3412 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
23:52:21.0769 3412 MBR (0x1B8) (c3220eb08add62e3ed9f72a1f4e4b1bb) \Device\Harddisk0\DR0
23:52:22.0956 3412 \Device\Harddisk0\DR0 - ok
23:52:22.0996 3412 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
23:52:22.0996 3412 \Device\Harddisk0\DR0\Partition0 - ok
23:52:23.0016 3412 Boot (0x1200) (723ffebde086355ce5f5c8e20d4fdb4a) \Device\Harddisk0\DR0\Partition1
23:52:23.0036 3412 \Device\Harddisk0\DR0\Partition1 - ok
23:52:23.0036 3412 ============================================================
23:52:23.0046 3412 Scan finished
23:52:23.0046 3412 ============================================================
23:52:23.0076 2432 Detected object count: 0
23:52:23.0076 2432 Actual detected object count: 0
23:53:24.0049 1812 Deinitialize success

#5 Bulls729

Bulls729
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 09 July 2012 - 11:34 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-10 00:13:50
-----------------------------
00:13:50.408 OS Version: Windows x64 6.1.7601 Service Pack 1
00:13:50.408 Number of processors: 3 586 0x503
00:13:50.408 ComputerName: USER-PC UserName: User
00:13:52.312 Initialize success
00:14:00.548 AVAST engine defs: 12070901
00:14:13.023 The log file has been saved successfully to "C:\Users\User\Downloads\aswMBR.txt"
00:14:24.877 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
00:14:24.892 Disk 0 Vendor: SAMSUNG_HM641JI 2AJ10003 Size: 610480MB BusType: 11
00:14:24.939 Disk 0 MBR read successfully
00:14:24.939 Disk 0 MBR scan
00:14:24.939 Disk 0 Windows 7 default MBR code
00:14:24.970 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
00:14:24.986 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
00:14:25.017 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
00:14:25.080 Disk 0 scanning C:\Windows\system32\drivers
00:14:53.644 Service scanning
00:15:35.077 Modules scanning
00:15:35.093 Disk 0 trace - called modules:
00:15:35.654 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
00:15:35.670 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800618b490]
00:15:35.686 3 CLASSPNP.SYS[fffff88001ba143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800615b060]
00:15:37.589 AVAST engine scan C:\Windows
00:16:22.056 AVAST engine scan C:\Windows\system32
00:21:55.572 AVAST engine scan C:\Windows\system32\drivers
00:22:11.862 AVAST engine scan C:\Users\User
00:28:43.298 AVAST engine scan C:\ProgramData
00:30:06.415 Scan finished successfully
00:30:17.522 Disk 0 MBR has been saved successfully to "C:\Users\User\Documents\MBR.dat"
00:30:17.538 The log file has been saved successfully to "C:\Users\User\Documents\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:16 PM

Posted 10 July 2012 - 12:43 AM

ESET log?

#7 Bulls729

Bulls729
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 10 July 2012 - 12:52 AM

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\User\AppData\Local\Temp\is-7U7F5.tmp\OCSetupHlp.dll Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\User\AppData\Roaming\OpenCandy\1E8CC691D0EF4934BB62EC627F4FF676\TuneUp_PC_2.4.6.4_CPMID_347.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\User\Downloads\ninja-setup-2.3.5.exe Win32/OpenCandy application cleaned by deleting - quarantined

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:16 PM

Posted 10 July 2012 - 12:53 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#9 Bulls729

Bulls729
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 10 July 2012 - 04:33 AM

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.10.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
User :: USER-PC [administrator]

Protection: Disabled

7/10/2012 1:55:15 AM
mbam-log-2012-07-10 (01-55-15).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 367719
Time elapsed: 46 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 Bulls729

Bulls729
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 10 July 2012 - 04:39 AM

MiniToolBox by Farbar Version: 25-06-2012
Ran by User (administrator) on 10-07-2012 at 05:32:50
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : User-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : 1C-65-9D-E5-8C-7B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 1C-65-9D-E5-8C-7B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::89f5:8811:5fd0:9dbc%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, July 10, 2012 12:31:44 AM
Lease Expires . . . . . . . . . . : Wednesday, July 11, 2012 12:31:45 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 236742045
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-BB-35-74-F0-4D-A2-BC-8F-22
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : F0-4D-A2-BC-8F-22
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::91fe:261a:3722:7ea4%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, July 10, 2012 12:31:41 AM
Lease Expires . . . . . . . . . . : Wednesday, July 11, 2012 12:31:40 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 250629538
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-BB-35-74-F0-4D-A2-BC-8F-22
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.2%17(Preferred)
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.5%17(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 208.67.222.222
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4d3:513:93de:a293(Preferred)
Link-local IPv6 Address . . . . . : fe80::4d3:513:93de:a293%16(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{2976B52C-EDC2-4AF1-80BF-93C9CC632C22}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: google.com.home
Address: 67.215.65.132


Pinging google.com [74.125.139.101] with 32 bytes of data:
Reply from 74.125.139.101: bytes=32 time=65ms TTL=44
Reply from 74.125.139.101: bytes=32 time=65ms TTL=44

Ping statistics for 74.125.139.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 65ms, Maximum = 65ms, Average = 65ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: yahoo.com.home
Address: 67.215.65.132


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=151ms TTL=56
Reply from 72.30.38.140: bytes=32 time=199ms TTL=56

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 151ms, Maximum = 199ms, Average = 175ms
Server: resolver1.opendns.com
Address: 208.67.222.222

Name: bleepingcomputer.com.home
Address: 67.215.65.132


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 7ms, Average = 5ms
===========================================================================
Interface List
13...1c 65 9d e5 8c 7b ......Broadcom Virtual Wireless Adapter
12...1c 65 9d e5 8c 7b ......DW1501 Wireless-N WLAN Half-Mini Card
10...f0 4d a2 bc 8f 22 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 20
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.5 276
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.5 255.255.255.255 On-link 192.168.1.5 276
192.168.1.255 255.255.255.255 On-link 192.168.1.5 276
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.5 276
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.5 276
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 58 ::/0 On-link
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:4137:9e76:4d3:513:93de:a293/128
On-link
10 276 fe80::/64 On-link
12 281 fe80::/64 On-link
16 306 fe80::/64 On-link
17 286 fe80::5efe:192.168.1.2/128
On-link
17 286 fe80::5efe:192.168.1.5/128
On-link
16 306 fe80::4d3:513:93de:a293/128
On-link
12 281 fe80::89f5:8811:5fd0:9dbc/128
On-link
10 276 fe80::91fe:261a:3722:7ea4/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
10 276 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/10/2012 03:05:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 03:03:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 00:54:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: bfgclient.exe, version: 3.0.1.60, time stamp: 0x4e4de6a7
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x00038dc9
Faulting process id: 0xea4
Faulting application start time: 0xbfgclient.exe0
Faulting application path: bfgclient.exe1
Faulting module path: bfgclient.exe2
Report Id: bfgclient.exe3

Error: (07/10/2012 00:35:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 00:35:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 00:35:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 00:35:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 05:57:35 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (06/27/2012 05:57:35 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (06/27/2012 05:57:32 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)


System errors:
=============
Error: (07/09/2012 11:46:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (07/09/2012 11:45:11 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/09/2012 11:44:34 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/09/2012 11:39:03 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (07/09/2012 11:13:58 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (07/09/2012 11:13:58 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/09/2012 11:12:48 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/09/2012 11:12:41 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (07/09/2012 10:29:16 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (07/09/2012 10:29:16 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (07/10/2012 03:05:45 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\User\downloads\esetsmartinstaller_enu.exe

Error: (07/10/2012 03:03:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/10/2012 00:54:11 AM) (Source: Application Error)(User: )
Description: bfgclient.exe3.0.1.604e4de6a7ntdll.dll6.1.7601.177254ec49b8fc000000500038dc9ea401cd5e57fb5b0a66C:\Program Files (x86)\bfgclient\bfgclient.exeC:\Windows\SysWOW64\ntdll.dll49ec89a3-ca4b-11e1-9ea4-f04da2bc8f22

Error: (07/10/2012 00:35:38 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (07/10/2012 00:35:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (07/10/2012 00:35:36 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (07/10/2012 00:35:34 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\User\Downloads\esetsmartinstaller_enu.exe

Error: (06/27/2012 05:57:35 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (06/27/2012 05:57:35 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)

Error: (06/27/2012 05:57:32 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.774.0)
Best Buy pc app (Version: 3.1.0.0)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.2)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Full Existing (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Full New (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Light (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Previews Common (Version: 2010.0427.2150.37350)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0427.2150.37350)
Catalyst Control Center Localization All (Version: 2010.0427.2150.37350)
ccc-core-static (Version: 2010.0427.2150.37350)
ccc-utility64 (Version: 2010.0427.2150.37350)
CCC Help Chinese Standard (Version: 2010.0427.2149.37350)
CCC Help Chinese Traditional (Version: 2010.0427.2149.37350)
CCC Help Czech (Version: 2010.0427.2149.37350)
CCC Help Danish (Version: 2010.0427.2149.37350)
CCC Help Dutch (Version: 2010.0427.2149.37350)
CCC Help English (Version: 2010.0427.2149.37350)
CCC Help Finnish (Version: 2010.0427.2149.37350)
CCC Help French (Version: 2010.0427.2149.37350)
CCC Help German (Version: 2010.0427.2149.37350)
CCC Help Greek (Version: 2010.0427.2149.37350)
CCC Help Hungarian (Version: 2010.0427.2149.37350)
CCC Help Italian (Version: 2010.0427.2149.37350)
CCC Help Japanese (Version: 2010.0427.2149.37350)
CCC Help Korean (Version: 2010.0427.2149.37350)
CCC Help Norwegian (Version: 2010.0427.2149.37350)
CCC Help Polish (Version: 2010.0427.2149.37350)
CCC Help Portuguese (Version: 2010.0427.2149.37350)
CCC Help Russian (Version: 2010.0427.2149.37350)
CCC Help Spanish (Version: 2010.0427.2149.37350)
CCC Help Swedish (Version: 2010.0427.2149.37350)
CCC Help Thai (Version: 2010.0427.2149.37350)
CCC Help Turkish (Version: 2010.0427.2149.37350)
CCleaner (Version: 3.20)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.47)
Dell Dock (Version: 2.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Product Registration (Version: 1.0.3)
Dell Support Center (Version: 3.0.5621.01)
Dell Webcam Central (Version: 1.40.05)
DivX Setup (Version: 2.6.1.8)
Dropbox (Version: 1.4.9)
DW WLAN Card Utility (Version: 5.60.48.35)
ESET Online Scanner v3
Google Chrome (Version: 20.0.1132.47)
Google Talk Plugin (Version: 3.1.4.8140)
GoToAssist 8.0.0.514
GoToAssist Customer 1.6.0.290 (Version: 1.6.0.290)
HESI PN 3e
IDT Audio (Version: 1.0.6289.0)
Illustrated Study Guide for the NCLEX-PN ® Exam, 5th Edition 1.0 (Version: 1.0)
Internet Explorer (Version: 8)
iTunes (Version: 10.4.0.80)
Java™ 7 Update 4 (64-bit) (Version: 7.0.40)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
JeS Updater (Version: 0.10.0000)
Junk Mail filter update (Version: 15.4.3502.0922)
LaserJet 1020 series
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Mystery Trackers: Black Isle
Nancy Drew: Shadow at the Water's Edge
Nancy Drew: The Trail of the Twister
Norton 360 (Version: 6.2.1.5)
Norton Bootable Recovery Tool Wizard (Version: 5.0.0.90)
Norton Management (Version: 3.0.0.133)
OrderReminder HP LaserJet 1020 (Version: 2.0)
PowerDVD DX (Version: 8.3.6107)
PuppetShow: Return to Joyville Collector's Edition
Quickset64 (Version: 10.5.0)
QuickTime (Version: 7.69.80.9)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30109)
Roxio Burn (Version: 1.01)
Saunders Q&A Review for the NCLEX-PN® Examination, 3rd Edition 1.0 (Version: 1.0)
Skype™ 5.8 (Version: 5.8.158)
Synaptics Pointing Device Driver (Version: 15.0.0.1)
System Ninja version 2.3.5.0 (Version: 2.3.5.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 5883.93 MB
Available physical RAM: 3431.77 MB
Total Pagefile: 11766.04 MB
Available Pagefile: 9225.79 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.9 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:518.3 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-PC

Administrator Guest User


**** End of log ****

Farbar Service Scanner Version: 08-07-2012
Ran by User (administrator) on 10-07-2012 at 05:39:15
Running from "C:\Users\User\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:16 PM

Posted 10 July 2012 - 04:41 AM

what are your current issues? I do not find anything suspicious.

#12 Bulls729

Bulls729
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:16 PM

Posted 10 July 2012 - 04:57 AM

Well, here is some more info in case you need it, http://community.norton.com/t5/Norton-360/Trojan-Patchep-sys-Removal-amp-Error-5013-3/td-p/754470

However it appears that after running the CF and that last EEST everything is gone, before the CF, Malware Bytes kept detecting, but not deleting as shown in the logs in the linked post, but it all appears to be gone now, hopefully I did not do something wrong and that it is in fact fixed. Thank you very much for all the help.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:16 PM

Posted 10 July 2012 - 06:04 AM

DO not run combofix without an expert guidance

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users