Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

troj_sirefef.kby removal


  • Please log in to reply
23 replies to this topic

#1 lukehol

lukehol

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 14 July 2012 - 07:49 AM

Hello all and thanks in advance,

I am running Trend Micro and almost constantly I am reminded that it has detected and removed troj_sirefef.kby.

I did a little research on your forum and have found fixes for other troj_sirefef files but none with the .kby name.

As a relative newbie and computer dunce, I don't simply want to follow the other fixes for this and would appreciate your expertise. Trend is no help although it says it has found the file in the windows installer files. I am on windows vista.

Many Thanks

Edited by hamluis, 14 July 2012 - 08:52 AM.
Moved from Vista to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:42 AM

Posted 14 July 2012 - 01:09 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 14 July 2012 - 11:55 PM

Thanks narenxp, here is the TDSS log



10:23:25.0806 4896 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
10:23:26.0960 4896 ============================================================
10:23:26.0960 4896 Current date / time: 2012/07/15 10:23:26.0960
10:23:26.0960 4896 SystemInfo:
10:23:26.0960 4896
10:23:26.0960 4896 OS Version: 6.0.6002 ServicePack: 2.0
10:23:26.0960 4896 Product type: Workstation
10:23:26.0960 4896 ComputerName: LUKE-PC
10:23:26.0960 4896 UserName: Luke
10:23:26.0960 4896 Windows directory: C:\Windows
10:23:26.0960 4896 System windows directory: C:\Windows
10:23:26.0960 4896 Processor architecture: Intel x86
10:23:26.0960 4896 Number of processors: 2
10:23:26.0960 4896 Page size: 0x1000
10:23:26.0960 4896 Boot type: Normal boot
10:23:26.0960 4896 ============================================================
10:23:29.0409 4896 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:23:29.0456 4896 ============================================================
10:23:29.0456 4896 \Device\Harddisk0\DR0:
10:23:29.0456 4896 MBR partitions:
10:23:29.0456 4896 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED7000
10:23:29.0456 4896 ============================================================
10:23:29.0487 4896 C: <-> \Device\Harddisk0\DR0\Partition0
10:23:29.0519 4896 ============================================================
10:23:29.0519 4896 Initialize success
10:23:29.0519 4896 ============================================================
10:23:43.0091 7024 ============================================================
10:23:43.0091 7024 Scan started
10:23:43.0091 7024 Mode: Manual; TDLFS;
10:23:43.0091 7024 ============================================================
10:23:44.0401 7024 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
10:23:44.0417 7024 ACPI - ok
10:23:44.0573 7024 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:23:44.0604 7024 AdobeARMservice - ok
10:23:44.0713 7024 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:23:44.0713 7024 AdobeFlashPlayerUpdateSvc - ok
10:23:44.0838 7024 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
10:23:44.0885 7024 adp94xx - ok
10:23:44.0931 7024 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
10:23:44.0963 7024 adpahci - ok
10:23:45.0009 7024 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
10:23:45.0056 7024 adpu160m - ok
10:23:45.0103 7024 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
10:23:45.0134 7024 adpu320 - ok
10:23:45.0197 7024 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
10:23:45.0197 7024 AeLookupSvc - ok
10:23:45.0306 7024 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
10:23:45.0337 7024 AFD - ok
10:23:45.0368 7024 AgereModemAudio (39e435c90c9c4f780fa0ed05ca3c3a1b) C:\Windows\system32\agrsmsvc.exe
10:23:45.0384 7024 AgereModemAudio - ok
10:23:45.0571 7024 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
10:23:45.0649 7024 AgereSoftModem - ok
10:23:45.0696 7024 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
10:23:45.0727 7024 agp440 - ok
10:23:45.0789 7024 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
10:23:45.0805 7024 aic78xx - ok
10:23:45.0852 7024 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
10:23:45.0852 7024 ALG - ok
10:23:45.0867 7024 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
10:23:45.0883 7024 aliide - ok
10:23:45.0914 7024 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
10:23:45.0930 7024 amdagp - ok
10:23:45.0945 7024 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
10:23:45.0961 7024 amdide - ok
10:23:45.0992 7024 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
10:23:46.0008 7024 AmdK7 - ok
10:23:46.0023 7024 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
10:23:46.0039 7024 AmdK8 - ok
10:23:46.0211 7024 Amsp (feb0b5022c012a4a68dabcb711faff03) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
10:23:46.0211 7024 Amsp - ok
10:23:46.0273 7024 AnyDVD (b1985816d3df57b2d78da9d7bd874fef) C:\Windows\system32\Drivers\AnyDVD.sys
10:23:46.0273 7024 AnyDVD - ok
10:23:46.0367 7024 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
10:23:46.0367 7024 Appinfo - ok
10:23:46.0507 7024 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:23:46.0523 7024 Apple Mobile Device - ok
10:23:46.0601 7024 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
10:23:46.0632 7024 arc - ok
10:23:46.0725 7024 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
10:23:46.0757 7024 arcsas - ok
10:23:46.0835 7024 ASPI32 (b979979ab8027f7f53fb16ec4229b7db) C:\Windows\system32\drivers\ASPI32.sys
10:23:46.0850 7024 ASPI32 - ok
10:23:46.0897 7024 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
10:23:46.0913 7024 AsyncMac - ok
10:23:46.0944 7024 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
10:23:46.0944 7024 atapi - ok
10:23:47.0037 7024 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:23:47.0053 7024 AudioEndpointBuilder - ok
10:23:47.0053 7024 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
10:23:47.0069 7024 Audiosrv - ok
10:23:47.0100 7024 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
10:23:47.0131 7024 Beep - ok
10:23:47.0240 7024 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
10:23:47.0256 7024 BFE - ok
10:23:47.0271 7024 blbdrive - ok
10:23:47.0443 7024 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
10:23:47.0490 7024 Bonjour Service - ok
10:23:47.0568 7024 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
10:23:47.0568 7024 bowser - ok
10:23:47.0615 7024 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
10:23:47.0630 7024 BrFiltLo - ok
10:23:47.0677 7024 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
10:23:47.0677 7024 BrFiltUp - ok
10:23:47.0739 7024 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
10:23:47.0739 7024 Browser - ok
10:23:47.0802 7024 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
10:23:47.0817 7024 Brserid - ok
10:23:47.0849 7024 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
10:23:47.0864 7024 BrSerWdm - ok
10:23:47.0895 7024 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
10:23:47.0911 7024 BrUsbMdm - ok
10:23:47.0927 7024 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
10:23:47.0927 7024 BrUsbSer - ok
10:23:47.0989 7024 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys
10:23:48.0005 7024 BthEnum - ok
10:23:48.0036 7024 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
10:23:48.0051 7024 BTHMODEM - ok
10:23:48.0114 7024 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys
10:23:48.0129 7024 BthPan - ok
10:23:48.0239 7024 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys
10:23:48.0285 7024 BTHPORT - ok
10:23:48.0317 7024 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
10:23:48.0317 7024 BthServ - ok
10:23:48.0348 7024 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys
10:23:48.0363 7024 BTHUSB - ok
10:23:48.0426 7024 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
10:23:48.0426 7024 cdfs - ok
10:23:48.0504 7024 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
10:23:48.0551 7024 cdrom - ok
10:23:48.0629 7024 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:23:48.0629 7024 CertPropSvc - ok
10:23:48.0753 7024 CFSvcs (c82162949bba6cc5d006c7bd008f3cf1) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:23:48.0769 7024 CFSvcs - ok
10:23:48.0800 7024 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
10:23:48.0816 7024 circlass - ok
10:23:48.0894 7024 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
10:23:48.0894 7024 CLFS - ok
10:23:49.0003 7024 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:23:49.0003 7024 clr_optimization_v2.0.50727_32 - ok
10:23:49.0065 7024 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
10:23:49.0081 7024 CmBatt - ok
10:23:49.0097 7024 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
10:23:49.0112 7024 cmdide - ok
10:23:49.0190 7024 cmusbnet (d57d7cd061dbd3eaffd2c662773dd2c6) C:\Windows\system32\DRIVERS\cmusbnet.sys
10:23:49.0206 7024 cmusbnet - ok
10:23:49.0253 7024 cmusbser (631155ce46b7da2aac47eedf7ee42ebe) C:\Windows\system32\DRIVERS\cmusbser.sys
10:23:49.0268 7024 cmusbser - ok
10:23:49.0315 7024 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
10:23:49.0315 7024 Compbatt - ok
10:23:49.0315 7024 COMSysApp - ok
10:23:49.0346 7024 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
10:23:49.0346 7024 crcdisk - ok
10:23:49.0362 7024 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
10:23:49.0377 7024 Crusoe - ok
10:23:49.0455 7024 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
10:23:49.0455 7024 CryptSvc - ok
10:23:49.0627 7024 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:23:49.0643 7024 DcomLaunch - ok
10:23:49.0674 7024 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
10:23:49.0689 7024 DfsC - ok
10:23:50.0033 7024 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
10:23:50.0111 7024 DFSR - ok
10:23:50.0360 7024 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
10:23:50.0360 7024 Dhcp - ok
10:23:50.0454 7024 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
10:23:50.0454 7024 disk - ok
10:23:50.0547 7024 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
10:23:50.0563 7024 Dnscache - ok
10:23:50.0625 7024 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
10:23:50.0641 7024 dot3svc - ok
10:23:50.0781 7024 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
10:23:50.0781 7024 DPS - ok
10:23:50.0844 7024 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
10:23:50.0844 7024 drmkaud - ok
10:23:50.0984 7024 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
10:23:51.0031 7024 DXGKrnl - ok
10:23:51.0125 7024 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
10:23:51.0140 7024 E1G60 - ok
10:23:51.0203 7024 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
10:23:51.0203 7024 EapHost - ok
10:23:51.0296 7024 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
10:23:51.0296 7024 Ecache - ok
10:23:51.0390 7024 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
10:23:51.0405 7024 ehRecvr - ok
10:23:51.0452 7024 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
10:23:51.0452 7024 ehSched - ok
10:23:51.0468 7024 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
10:23:51.0468 7024 ehstart - ok
10:23:51.0515 7024 ElbyCDIO (084a13f18856d610d44d3109a9d2acde) C:\Windows\system32\Drivers\ElbyCDIO.sys
10:23:51.0530 7024 ElbyCDIO - ok
10:23:51.0608 7024 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
10:23:51.0717 7024 elxstor - ok
10:23:51.0889 7024 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
10:23:51.0920 7024 EMDMgmt - ok
10:23:52.0014 7024 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
10:23:52.0029 7024 EventSystem - ok
10:23:52.0217 7024 EvtEng (298c8f404968a600d1c298d43783bdb8) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
10:23:52.0279 7024 EvtEng - ok
10:23:52.0388 7024 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
10:23:52.0419 7024 exfat - ok
10:23:52.0482 7024 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
10:23:52.0497 7024 fastfat - ok
10:23:52.0544 7024 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
10:23:52.0560 7024 fdc - ok
10:23:52.0731 7024 fdguivoctewfwaf (c9f3a1dfd52aab25b926d54dc178757f) C:\Users\Luke\AppData\Local\Temp\DATC025.tmp.exe
10:24:03.0729 7024 Suspicious file (NoAccess): C:\Users\Luke\AppData\Local\Temp\DATC025.tmp.exe. md5: c9f3a1dfd52aab25b926d54dc178757f
10:24:03.0776 7024 fdguivoctewfwaf ( LockedFile.Multi.Generic ) - warning
10:24:03.0776 7024 fdguivoctewfwaf - detected LockedFile.Multi.Generic (1)
10:24:03.0854 7024 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
10:24:03.0854 7024 fdPHost - ok
10:24:03.0917 7024 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
10:24:03.0917 7024 FDResPub - ok
10:24:03.0995 7024 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
10:24:04.0010 7024 FileInfo - ok
10:24:04.0135 7024 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
10:24:04.0166 7024 Filetrace - ok
10:24:04.0182 7024 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
10:24:04.0197 7024 flpydisk - ok
10:24:04.0478 7024 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
10:24:04.0494 7024 FltMgr - ok
10:24:05.0180 7024 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
10:24:05.0274 7024 FontCache - ok
10:24:05.0430 7024 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:24:05.0461 7024 FontCache3.0.0.0 - ok
10:24:05.0523 7024 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
10:24:05.0555 7024 Fs_Rec - ok
10:24:05.0601 7024 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
10:24:05.0633 7024 gagp30kx - ok
10:24:05.0679 7024 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:24:05.0711 7024 GEARAspiWDM - ok
10:24:06.0023 7024 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
10:24:06.0116 7024 gpsvc - ok
10:24:06.0257 7024 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:24:06.0257 7024 gupdate - ok
10:24:06.0272 7024 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
10:24:06.0272 7024 gupdatem - ok
10:24:06.0600 7024 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:24:06.0631 7024 gusvc - ok
10:24:07.0052 7024 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
10:24:07.0193 7024 HdAudAddService - ok
10:24:07.0957 7024 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:24:08.0051 7024 HDAudBus - ok
10:24:08.0097 7024 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
10:24:08.0113 7024 HidBth - ok
10:24:08.0160 7024 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
10:24:08.0191 7024 HidIr - ok
10:24:08.0269 7024 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
10:24:08.0269 7024 hidserv - ok
10:24:08.0316 7024 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
10:24:08.0331 7024 HidUsb - ok
10:24:08.0409 7024 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
10:24:08.0409 7024 hkmsvc - ok
10:24:08.0503 7024 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
10:24:08.0534 7024 HpCISSs - ok
10:24:08.0675 7024 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
10:24:08.0737 7024 HTTP - ok
10:24:08.0768 7024 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
10:24:08.0784 7024 i2omp - ok
10:24:08.0862 7024 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
10:24:08.0877 7024 i8042prt - ok
10:24:08.0971 7024 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
10:24:09.0080 7024 iaStorV - ok
10:24:09.0205 7024 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
10:24:09.0252 7024 IDriverT - ok
10:24:09.0455 7024 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:24:09.0501 7024 idsvc - ok
10:24:09.0564 7024 IFA_Moore Service (d827c772e5e59ce9d29ad9da80129d1f) C:\Program Files\Common Files\Primal Pictures Shared\Service\IFA_Moore Service File.exe
10:24:09.0595 7024 IFA_Moore Service - ok
10:24:09.0782 7024 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
10:24:09.0798 7024 iirsp - ok
10:24:09.0923 7024 IJPLMSVC (ad5df6f4fbbc798636edc66bfec7d0de) C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
10:24:09.0954 7024 IJPLMSVC - ok
10:24:10.0032 7024 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
10:24:10.0063 7024 IKEEXT - ok
10:24:10.0391 7024 IntcAzAudAddService (9438fe15da89c6aace8a79db2c6f60c1) C:\Windows\system32\drivers\RTKVHDA.sys
10:24:10.0484 7024 IntcAzAudAddService - ok
10:24:10.0718 7024 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
10:24:10.0718 7024 intelide - ok
10:24:10.0796 7024 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
10:24:10.0812 7024 intelppm - ok
10:24:10.0859 7024 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
10:24:10.0859 7024 IPBusEnum - ok
10:24:10.0905 7024 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:24:10.0937 7024 IpFilterDriver - ok
10:24:10.0937 7024 IpInIp - ok
10:24:11.0015 7024 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
10:24:11.0030 7024 IPMIDRV - ok
10:24:11.0093 7024 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
10:24:11.0108 7024 IPNAT - ok
10:24:11.0311 7024 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe
10:24:11.0373 7024 iPod Service - ok
10:24:11.0389 7024 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
10:24:11.0405 7024 IRENUM - ok
10:24:11.0420 7024 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
10:24:11.0436 7024 isapnp - ok
10:24:11.0529 7024 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
10:24:11.0561 7024 iScsiPrt - ok
10:24:11.0592 7024 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
10:24:11.0607 7024 iteatapi - ok
10:24:11.0639 7024 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
10:24:11.0654 7024 iteraid - ok
10:24:11.0685 7024 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
10:24:11.0701 7024 kbdclass - ok
10:24:11.0748 7024 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
10:24:11.0763 7024 kbdhid - ok
10:24:11.0810 7024 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:24:11.0826 7024 KeyIso - ok
10:24:11.0935 7024 KR10I (1e0d65f7ffeb4e99b2eec1ccb5754cc8) C:\Windows\system32\drivers\kr10i.sys
10:24:12.0466 7024 KR10I - ok
10:24:12.0529 7024 KR10N (a1963360e74931222a67356c8ad48378) C:\Windows\system32\drivers\kr10n.sys
10:24:13.0059 7024 KR10N - ok
10:24:13.0200 7024 KR3NPXP (485e005cd51ff502fb16483eb4b69c17) C:\Windows\system32\drivers\kr3npxp.sys
10:24:13.0262 7024 KR3NPXP - ok
10:24:13.0356 7024 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
10:24:13.0371 7024 KSecDD - ok
10:24:13.0480 7024 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
10:24:13.0558 7024 KtmRm - ok
10:24:13.0621 7024 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
10:24:13.0621 7024 LanmanServer - ok
10:24:13.0714 7024 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
10:24:13.0730 7024 LanmanWorkstation - ok
10:24:13.0792 7024 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
10:24:13.0808 7024 lltdio - ok
10:24:13.0839 7024 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
10:24:13.0870 7024 lltdsvc - ok
10:24:13.0902 7024 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
10:24:13.0902 7024 lmhosts - ok
10:24:13.0964 7024 LPCFilter (515fc18cabee0158a324b08b1c2667cf) C:\Windows\system32\DRIVERS\LPCFilter.sys
10:24:13.0964 7024 LPCFilter - ok
10:24:13.0995 7024 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
10:24:14.0026 7024 LSI_FC - ok
10:24:14.0058 7024 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
10:24:14.0073 7024 LSI_SAS - ok
10:24:14.0104 7024 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
10:24:14.0136 7024 LSI_SCSI - ok
10:24:14.0198 7024 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
10:24:14.0198 7024 luafv - ok
10:24:14.0276 7024 massfilter (6490fe1b088c7199a9b6ce0e04a98a8b) C:\Windows\system32\drivers\massfilter.sys
10:24:14.0292 7024 massfilter - ok
10:24:14.0323 7024 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
10:24:14.0338 7024 Mcx2Svc - ok
10:24:14.0370 7024 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
10:24:14.0385 7024 megasas - ok
10:24:14.0557 7024 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:24:14.0572 7024 Microsoft Office Groove Audit Service - ok
10:24:14.0635 7024 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:24:14.0635 7024 MMCSS - ok
10:24:14.0760 7024 mod7700 (f37a8070f1e6d0a1feac34ebb846fd05) C:\Windows\system32\Drivers\dvb7700all.sys
10:24:14.0853 7024 mod7700 - ok
10:24:14.0884 7024 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
10:24:14.0884 7024 Modem - ok
10:24:14.0962 7024 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
10:24:14.0962 7024 monitor - ok
10:24:15.0009 7024 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
10:24:15.0025 7024 mouclass - ok
10:24:15.0040 7024 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
10:24:15.0040 7024 mouhid - ok
10:24:15.0072 7024 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
10:24:15.0087 7024 MountMgr - ok
10:24:15.0134 7024 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
10:24:15.0150 7024 mpio - ok
10:24:15.0212 7024 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
10:24:15.0243 7024 mpsdrv - ok
10:24:15.0321 7024 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
10:24:15.0352 7024 MpsSvc - ok
10:24:15.0384 7024 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
10:24:15.0399 7024 Mraid35x - ok
10:24:15.0446 7024 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
10:24:15.0462 7024 MRxDAV - ok
10:24:15.0508 7024 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:24:15.0508 7024 mrxsmb - ok
10:24:15.0586 7024 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:24:15.0586 7024 mrxsmb10 - ok
10:24:15.0618 7024 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:24:15.0618 7024 mrxsmb20 - ok
10:24:15.0680 7024 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
10:24:15.0696 7024 msahci - ok
10:24:15.0727 7024 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
10:24:15.0758 7024 msdsm - ok
10:24:15.0820 7024 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
10:24:15.0852 7024 MSDTC - ok
10:24:15.0883 7024 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
10:24:15.0898 7024 Msfs - ok
10:24:15.0930 7024 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
10:24:15.0930 7024 msisadrv - ok
10:24:15.0976 7024 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
10:24:16.0008 7024 MSiSCSI - ok
10:24:16.0008 7024 msiserver - ok
10:24:16.0054 7024 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
10:24:16.0070 7024 MSKSSRV - ok
10:24:16.0086 7024 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
10:24:16.0101 7024 MSPCLOCK - ok
10:24:16.0132 7024 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
10:24:16.0148 7024 MSPQM - ok
10:24:16.0195 7024 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
10:24:16.0210 7024 MsRPC - ok
10:24:16.0242 7024 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
10:24:16.0257 7024 mssmbios - ok
10:24:16.0273 7024 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
10:24:16.0288 7024 MSTEE - ok
10:24:16.0320 7024 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
10:24:16.0320 7024 Mup - ok
10:24:16.0413 7024 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
10:24:16.0429 7024 napagent - ok
10:24:16.0554 7024 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
10:24:16.0600 7024 NativeWifiP - ok
10:24:16.0694 7024 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
10:24:16.0725 7024 NDIS - ok
10:24:16.0803 7024 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
10:24:16.0819 7024 NdisTapi - ok
10:24:16.0881 7024 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
10:24:16.0897 7024 Ndisuio - ok
10:24:16.0944 7024 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
10:24:16.0959 7024 NdisWan - ok
10:24:17.0006 7024 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
10:24:17.0022 7024 NDProxy - ok
10:24:17.0458 7024 Nero BackItUp Scheduler 3 (a0101e836d2a39682e134c47b1565256) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
10:24:17.0583 7024 Nero BackItUp Scheduler 3 - ok
10:24:17.0646 7024 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
10:24:17.0661 7024 NetBIOS - ok
10:24:17.0708 7024 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
10:24:17.0739 7024 netbt - ok
10:24:17.0770 7024 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:24:17.0770 7024 Netlogon - ok
10:24:17.0833 7024 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
10:24:17.0833 7024 Netman - ok
10:24:17.0880 7024 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
10:24:17.0895 7024 netprofm - ok
10:24:17.0958 7024 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:24:17.0958 7024 NetTcpPortSharing - ok
10:24:18.0285 7024 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
10:24:18.0472 7024 NETw4v32 - ok
10:24:18.0769 7024 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
10:24:18.0784 7024 nfrd960 - ok
10:24:18.0847 7024 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
10:24:18.0862 7024 NlaSvc - ok
10:24:19.0050 7024 NMIndexingService (6ef0506ce1f553e9bd085645933c8686) C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
10:24:19.0096 7024 NMIndexingService - ok
10:24:19.0128 7024 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
10:24:19.0143 7024 Npfs - ok
10:24:19.0174 7024 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
10:24:19.0190 7024 nsi - ok
10:24:19.0252 7024 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
10:24:19.0268 7024 nsiproxy - ok
10:24:19.0424 7024 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
10:24:19.0471 7024 Ntfs - ok
10:24:19.0518 7024 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
10:24:19.0518 7024 ntrigdigi - ok
10:24:19.0549 7024 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
10:24:19.0564 7024 Null - ok
10:24:21.0296 7024 nvlddmkm (18634f41aa3a3ac5bb25714ca3cd1100) C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:24:21.0561 7024 nvlddmkm - ok
10:24:21.0764 7024 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
10:24:21.0780 7024 nvraid - ok
10:24:21.0858 7024 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
10:24:21.0873 7024 nvstor - ok
10:24:21.0967 7024 nvsvc (e9540535378bb14851865cadf0382af0) C:\Windows\system32\nvvsvc.exe
10:24:21.0998 7024 nvsvc - ok
10:24:22.0045 7024 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
10:24:22.0076 7024 nv_agp - ok
10:24:22.0076 7024 NwlnkFlt - ok
10:24:22.0092 7024 NwlnkFwd - ok
10:24:22.0248 7024 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:24:22.0294 7024 odserv - ok
10:24:22.0372 7024 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
10:24:22.0388 7024 ohci1394 - ok
10:24:22.0435 7024 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:24:22.0466 7024 ose - ok
10:24:22.0606 7024 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:24:22.0638 7024 p2pimsvc - ok
10:24:22.0653 7024 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:24:22.0669 7024 p2psvc - ok
10:24:22.0716 7024 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
10:24:22.0731 7024 Parport - ok
10:24:22.0762 7024 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
10:24:22.0778 7024 partmgr - ok
10:24:22.0794 7024 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
10:24:22.0809 7024 Parvdm - ok
10:24:22.0872 7024 PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
10:24:22.0887 7024 PCASp50 - ok
10:24:22.0950 7024 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
10:24:22.0965 7024 PcaSvc - ok
10:24:23.0184 7024 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
10:24:23.0230 7024 pci - ok
10:24:23.0402 7024 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
10:24:23.0418 7024 pciide - ok
10:24:23.0480 7024 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
10:24:23.0496 7024 pcmcia - ok
10:24:23.0558 7024 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
10:24:23.0574 7024 pcouffin - ok
10:24:23.0698 7024 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
10:24:23.0761 7024 PEAUTH - ok
10:24:23.0823 7024 pinger (6dbf2ac2bdaff355995ab25eccc4cfe1) C:\Toshiba\IVP\ISM\pinger.exe
10:24:23.0854 7024 pinger - ok
10:24:24.0151 7024 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
10:24:24.0198 7024 pla - ok
10:24:24.0432 7024 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
10:24:24.0432 7024 PlugPlay - ok
10:24:24.0494 7024 PnkBstrA (831883b107684301f48ace752c963984) C:\Windows\system32\PnkBstrA.exe
10:24:24.0525 7024 PnkBstrA - ok
10:24:24.0666 7024 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:24:24.0681 7024 PNRPAutoReg - ok
10:24:24.0697 7024 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
10:24:24.0712 7024 PNRPsvc - ok
10:24:24.0790 7024 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
10:24:24.0822 7024 PolicyAgent - ok
10:24:24.0868 7024 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
10:24:24.0900 7024 PptpMiniport - ok
10:24:24.0931 7024 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
10:24:24.0946 7024 Processor - ok
10:24:24.0993 7024 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
10:24:24.0993 7024 ProfSvc - ok
10:24:25.0040 7024 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:24:25.0040 7024 ProtectedStorage - ok
10:24:25.0134 7024 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
10:24:25.0134 7024 PSched - ok
10:24:25.0305 7024 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
10:24:25.0368 7024 ql2300 - ok
10:24:25.0414 7024 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
10:24:25.0430 7024 ql40xx - ok
10:24:25.0508 7024 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
10:24:25.0508 7024 QWAVE - ok
10:24:25.0539 7024 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
10:24:25.0539 7024 QWAVEdrv - ok
10:24:25.0570 7024 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
10:24:25.0586 7024 RasAcd - ok
10:24:25.0633 7024 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
10:24:25.0648 7024 RasAuto - ok
10:24:25.0695 7024 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:24:25.0711 7024 Rasl2tp - ok
10:24:25.0773 7024 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
10:24:25.0789 7024 RasMan - ok
10:24:25.0820 7024 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
10:24:25.0836 7024 RasPppoe - ok
10:24:25.0898 7024 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
10:24:25.0914 7024 RasSstp - ok
10:24:25.0992 7024 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
10:24:25.0992 7024 rdbss - ok
10:24:26.0038 7024 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:24:26.0038 7024 RDPCDD - ok
10:24:26.0116 7024 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
10:24:26.0132 7024 rdpdr - ok
10:24:26.0148 7024 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
10:24:26.0148 7024 RDPENCDD - ok
10:24:26.0257 7024 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
10:24:26.0288 7024 RDPWD - ok
10:24:26.0413 7024 RegSrvc (83a5d92ace4465c667d1d55fcdab2658) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
10:24:26.0444 7024 RegSrvc - ok
10:24:26.0522 7024 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
10:24:26.0522 7024 RemoteAccess - ok
10:24:26.0569 7024 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
10:24:26.0584 7024 RemoteRegistry - ok
10:24:26.0647 7024 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys
10:24:26.0662 7024 RFCOMM - ok
10:24:26.0803 7024 RichVideo (c1c132455200ad4704142442c89d0fa4) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
10:24:26.0834 7024 RichVideo - ok
10:24:26.0865 7024 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
10:24:26.0881 7024 RpcLocator - ok
10:24:26.0928 7024 rpcnet (3297445bb9fd3e8363e7559010ed2ae7) C:\Windows\system32\rpcnet.exe
10:24:26.0943 7024 rpcnet - ok
10:24:27.0052 7024 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
10:24:27.0068 7024 RpcSs - ok
10:24:27.0115 7024 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
10:24:27.0146 7024 rspndr - ok
10:24:27.0208 7024 RTL8169 (a1adc7b4c074744662207da6edcdfbb0) C:\Windows\system32\DRIVERS\Rtlh86.sys
10:24:27.0224 7024 RTL8169 - ok
10:24:27.0271 7024 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
10:24:27.0271 7024 SamSs - ok
10:24:27.0349 7024 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
10:24:27.0364 7024 sbp2port - ok
10:24:27.0427 7024 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
10:24:27.0427 7024 SCardSvr - ok
10:24:27.0583 7024 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
10:24:27.0614 7024 Schedule - ok
10:24:27.0661 7024 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
10:24:27.0661 7024 SCPolicySvc - ok
10:24:27.0708 7024 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
10:24:27.0723 7024 sdbus - ok
10:24:27.0770 7024 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
10:24:27.0770 7024 SDRSVC - ok
10:24:27.0817 7024 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
10:24:27.0832 7024 secdrv - ok
10:24:27.0879 7024 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
10:24:27.0879 7024 seclogon - ok
10:24:27.0926 7024 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
10:24:27.0926 7024 SENS - ok
10:24:27.0957 7024 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
10:24:27.0973 7024 Serenum - ok
10:24:28.0020 7024 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
10:24:28.0035 7024 Serial - ok
10:24:28.0066 7024 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
10:24:28.0082 7024 sermouse - ok
10:24:28.0160 7024 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
10:24:28.0160 7024 SessionEnv - ok
10:24:28.0207 7024 sfdrv01 (b7018644e132a8dfb12ed90106e06739) C:\Windows\system32\drivers\sfdrv01.sys
10:24:28.0207 7024 sfdrv01 - ok
10:24:28.0254 7024 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
10:24:28.0254 7024 sffdisk - ok
10:24:28.0269 7024 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
10:24:28.0285 7024 sffp_mmc - ok
10:24:28.0332 7024 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:24:28.0347 7024 sffp_sd - ok
10:24:28.0410 7024 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
10:24:28.0425 7024 sfhlp02 - ok
10:24:28.0550 7024 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
10:24:28.0597 7024 sfloppy - ok
10:24:28.0644 7024 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\Windows\system32\drivers\sfsync02.sys
10:24:28.0675 7024 sfsync02 - ok
10:24:28.0909 7024 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
10:24:28.0924 7024 ShellHWDetection - ok
10:24:28.0956 7024 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
10:24:28.0971 7024 sisagp - ok
10:24:29.0002 7024 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
10:24:29.0018 7024 SiSRaid2 - ok
10:24:29.0049 7024 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
10:24:29.0065 7024 SiSRaid4 - ok
10:24:29.0580 7024 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
10:24:29.0704 7024 slsvc - ok
10:24:29.0923 7024 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
10:24:29.0938 7024 SLUINotify - ok
10:24:30.0001 7024 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
10:24:30.0016 7024 Smb - ok
10:24:30.0063 7024 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
10:24:30.0063 7024 SNMPTRAP - ok
10:24:30.0094 7024 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
10:24:30.0110 7024 spldr - ok
10:24:30.0157 7024 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
10:24:30.0188 7024 Spooler - ok
10:24:30.0266 7024 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
10:24:30.0282 7024 srv - ok
10:24:30.0344 7024 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
10:24:30.0344 7024 srv2 - ok
10:24:30.0406 7024 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
10:24:30.0406 7024 srvnet - ok
10:24:30.0469 7024 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
10:24:30.0469 7024 SSDPSRV - ok
10:24:30.0531 7024 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
10:24:30.0547 7024 SstpSvc - ok
10:24:30.0703 7024 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
10:24:30.0734 7024 stisvc - ok
10:24:30.0781 7024 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
10:24:30.0796 7024 swenum - ok
10:24:30.0874 7024 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
10:24:30.0874 7024 swprv - ok
10:24:30.0937 7024 Swupdtmr (327786c5d6bcf284fab14c2b5751f514) c:\Toshiba\IVP\swupdate\swupdtmr.exe
10:24:30.0952 7024 Swupdtmr - ok
10:24:30.0999 7024 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
10:24:31.0015 7024 Symc8xx - ok
10:24:31.0030 7024 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
10:24:31.0046 7024 Sym_hi - ok
10:24:31.0062 7024 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
10:24:31.0093 7024 Sym_u3 - ok
10:24:31.0186 7024 SynTP (5efcedcf3daf5c8d9e8b77a34a4eec99) C:\Windows\system32\DRIVERS\SynTP.sys
10:24:31.0218 7024 SynTP - ok
10:24:31.0327 7024 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
10:24:31.0374 7024 SysMain - ok
10:24:31.0405 7024 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
10:24:31.0405 7024 TabletInputService - ok
10:24:31.0483 7024 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
10:24:31.0498 7024 TapiSrv - ok
10:24:31.0561 7024 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
10:24:31.0561 7024 TBS - ok
10:24:31.0795 7024 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
10:24:31.0826 7024 Tcpip - ok
10:24:31.0842 7024 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
10:24:31.0857 7024 Tcpip6 - ok
10:24:31.0904 7024 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
10:24:31.0920 7024 tcpipreg - ok
10:24:31.0966 7024 TcUsb (009aede9fe870c247014450dc1e01d5d) C:\Windows\system32\Drivers\tcusb.sys
10:24:31.0982 7024 TcUsb - ok
10:24:32.0029 7024 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
10:24:32.0044 7024 tdcmdpst - ok
10:24:32.0076 7024 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
10:24:32.0076 7024 TDPIPE - ok
10:24:32.0122 7024 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
10:24:32.0138 7024 TDTCP - ok
10:24:32.0185 7024 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
10:24:32.0216 7024 tdx - ok
10:24:32.0247 7024 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
10:24:32.0263 7024 TermDD - ok
10:24:32.0372 7024 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
10:24:32.0403 7024 TermService - ok
10:24:32.0481 7024 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
10:24:32.0481 7024 Themes - ok
10:24:32.0528 7024 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
10:24:32.0544 7024 THREADORDER - ok
10:24:32.0606 7024 tifm21 (e4c85c291ddb3dc5e4a2f227ca465ba6) C:\Windows\system32\drivers\tifm21.sys
10:24:32.0653 7024 tifm21 - ok
10:24:32.0746 7024 tmactmon (e8e528896ff2595cfada88749cd72ef8) C:\Windows\system32\DRIVERS\tmactmon.sys
10:24:32.0762 7024 tmactmon - ok
10:24:32.0887 7024 tmcomm (d79b8b7bed8d30387c22663b24e8c191) C:\Windows\system32\DRIVERS\tmcomm.sys
10:24:32.0902 7024 tmcomm - ok
10:24:32.0934 7024 tmevtmgr (dbac510d1c7cc66b7a78eb2264f3072e) C:\Windows\system32\DRIVERS\tmevtmgr.sys
10:24:32.0949 7024 tmevtmgr - ok
10:24:32.0980 7024 tmtdi (a6e20b094a8d3e3f46d10bbe7e1ebb82) C:\Windows\system32\DRIVERS\tmtdi.sys
10:24:32.0996 7024 tmtdi - ok
10:24:33.0136 7024 TNaviSrv (38e18dce385ff2ded57423a279559dbc) C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
10:24:33.0168 7024 TNaviSrv - ok
10:24:33.0246 7024 TODDSrv (d540858e65bfa6fded41ad2495ece344) C:\Windows\system32\TODDSrv.exe
10:24:33.0292 7024 TODDSrv - ok
10:24:33.0386 7024 TosCoSrv (6a54c28b53c6b50d333c8ee974c6b208) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
10:24:33.0417 7024 TosCoSrv - ok
10:24:33.0433 7024 Tosrfcom - ok
10:24:33.0464 7024 tosrfec (c063b8e2db85420438ebce3fc8d2752e) C:\Windows\system32\DRIVERS\tosrfec.sys
10:24:33.0480 7024 tosrfec - ok
10:24:33.0542 7024 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
10:24:33.0558 7024 tos_sps32 - ok
10:24:33.0589 7024 TpChoice - ok
10:24:33.0636 7024 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
10:24:33.0636 7024 TrkWks - ok
10:24:33.0714 7024 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
10:24:33.0714 7024 TrustedInstaller - ok
10:24:33.0760 7024 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:24:33.0776 7024 tssecsrv - ok
10:24:33.0823 7024 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
10:24:33.0823 7024 tunmp - ok
10:24:33.0885 7024 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
10:24:33.0916 7024 tunnel - ok
10:24:33.0963 7024 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
10:24:33.0979 7024 TVALZ - ok
10:24:34.0026 7024 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
10:24:34.0041 7024 uagp35 - ok
10:24:34.0119 7024 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
10:24:34.0150 7024 udfs - ok
10:24:34.0213 7024 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
10:24:34.0228 7024 UI0Detect - ok
10:24:34.0338 7024 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
10:24:34.0353 7024 UleadBurningHelper - ok
10:24:34.0384 7024 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
10:24:34.0400 7024 uliagpkx - ok
10:24:34.0462 7024 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
10:24:34.0494 7024 uliahci - ok
10:24:34.0540 7024 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
10:24:34.0556 7024 UlSata - ok
10:24:34.0587 7024 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
10:24:34.0618 7024 ulsata2 - ok
10:24:34.0665 7024 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
10:24:34.0681 7024 umbus - ok
10:24:34.0743 7024 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
10:24:34.0759 7024 upnphost - ok
10:24:34.0806 7024 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys
10:24:34.0837 7024 USBAAPL - ok
10:24:34.0884 7024 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
10:24:34.0899 7024 usbccgp - ok
10:24:34.0930 7024 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
10:24:34.0946 7024 usbcir - ok
10:24:35.0008 7024 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
10:24:35.0024 7024 usbehci - ok
10:24:35.0055 7024 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
10:24:35.0071 7024 usbhub - ok
10:24:35.0118 7024 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
10:24:35.0118 7024 usbohci - ok
10:24:35.0164 7024 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
10:24:35.0180 7024 usbprint - ok
10:24:35.0227 7024 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
10:24:35.0242 7024 usbscan - ok
10:24:35.0289 7024 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:24:35.0305 7024 USBSTOR - ok
10:24:35.0367 7024 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
10:24:35.0383 7024 usbuhci - ok
10:24:35.0430 7024 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
10:24:35.0461 7024 usbvideo - ok
10:24:35.0508 7024 UVCFTR (3b929a72aaea96dc0150d3a6da268c89) C:\Windows\system32\Drivers\UVCFTR_S.SYS
10:24:35.0508 7024 UVCFTR - ok
10:24:35.0554 7024 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
10:24:35.0570 7024 UxSms - ok
10:24:35.0664 7024 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
10:24:35.0679 7024 vds - ok
10:24:35.0726 7024 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
10:24:35.0742 7024 vga - ok
10:24:35.0773 7024 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
10:24:35.0788 7024 VgaSave - ok
10:24:35.0820 7024 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
10:24:35.0835 7024 viaagp - ok
10:24:35.0866 7024 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
10:24:35.0882 7024 ViaC7 - ok
10:24:35.0898 7024 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
10:24:35.0913 7024 viaide - ok
10:24:35.0960 7024 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
10:24:35.0960 7024 volmgr - ok
10:24:36.0038 7024 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
10:24:36.0054 7024 volmgrx - ok
10:24:36.0116 7024 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
10:24:36.0116 7024 volsnap - ok
10:24:36.0163 7024 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
10:24:36.0194 7024 vsmraid - ok
10:24:36.0397 7024 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
10:24:36.0412 7024 VSS - ok
10:24:36.0490 7024 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
10:24:36.0506 7024 W32Time - ok
10:24:36.0584 7024 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
10:24:36.0600 7024 WacomPen - ok
10:24:36.0646 7024 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:24:36.0662 7024 Wanarp - ok
10:24:36.0662 7024 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
10:24:36.0678 7024 Wanarpv6 - ok
10:24:36.0771 7024 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
10:24:36.0771 7024 wcncsvc - ok
10:24:36.0802 7024 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
10:24:36.0818 7024 WcsPlugInService - ok
10:24:36.0834 7024 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
10:24:36.0849 7024 Wd - ok
10:24:36.0958 7024 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
10:24:36.0990 7024 Wdf01000 - ok
10:24:37.0036 7024 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:24:37.0036 7024 WdiServiceHost - ok
10:24:37.0036 7024 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
10:24:37.0052 7024 WdiSystemHost - ok
10:24:37.0114 7024 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
10:24:37.0130 7024 WebClient - ok
10:24:37.0192 7024 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
10:24:37.0192 7024 Wecsvc - ok
10:24:37.0239 7024 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
10:24:37.0255 7024 wercplsupport - ok
10:24:37.0302 7024 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
10:24:37.0302 7024 WerSvc - ok
10:24:37.0317 7024 WinHttpAutoProxySvc - ok
10:24:37.0411 7024 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
10:24:37.0426 7024 Winmgmt - ok
10:24:37.0676 7024 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
10:24:37.0723 7024 WinRM - ok
10:24:37.0848 7024 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
10:24:37.0863 7024 Wlansvc - ok
10:24:38.0175 7024 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:24:38.0846 7024 wlidsvc - ok
10:24:39.0064 7024 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
10:24:39.0080 7024 WmiAcpi - ok
10:24:39.0158 7024 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
10:24:39.0174 7024 wmiApSrv - ok
10:24:39.0392 7024 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
10:24:39.0439 7024 WMPNetworkSvc - ok
10:24:39.0470 7024 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
10:24:39.0486 7024 WPCSvc - ok
10:24:39.0532 7024 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
10:24:39.0532 7024 WPDBusEnum - ok
10:24:39.0673 7024 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
10:24:39.0688 7024 WpdUsb - ok
10:24:39.0735 7024 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
10:24:39.0751 7024 ws2ifsl - ok
10:24:39.0798 7024 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
10:24:39.0798 7024 wscsvc - ok
10:24:39.0813 7024 WSearch - ok
10:24:39.0891 7024 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:24:39.0922 7024 WUDFRd - ok
10:24:39.0938 7024 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
10:24:39.0938 7024 wudfsvc - ok
10:24:39.0969 7024 Wuhmirppac - ok
10:24:40.0032 7024 ZTEusbmdm6k (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
10:24:40.0078 7024 ZTEusbmdm6k - ok
10:24:40.0110 7024 ZTEusbnet (c7f13366969b1633e1ec21ebc40fea13) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
10:24:40.0125 7024 ZTEusbnet - ok
10:24:40.0172 7024 ZTEusbnmea (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
10:24:40.0188 7024 ZTEusbnmea - ok
10:24:40.0234 7024 ZTEusbser6k (4692a3e087cf018808f376a3cc2128fa) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
10:24:40.0250 7024 ZTEusbser6k - ok
10:24:40.0297 7024 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
10:24:40.0890 7024 \Device\Harddisk0\DR0 - ok
10:24:40.0890 7024 Boot (0x1200) (6438a67331530e8914c109f034377df0) \Device\Harddisk0\DR0\Partition0
10:24:40.0890 7024 \Device\Harddisk0\DR0\Partition0 - ok
10:24:40.0890 7024 ============================================================
10:24:40.0890 7024 Scan finished
10:24:40.0890 7024 ============================================================
10:24:40.0921 10440 Detected object count: 1
10:24:40.0921 10440 Actual detected object count: 1
10:27:58.0417 10440 fdguivoctewfwaf ( LockedFile.Multi.Generic ) - User select action: Quarantine

the second scans log is below

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-15 10:32:40
-----------------------------
10:32:40.750 OS Version: Windows 6.0.6002 Service Pack 2
10:32:40.750 Number of processors: 2 586 0xF0D
10:32:40.765 ComputerName: LUKE-PC UserName: Luke
10:32:48.472 Initialize success
10:38:22.253 AVAST engine defs: 12071402
10:38:30.147 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
10:38:30.147 Disk 0 Vendor: FUJITSU_MHY2250BH 0040020B Size: 238475MB BusType: 3
10:38:30.209 Disk 0 MBR read successfully
10:38:30.209 Disk 0 MBR scan
10:38:30.225 Disk 0 Windows VISTA default MBR code
10:38:30.256 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
10:38:30.303 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 236974 MB offset 3074048
10:38:30.334 Disk 0 scanning sectors +488396800
10:38:30.490 Disk 0 scanning C:\Windows\system32\drivers
10:38:58.511 Service scanning
10:39:45.545 Modules scanning
10:39:58.149 Disk 0 trace - called modules:
10:39:58.196 ntkrnlpa.exe CLASSPNP.SYS disk.sys sfsync02.sys hal.dll ataport.SYS PCIIDEX.SYS msahci.sys
10:39:58.212 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86053780]
10:39:58.212 3 CLASSPNP.SYS[83b5f8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x85e728a0]
10:39:58.227 \Driver\atapi[0x85e0d030] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync02.sys[0x807db8b4]
10:40:00.146 AVAST engine scan C:\Windows
10:40:08.305 AVAST engine scan C:\Windows\system32
10:48:10.300 AVAST engine scan C:\Windows\system32\drivers
10:48:47.724 AVAST engine scan C:\Users\Luke
11:20:29.949 AVAST engine scan C:\ProgramData
11:23:24.700 Scan finished successfully
11:25:05.673 Disk 0 MBR has been saved successfully to "C:\Users\Luke\Desktop\MBR.dat"
11:25:05.673 The log file has been saved successfully to "C:\Users\Luke\Desktop\aswMBR.txt"

and finally the ESET log
C:\Users\Luke\Desktop\Nero 8\Toolbar.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined
C:\Users\Luke\Desktop\Nero 8\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined
C:\Windows\Installer\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}\U\80000000.@ a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}\U\800000cb.@ probably a variant of Win32/Agent.TEO trojan cleaned by deleting - quarantined
C:\Windows\System32\services.exe Win32/Sirefef.FB.Gen trojan unable to clean

thanks again

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:42 AM

Posted 15 July 2012 - 08:39 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Edited by narenxp, 15 July 2012 - 08:39 AM.


#5 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 17 July 2012 - 04:19 AM

Narenxp,

After 3 runs with the antimalware program, I got a clean bill of health! All the other logs as requested are below.

1. system look log

ystemLook 30.07.11 by jpshortstuff
Log created at 20:21 on 16/07/2012 by Luke
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 279552 bytes [11:54 24/09/2009] [06:27 11/04/2009] 8737764F4FD36D6808EE80578409C843
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe --a---- 279552 bytes [08:35 02/11/2006] [09:45 02/11/2006] 329CF3C97CE4C19375C8ABCABAE258B0
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [11:46 04/08/2008] [07:33 19/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [11:54 24/09/2009] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B

========== folderfind ==========

Searching for "{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}"
C:\Users\Luke\AppData\Local\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9} d--hs-- [11:20 11/01/2012]
C:\Windows\Installer\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9} d--hs-- [11:20 11/01/2012]

Searching for " "
No folders found.

-= EOF =-


2. After 3 runs with the antimalware program, I got a clean bill of health!

3. Minitoolbox log
MiniToolBox by Farbar Version: 15-07-2012
Ran by Luke (administrator) on 17-07-2012 at 19:10:28
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

ZTE Wireless Ethernet Adapter = Local Area Connection 4 (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=128 icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Luke-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 4:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : ZTE Wireless Ethernet Adapter
Physical Address. . . . . . . . . : 00-A0-C6-00-00-00
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::61e9:7f61:612:8eac%32(Preferred)
IPv4 Address. . . . . . . . . . . : 124.177.170.66(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Lease Obtained. . . . . . . . . . : Tuesday, 17 July 2012 7:07:21 PM
Lease Expires . . . . . . . . . . : Tuesday, 17 July 2012 9:07:21 PM
Default Gateway . . . . . . . . . : 124.177.170.65
DHCP Server . . . . . . . . . . . : 124.177.170.65
DHCPv6 IAID . . . . . . . . . . . : 637575366
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-F9-CD-4A-00-1B-38-AF-A5-D6
DNS Servers . . . . . . . . . . . : 61.9.211.1
61.9.194.49
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-1D-E0-4C-2A-59
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-1B-38-AF-A5-D6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{43F84A3A-6C94-45FC-ABB6-486EDD46F48A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 10:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{43F84A3A-6C94-45FC-ABB6-486EDD46F48A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{2834E2BC-F460-4B8E-A197-F60CF653B3D4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{A92E1867-E526-4CDE-A7A5-14243E81F30C}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cust.woo.bigpond.net.au
Address: 61.9.211.1

Name: google.com
Addresses: 2404:6800:4006:804::1008
74.125.237.129
74.125.237.131
74.125.237.128
74.125.237.135
74.125.237.133
74.125.237.136
74.125.237.142
74.125.237.132
74.125.237.134
74.125.237.137
74.125.237.130

Pinging google.com [74.125.237.132] with 32 bytes of data:Reply from 74.125.237.132: bytes=32 time=120ms TTL=53Reply from 74.125.237.132: bytes=32 time=228ms TTL=52Ping statistics for 74.125.237.132: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 120ms, Maximum = 228ms, Average = 174msServer: dns-cust.woo.bigpond.net.au
Address: 61.9.211.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:Reply from 98.139.183.24: bytes=32 time=394ms TTL=44Reply from 98.139.183.24: bytes=32 time=305ms TTL=44Ping statistics for 98.139.183.24: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 305ms, Maximum = 394ms, Average = 349msServer: dns-cust.woo.bigpond.net.au
Address: 61.9.211.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
32 ...00 a0 c6 00 00 00 ...... ZTE Wireless Ethernet Adapter
9 ...00 1d e0 4c 2a 59 ...... Intel® Wireless WiFi Link 4965AGN
8 ...00 1b 38 af a5 d6 ...... Realtek PCIe GBE Family Controller
1 ........................... Software Loopback Interface 1
29 ...00 00 00 00 00 00 00 e0 isatap.{43F84A3A-6C94-45FC-ABB6-486EDD46F48A}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
30 ...00 00 00 00 00 00 00 e0 isatap.{43F84A3A-6C94-45FC-ABB6-486EDD46F48A}
27 ...00 00 00 00 00 00 00 e0 isatap.{2834E2BC-F460-4B8E-A197-F60CF653B3D4}
28 ...00 00 00 00 00 00 00 e0 isatap.{A92E1867-E526-4CDE-A7A5-14243E81F30C}
31 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 124.177.170.65 124.177.170.66 30
124.177.170.64 255.255.255.252 On-link 124.177.170.66 286
124.177.170.66 255.255.255.255 On-link 124.177.170.66 286
124.177.170.67 255.255.255.255 On-link 124.177.170.66 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 124.177.170.66 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 124.177.170.66 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
32 286 fe80::/64 On-link
32 286 fe80::61e9:7f61:612:8eac/128
On-link
1 306 ff00::/8 On-link
32 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Windows\system32\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/17/2012 07:04:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31485650

Error: (07/17/2012 07:04:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31485650

Error: (07/17/2012 07:04:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/15/2012 02:52:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1377988

Error: (07/15/2012 02:52:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1377988

Error: (07/15/2012 02:52:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/15/2012 02:52:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1376911

Error: (07/15/2012 02:52:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1376911

Error: (07/15/2012 02:52:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/15/2012 02:52:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1370983


System errors:
=============
Error: (07/17/2012 07:34:55 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/17/2012 07:34:55 AM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (07/17/2012 07:34:15 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:33:10 AM on 17/07/2012 was unexpected.

Error: (07/17/2012 07:20:02 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/17/2012 07:20:02 AM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (07/16/2012 11:00:00 PM) (Source: Dhcp) (User: )
Description: The IP address lease 120.146.64.218 for the Network Card with network address 00A0C6000000 has been denied by the DHCP server 124.185.233.157 (The DHCP Server sent a DHCPNACK message).

Error: (07/16/2012 10:59:25 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/16/2012 10:59:25 PM) (Source: Service Control Manager) (User: )
Description: Windows Firewall5 (0x5)

Error: (07/16/2012 10:58:56 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:57:22 PM on 16/07/2012 was unexpected.

Error: (07/16/2012 10:51:08 PM) (Source: Dhcp) (User: )
Description: The IP address lease 124.185.145.182 for the Network Card with network address 00A0C6000000 has been denied by the DHCP server 120.146.64.217 (The DHCP Server sent a DHCPNACK message).


Microsoft Office Sessions:
=========================
Error: (06/11/2009 00:24:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6425.1000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21034 seconds with 15780 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 2.7.0.19480)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player (Version: 10.1.4.20)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
µTorrent (Version: 1.8.2)
AVerMedia USB Hybrid Capture Device 1.3.0.67 (Version: 1.3.0.67)
Bejeweled 2 Deluxe (Version: WT022084)
BigPond Wireless Broadband 2.13.16 (Version: 2.13.16)
Blackhawk Striker 2 (Version: WT022085)
Blasterball 3 (Version: WT022086)
Bluetooth Monitor 3 (Version: 3.01.000)
Bonjour (Version: 3.0.0.10)
Call of Duty® 4 - Modern Warfare™ (Version: 1.00.0000)
Camera Assistant Software for Toshiba (Version: 1.7.140.0517)
Canon Easy-PhotoPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon My Printer
Canon Solution Menu EX
CD/DVD Drive Acoustic Silencer (Version: 2.00.03)
ConvertXtoDVD 3.1.0.24 (Version: 3.1.0.24)
Desktop Dialer
Diner Dash - Flo on the Go (Version: WT022087)
DVD MovieFactory for TOSHIBA (Version: 5.3)
DVD Shrink 3.2
Epi Info (Version: 3.3.2)
ESET Online Scanner v3
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
GameSpy Comrade (Version: 1.5.0.156)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
iCloud (Version: 1.0.1.29)
IFA_Moore (Shared Components) (Version: 2.40.0)
Intel® PROSet/Wireless Software (Version: 11.01.0000)
iTunes (Version: 10.6.3.25)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
K-Lite Mega Codec Pack 1.00 (Version: 1.00)
KB Hybrid (Version: 1.01.000)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MCE Software Encoder 1.1 (Version: 1.1.0.1509)
mCore (Version: 9.09.0000)
Media Player Codec Pack 3.2.0
mHelp (Version: 9.09.0000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
Microsoft XML Parser (Version: 8.20.8730.4)
mMHouse (Version: 9.09.0000)
mPfMgr (Version: 9.09.0000)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 8 (Version: 8.0.182)
NVIDIA Drivers
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
oggcodecs 0.71.0946 (Version: 0.71.0946)
Paint.NET v3.22 (Version: 3.22.1)
Penguins! (Version: WT022091)
Picasa 2 (Version: 2.0)
Polar Bowler (Version: WT022092)
Polar Golfer (Version: WT022093)
Protector Suite QL 5.6 (Version: 5.6.0.3284)
PunkBuster Services (Version: 0.986)
QuickTime (Version: 7.72.80.56)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5423)
Safari (Version: 5.33.21.1)
SimHID Setup (Version: 3.06.0002)
TagTuner 1.9
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0001)
TIPCI (Version: 2.00.0001)
TOSHIBA Assist (Version: 2.01.02)
TOSHIBA ConfigFree (Version: 7.00.29)
TOSHIBA Disc Creator (Version: 2.0.0.8)
TOSHIBA DVD PLAYER (Version: 1.00.21)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Flash Cards Support Utility (Version: 1.48.0.3C)
TOSHIBA Game Console
TOSHIBA Hardware Setup (Version: 1.48.0.11C)
TOSHIBA Media Center Game Console
TOSHIBA Music (Version: 1.00.1)
Toshiba Registration (Version: 1.00.0000)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD03))
TOSHIBA Software Upgrades (Version: 4.2)
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password (Version: 1.48.0.8C)
TOSHIBA Value Added Package (Version: 1.0.24)
Trend Micro Titanium (Version: 5.00)
Trend Micro Titanium Maximum Security 2012 (Version: 5.2)
Uniblue RegistryBooster 2
Uniblue SpeedUpMyPC 3
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Utility Common Driver (Version: 0.0.50.7C)
VideoLAN VLC media player 0.8.5 (Version: 0.8.5)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.3374)
WinRAR archiver
XviD & MP3 Codec Pack (remove only)
XviD MPEG-4 Video Codec (Version: XviD-1.0.3-20122004)

========================= Memory info: ===================================

Percentage of memory in use: 55%
Total physical RAM: 2045.69 MB
Available physical RAM: 910.65 MB
Total Pagefile: 4330.62 MB
Available Pagefile: 2977.08 MB
Total Virtual: 2047.88 MB
Available Virtual: 1946.09 MB

========================= Partitions: =====================================

1 Drive c: (SQ004441V05) (Fixed) (Total:231.42 GB) (Free:150.45 GB) NTFS

========================= Users: ========================================

User accounts for \\LUKE-PC

Administrator ASPNET Guest
Luke luke2


**** End of log ****

4. FSS log
Farbar Service Scanner Version: 08-07-2012
Ran by Luke (administrator) on 17-07-2012 at 19:13:13
Running from "C:\Users\Luke\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-12 12:36] - [2012-03-30 22:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:42 AM

Posted 17 July 2012 - 06:33 AM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Luke\AppData\Local\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}
C:\Windows\Installer\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}

delete both the folders


Press Windows+R key and type

notepad and click ok

copy this script and paste in notepad
@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:sevices.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Post the new system look log

Create a restore point before trying this

Download

MpsSvc
BFE
wscsvc
defender


Launch them ,click YES when you get UAC prompt

restart the PC and post the new FSS log

Edited by narenxp, 18 July 2012 - 07:31 AM.


#7 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 17 July 2012 - 07:33 AM

thanks,

I cannot delete C:\Windows\Installer\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}. It says I need permission to access this folder. I am the only user of this computer so thats a little odd. The other folder was deleted no problem.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:42 AM

Posted 17 July 2012 - 07:41 AM

Restart the PC and delete the folder :thumbup2:

#9 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 18 July 2012 - 04:33 AM

Still no joy there unfortunately. Even after a restart or two, it still says i need permission to delete the folder. Subsequently I cannot do this.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:42 AM

Posted 18 July 2012 - 04:38 AM

Skip it and finish the other instructions

#11 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 18 July 2012 - 05:34 AM

Ok, i ran the services.bat file as requested but the system look won't run, it says "script required" when I click on "look"

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:42 AM

Posted 18 July 2012 - 06:39 AM

You could have used the previous script

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}

Click on LOOK,post the generated log



#13 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 18 July 2012 - 06:54 AM

OK thanks. here is the second system look log.

SystemLook 30.07.11 by jpshortstuff
Log created at 21:49 on 18/07/2012 by Luke
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 279552 bytes [11:54 24/09/2009] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe --a---- 279552 bytes [08:35 02/11/2006] [09:45 02/11/2006] 329CF3C97CE4C19375C8ABCABAE258B0
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe --a---- 279040 bytes [11:46 04/08/2008] [07:33 19/01/2008] 2B336AB6286D6C81FA02CBAB914E3C6C
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe --a---- 279552 bytes [11:54 24/09/2009] [06:27 11/04/2009] D4E6D91C1349B7BFB3599A6ADA56851B

========== folderfind ==========

Searching for "{9ccf0b34-4058-27d0-c5a6-b19797c35ce9}"
C:\Windows\Installer\{9ccf0b34-4058-27d0-c5a6-b19797c35ce9} d--hs-- [11:20 11/01/2012]

Searching for " "
No folders found.

-= EOF =-

I will now download and run the 4 programs as requested and let you know

#14 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 18 July 2012 - 07:10 AM

FSS log

Farbar Service Scanner Version: 08-07-2012
Ran by Luke (administrator) on 18-07-2012 at 22:08:41
Running from "C:\Users\Luke\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================

#15 lukehol

lukehol
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:42 PM

Posted 18 July 2012 - 07:13 AM

FSS log take 2 - i think i missed copying some data


Farbar Service Scanner Version: 08-07-2012
Ran by Luke (administrator) on 18-07-2012 at 22:12:42
Running from "C:\Users\Luke\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-05-12 12:36] - [2012-03-30 22:39] - 0905600 ____A (Microsoft Corporation) 27D470DABC77BC60D0A3B0E4DEB6CB91

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users