Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

redirect click searches in bing


  • Please log in to reply
14 replies to this topic

#1 discoduck

discoduck

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 16 July 2012 - 09:35 AM

ok recently, yesterday i open my internet explorer and found it had incredibar search instead of my original msn homepage. i did a avg scan and nothing and superantispyware did not find it. i downloaded spybot search and destroy and it found it plus 2 more. i thought everything was okay until later my avg found trojans that i quarantined. later at night i searched bing again and when i opened a link i am redirected to something called fast click and random webpages i'm not sure what to do to get rid of this stuff on my laptop

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:57 PM

Posted 16 July 2012 - 09:35 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 discoduck

discoduck
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 16 July 2012 - 04:11 PM

here is what you asked for i hope
TDSSkiller

11:15:55.0305 5600 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
11:15:55.0727 5600 ============================================================
11:15:55.0727 5600 Current date / time: 2012/07/16 11:15:55.0727
11:15:55.0727 5600 SystemInfo:
11:15:55.0727 5600
11:15:55.0727 5600 OS Version: 6.1.7601 ServicePack: 1.0
11:15:55.0727 5600 Product type: Workstation
11:15:55.0727 5600 ComputerName: RASHAD-HP
11:15:55.0727 5600 UserName: rashad
11:15:55.0727 5600 Windows directory: C:\Windows
11:15:55.0727 5600 System windows directory: C:\Windows
11:15:55.0727 5600 Running under WOW64
11:15:55.0727 5600 Processor architecture: Intel x64
11:15:55.0727 5600 Number of processors: 2
11:15:55.0727 5600 Page size: 0x1000
11:15:55.0727 5600 Boot type: Normal boot
11:15:55.0727 5600 ============================================================
11:15:59.0627 5600 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:15:59.0642 5600 Drive \Device\Harddisk1\DR2 - Size: 0xF35EE400 (3.80 Gb), SectorSize: 0x400, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:15:59.0767 5600 ============================================================
11:15:59.0767 5600 \Device\Harddisk0\DR0:
11:15:59.0767 5600 MBR partitions:
11:15:59.0767 5600 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
11:15:59.0767 5600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37B9C000
11:15:59.0767 5600 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x37C00000, BlocksNum 0x2752000
11:15:59.0767 5600 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
11:15:59.0767 5600 \Device\Harddisk1\DR2:
11:15:59.0767 5600 MBR partitions:
11:15:59.0767 5600 ============================================================
11:15:59.0970 5600 C: <-> \Device\Harddisk0\DR0\Partition1
11:16:00.0266 5600 D: <-> \Device\Harddisk0\DR0\Partition2
11:16:00.0313 5600 F: <-> \Device\Harddisk0\DR0\Partition3
11:16:00.0313 5600 ============================================================
11:16:00.0313 5600 Initialize success
11:16:00.0313 5600 ============================================================
11:16:44.0243 8092 ============================================================
11:16:44.0243 8092 Scan started
11:16:44.0243 8092 Mode: Manual; TDLFS;
11:16:44.0243 8092 ============================================================
11:16:46.0037 8092 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:16:46.0037 8092 1394ohci - ok
11:16:46.0208 8092 Accelerometer (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
11:16:46.0224 8092 Accelerometer - ok
11:16:46.0302 8092 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:16:46.0349 8092 ACPI - ok
11:16:46.0458 8092 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:16:46.0458 8092 AcpiPmi - ok
11:16:47.0004 8092 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:16:47.0019 8092 AdobeFlashPlayerUpdateSvc - ok
11:16:47.0503 8092 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:16:47.0534 8092 adp94xx - ok
11:16:48.0236 8092 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:16:48.0267 8092 adpahci - ok
11:16:48.0361 8092 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:16:48.0392 8092 adpu320 - ok
11:16:48.0455 8092 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:16:48.0455 8092 AeLookupSvc - ok
11:16:48.0673 8092 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
11:16:48.0689 8092 AESTFilters - ok
11:16:48.0860 8092 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
11:16:48.0907 8092 AFD - ok
11:16:48.0969 8092 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:16:48.0985 8092 agp440 - ok
11:16:49.0063 8092 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:16:49.0063 8092 ALG - ok
11:16:49.0188 8092 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:16:49.0203 8092 aliide - ok
11:16:49.0453 8092 AMD External Events Utility (f233afd413a378e54a41f115c4d7b45a) C:\Windows\system32\atiesrxx.exe
11:16:49.0484 8092 AMD External Events Utility - ok
11:16:49.0547 8092 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:16:49.0547 8092 amdide - ok
11:16:49.0687 8092 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:16:49.0718 8092 AmdK8 - ok
11:16:50.0420 8092 amdkmdag (4efcad891762e4620dadbcc0d8b0cc08) C:\Windows\system32\DRIVERS\atipmdag.sys
11:16:50.0654 8092 amdkmdag - ok
11:16:50.0966 8092 amdkmdap (38b1e1acd54d7671a6a3e96e6bbf2bff) C:\Windows\system32\DRIVERS\atikmpag.sys
11:16:50.0982 8092 amdkmdap - ok
11:16:51.0060 8092 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:16:51.0060 8092 AmdPPM - ok
11:16:51.0122 8092 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:16:51.0138 8092 amdsata - ok
11:16:51.0200 8092 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:16:51.0247 8092 amdsbs - ok
11:16:51.0325 8092 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:16:51.0341 8092 amdxata - ok
11:16:51.0450 8092 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:16:51.0465 8092 AppID - ok
11:16:51.0606 8092 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:16:51.0621 8092 AppIDSvc - ok
11:16:51.0715 8092 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
11:16:51.0762 8092 Appinfo - ok
11:16:51.0902 8092 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:16:51.0918 8092 arc - ok
11:16:52.0011 8092 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:16:52.0027 8092 arcsas - ok
11:16:52.0167 8092 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:16:52.0183 8092 AsyncMac - ok
11:16:52.0245 8092 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:16:52.0245 8092 atapi - ok
11:16:52.0760 8092 athr (40734f3a5eec4c4ac6a1faf10b293714) C:\Windows\system32\DRIVERS\athrx.sys
11:16:52.0854 8092 athr - ok
11:16:53.0493 8092 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
11:16:53.0509 8092 AtiHdmiService - ok
11:16:53.0634 8092 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
11:16:53.0634 8092 AtiPcie - ok
11:16:53.0868 8092 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:16:53.0899 8092 AudioEndpointBuilder - ok
11:16:53.0915 8092 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
11:16:53.0930 8092 AudioSrv - ok
11:16:54.0398 8092 AVG Security Toolbar Service (3a457c2f798cad79cd30224e723e01fb) C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
11:16:54.0445 8092 AVG Security Toolbar Service - ok
11:16:55.0365 8092 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:16:55.0521 8092 AVGIDSAgent - ok
11:16:56.0083 8092 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:16:56.0083 8092 AVGIDSDriver - ok
11:16:56.0208 8092 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:16:56.0208 8092 AVGIDSFilter - ok
11:16:56.0333 8092 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
11:16:56.0333 8092 AVGIDSHA - ok
11:16:56.0925 8092 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
11:16:56.0972 8092 Avgldx64 - ok
11:16:57.0035 8092 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
11:16:57.0035 8092 Avgmfx64 - ok
11:16:57.0253 8092 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
11:16:57.0253 8092 Avgrkx64 - ok
11:16:57.0347 8092 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
11:16:57.0347 8092 Avgtdia - ok
11:16:57.0705 8092 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:16:57.0705 8092 avgwd - ok
11:16:57.0861 8092 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
11:16:57.0877 8092 AxInstSV - ok
11:16:58.0002 8092 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:16:58.0017 8092 b06bdrv - ok
11:16:58.0283 8092 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:16:58.0345 8092 b57nd60a - ok
11:16:59.0468 8092 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
11:16:59.0499 8092 BBSvc - ok
11:16:59.0733 8092 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:16:59.0749 8092 BDESVC - ok
11:16:59.0905 8092 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:16:59.0905 8092 Beep - ok
11:17:00.0389 8092 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
11:17:00.0420 8092 BFE - ok
11:17:00.0638 8092 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
11:17:00.0716 8092 BITS - ok
11:17:00.0810 8092 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:17:00.0825 8092 blbdrive - ok
11:17:01.0091 8092 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:17:01.0106 8092 bowser - ok
11:17:01.0153 8092 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:17:01.0153 8092 BrFiltLo - ok
11:17:01.0215 8092 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:17:01.0215 8092 BrFiltUp - ok
11:17:01.0325 8092 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
11:17:01.0340 8092 Browser - ok
11:17:01.0403 8092 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:17:01.0418 8092 Brserid - ok
11:17:01.0574 8092 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:17:01.0590 8092 BrSerWdm - ok
11:17:01.0715 8092 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:17:01.0715 8092 BrUsbMdm - ok
11:17:01.0777 8092 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:17:01.0777 8092 BrUsbSer - ok
11:17:01.0839 8092 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:17:01.0839 8092 BTHMODEM - ok
11:17:01.0917 8092 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:17:01.0917 8092 bthserv - ok
11:17:01.0980 8092 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:17:01.0980 8092 cdfs - ok
11:17:02.0073 8092 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
11:17:02.0089 8092 cdrom - ok
11:17:02.0323 8092 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:17:02.0339 8092 CertPropSvc - ok
11:17:02.0682 8092 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
11:17:02.0729 8092 CinemaNow Service - ok
11:17:02.0885 8092 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:17:02.0900 8092 circlass - ok
11:17:02.0963 8092 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:17:02.0978 8092 CLFS - ok
11:17:03.0134 8092 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:17:03.0165 8092 clr_optimization_v2.0.50727_32 - ok
11:17:03.0368 8092 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:17:03.0368 8092 clr_optimization_v2.0.50727_64 - ok
11:17:03.0587 8092 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:17:03.0602 8092 clr_optimization_v4.0.30319_32 - ok
11:17:03.0899 8092 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:17:03.0914 8092 clr_optimization_v4.0.30319_64 - ok
11:17:04.0024 8092 clwvd (9573e8c7c3b3d1625fd941841fd0859c) C:\Windows\system32\DRIVERS\clwvd.sys
11:17:04.0055 8092 clwvd - ok
11:17:04.0180 8092 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:17:04.0180 8092 CmBatt - ok
11:17:04.0226 8092 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:17:04.0226 8092 cmdide - ok
11:17:04.0866 8092 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
11:17:04.0897 8092 CNG - ok
11:17:05.0006 8092 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:17:05.0006 8092 Compbatt - ok
11:17:05.0178 8092 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:17:05.0209 8092 CompositeBus - ok
11:17:05.0225 8092 COMSysApp - ok
11:17:05.0334 8092 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:17:05.0381 8092 crcdisk - ok
11:17:05.0958 8092 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
11:17:05.0989 8092 CryptSvc - ok
11:17:06.0598 8092 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:17:06.0644 8092 cvhsvc - ok
11:17:07.0612 8092 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:17:07.0674 8092 DcomLaunch - ok
11:17:08.0860 8092 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:17:08.0891 8092 defragsvc - ok
11:17:08.0953 8092 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:17:09.0000 8092 DfsC - ok
11:17:09.0140 8092 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
11:17:09.0156 8092 Dhcp - ok
11:17:09.0187 8092 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:17:09.0203 8092 discache - ok
11:17:09.0281 8092 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:17:09.0281 8092 Disk - ok
11:17:09.0359 8092 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
11:17:09.0374 8092 Dnscache - ok
11:17:09.0421 8092 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
11:17:09.0437 8092 dot3svc - ok
11:17:09.0530 8092 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
11:17:09.0530 8092 Dot4 - ok
11:17:09.0655 8092 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:17:09.0671 8092 Dot4Print - ok
11:17:09.0686 8092 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
11:17:09.0686 8092 dot4usb - ok
11:17:10.0030 8092 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
11:17:10.0045 8092 DPS - ok
11:17:10.0108 8092 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:17:10.0108 8092 drmkaud - ok
11:17:10.0232 8092 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:17:10.0279 8092 DXGKrnl - ok
11:17:10.0342 8092 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:17:10.0388 8092 EapHost - ok
11:17:10.0763 8092 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:17:10.0872 8092 ebdrv - ok
11:17:11.0059 8092 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
11:17:11.0059 8092 EFS - ok
11:17:11.0200 8092 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
11:17:11.0231 8092 ehRecvr - ok
11:17:11.0262 8092 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:17:11.0309 8092 ehSched - ok
11:17:11.0465 8092 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:17:11.0512 8092 elxstor - ok
11:17:11.0543 8092 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:17:11.0543 8092 ErrDev - ok
11:17:11.0730 8092 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:17:11.0761 8092 EventSystem - ok
11:17:11.0886 8092 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:17:11.0917 8092 exfat - ok
11:17:11.0948 8092 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:17:11.0964 8092 fastfat - ok
11:17:12.0058 8092 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
11:17:12.0089 8092 Fax - ok
11:17:12.0136 8092 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:17:12.0198 8092 fdc - ok
11:17:12.0260 8092 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:17:12.0276 8092 fdPHost - ok
11:17:12.0307 8092 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:17:12.0338 8092 FDResPub - ok
11:17:12.0448 8092 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:17:12.0448 8092 FileInfo - ok
11:17:12.0463 8092 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:17:12.0479 8092 Filetrace - ok
11:17:12.0494 8092 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:17:12.0510 8092 flpydisk - ok
11:17:12.0557 8092 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:17:12.0572 8092 FltMgr - ok
11:17:12.0728 8092 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
11:17:12.0775 8092 FontCache - ok
11:17:13.0196 8092 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:17:13.0196 8092 FontCache3.0.0.0 - ok
11:17:13.0259 8092 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:17:13.0274 8092 FsDepends - ok
11:17:13.0321 8092 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
11:17:13.0337 8092 fssfltr - ok
11:17:13.0555 8092 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:17:13.0618 8092 fsssvc - ok
11:17:13.0758 8092 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
11:17:13.0774 8092 Fs_Rec - ok
11:17:13.0852 8092 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:17:13.0867 8092 fvevol - ok
11:17:13.0930 8092 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:17:13.0930 8092 gagp30kx - ok
11:17:14.0132 8092 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:17:14.0148 8092 GamesAppService - ok
11:17:14.0242 8092 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
11:17:14.0288 8092 gpsvc - ok
11:17:14.0413 8092 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:17:14.0429 8092 hcw85cir - ok
11:17:14.0507 8092 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:17:14.0522 8092 HdAudAddService - ok
11:17:14.0616 8092 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:17:14.0647 8092 HDAudBus - ok
11:17:14.0772 8092 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:17:14.0803 8092 HidBatt - ok
11:17:14.0834 8092 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:17:14.0866 8092 HidBth - ok
11:17:14.0897 8092 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:17:14.0897 8092 HidIr - ok
11:17:14.0944 8092 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
11:17:14.0959 8092 hidserv - ok
11:17:15.0115 8092 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:17:15.0131 8092 HidUsb - ok
11:17:15.0178 8092 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
11:17:15.0193 8092 hkmsvc - ok
11:17:15.0708 8092 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
11:17:15.0739 8092 HomeGroupListener - ok
11:17:15.0802 8092 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
11:17:15.0833 8092 HomeGroupProvider - ok
11:17:15.0989 8092 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
11:17:15.0989 8092 HP Wireless Assistant Service - ok
11:17:16.0020 8092 hpdskflt (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
11:17:16.0067 8092 hpdskflt - ok
11:17:16.0192 8092 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:17:16.0301 8092 hpqcxs08 - ok
11:17:16.0348 8092 hpqddsvc (f3f72a2a86c22610bca5439fa789dd52) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:17:16.0348 8092 hpqddsvc - ok
11:17:16.0831 8092 hpqwmiex (09fbd4c4db2fd84b9ab1c5bfdcc95559) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
11:17:16.0862 8092 hpqwmiex - ok
11:17:17.0362 8092 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:17:17.0362 8092 HpSAMD - ok
11:17:17.0518 8092 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:17:17.0549 8092 HPSLPSVC - ok
11:17:17.0596 8092 hpsrv (aa036cc5f5221d9b915f4d4dce74ba9a) C:\Windows\system32\Hpservice.exe
11:17:17.0596 8092 hpsrv - ok
11:17:17.0674 8092 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
11:17:17.0674 8092 HPWMISVC - ok
11:17:17.0767 8092 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:17:17.0830 8092 HTTP - ok
11:17:17.0892 8092 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:17:17.0892 8092 hwpolicy - ok
11:17:17.0939 8092 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:17:17.0954 8092 i8042prt - ok
11:17:18.0032 8092 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:17:18.0064 8092 iaStorV - ok
11:17:18.0204 8092 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:17:18.0282 8092 idsvc - ok
11:17:21.0589 8092 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:17:21.0792 8092 igfx - ok
11:17:22.0151 8092 IHA_MessageCenter (5cab9d1ab5c9384d28dff89dbe7a72bb) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
11:17:22.0166 8092 IHA_MessageCenter - ok
11:17:22.0790 8092 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:17:22.0790 8092 iirsp - ok
11:17:22.0915 8092 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
11:17:22.0946 8092 IKEEXT - ok
11:17:23.0040 8092 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:17:23.0040 8092 intelide - ok
11:17:23.0196 8092 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:17:23.0212 8092 intelppm - ok
11:17:23.0258 8092 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:17:23.0274 8092 IPBusEnum - ok
11:17:23.0321 8092 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:17:23.0336 8092 IpFilterDriver - ok
11:17:23.0430 8092 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
11:17:23.0477 8092 iphlpsvc - ok
11:17:23.0524 8092 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:17:23.0524 8092 IPMIDRV - ok
11:17:23.0570 8092 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:17:23.0586 8092 IPNAT - ok
11:17:23.0617 8092 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:17:23.0633 8092 IRENUM - ok
11:17:23.0648 8092 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:17:23.0648 8092 isapnp - ok
11:17:23.0711 8092 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:17:23.0726 8092 iScsiPrt - ok
11:17:23.0992 8092 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:17:24.0023 8092 kbdclass - ok
11:17:24.0116 8092 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:17:24.0148 8092 kbdhid - ok
11:17:24.0226 8092 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:17:24.0226 8092 KeyIso - ok
11:17:24.0288 8092 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
11:17:24.0288 8092 KSecDD - ok
11:17:24.0460 8092 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
11:17:24.0491 8092 KSecPkg - ok
11:17:24.0553 8092 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:17:24.0553 8092 ksthunk - ok
11:17:25.0068 8092 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:17:25.0130 8092 KtmRm - ok
11:17:25.0224 8092 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
11:17:25.0255 8092 LanmanServer - ok
11:17:25.0302 8092 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
11:17:25.0380 8092 LanmanWorkstation - ok
11:17:25.0427 8092 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:17:25.0442 8092 lltdio - ok
11:17:25.0489 8092 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:17:25.0505 8092 lltdsvc - ok
11:17:25.0536 8092 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:17:25.0583 8092 lmhosts - ok
11:17:25.0692 8092 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:17:25.0739 8092 LSI_FC - ok
11:17:25.0801 8092 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:17:25.0817 8092 LSI_SAS - ok
11:17:25.0848 8092 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:17:25.0864 8092 LSI_SAS2 - ok
11:17:25.0910 8092 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:17:25.0926 8092 LSI_SCSI - ok
11:17:25.0973 8092 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:17:25.0988 8092 luafv - ok
11:17:26.0051 8092 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
11:17:26.0051 8092 Mcx2Svc - ok
11:17:26.0082 8092 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:17:26.0113 8092 megasas - ok
11:17:26.0191 8092 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:17:26.0222 8092 MegaSR - ok
11:17:26.0300 8092 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\1306.tmp
11:17:26.0300 8092 MEMSWEEP2 - ok
11:17:26.0332 8092 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:17:26.0363 8092 MMCSS - ok
11:17:26.0410 8092 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:17:26.0410 8092 Modem - ok
11:17:26.0456 8092 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:17:26.0472 8092 monitor - ok
11:17:26.0519 8092 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:17:26.0534 8092 mouclass - ok
11:17:26.0581 8092 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:17:26.0628 8092 mouhid - ok
11:17:26.0675 8092 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:17:26.0722 8092 mountmgr - ok
11:17:26.0768 8092 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:17:26.0784 8092 mpio - ok
11:17:26.0831 8092 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:17:26.0846 8092 mpsdrv - ok
11:17:26.0956 8092 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
11:17:26.0971 8092 MpsSvc - ok
11:17:27.0018 8092 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:17:27.0034 8092 MRxDAV - ok
11:17:27.0096 8092 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:17:27.0096 8092 mrxsmb - ok
11:17:27.0158 8092 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:17:27.0268 8092 mrxsmb10 - ok
11:17:27.0314 8092 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:17:27.0330 8092 mrxsmb20 - ok
11:17:27.0392 8092 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:17:27.0392 8092 msahci - ok
11:17:27.0455 8092 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:17:27.0486 8092 msdsm - ok
11:17:27.0533 8092 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:17:27.0548 8092 MSDTC - ok
11:17:27.0736 8092 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:17:27.0767 8092 Msfs - ok
11:17:27.0845 8092 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:17:27.0860 8092 mshidkmdf - ok
11:17:27.0954 8092 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:17:27.0970 8092 msisadrv - ok
11:17:29.0342 8092 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:17:29.0374 8092 MSiSCSI - ok
11:17:29.0389 8092 msiserver - ok
11:17:29.0514 8092 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:17:29.0514 8092 MSKSSRV - ok
11:17:29.0592 8092 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:17:29.0592 8092 MSPCLOCK - ok
11:17:29.0764 8092 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:17:29.0764 8092 MSPQM - ok
11:17:30.0684 8092 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:17:30.0746 8092 MsRPC - ok
11:17:31.0136 8092 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:17:31.0183 8092 mssmbios - ok
11:17:31.0324 8092 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:17:31.0339 8092 MSTEE - ok
11:17:31.0433 8092 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:17:31.0448 8092 MTConfig - ok
11:17:31.0698 8092 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:17:31.0729 8092 Mup - ok
11:17:31.0870 8092 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
11:17:31.0901 8092 napagent - ok
11:17:31.0963 8092 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:17:31.0979 8092 NativeWifiP - ok
11:17:32.0104 8092 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:17:32.0135 8092 NDIS - ok
11:17:32.0197 8092 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:17:32.0213 8092 NdisCap - ok
11:17:32.0244 8092 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:17:32.0260 8092 NdisTapi - ok
11:17:32.0291 8092 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:17:32.0291 8092 Ndisuio - ok
11:17:32.0353 8092 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:17:32.0369 8092 NdisWan - ok
11:17:32.0416 8092 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:17:32.0462 8092 NDProxy - ok
11:17:32.0525 8092 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
11:17:32.0556 8092 Net Driver HPZ12 - ok
11:17:32.0603 8092 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:17:32.0603 8092 NetBIOS - ok
11:17:32.0665 8092 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:17:32.0681 8092 NetBT - ok
11:17:32.0759 8092 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:17:32.0759 8092 Netlogon - ok
11:17:32.0852 8092 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:17:32.0899 8092 Netman - ok
11:17:32.0946 8092 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:17:32.0993 8092 netprofm - ok
11:17:33.0102 8092 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:17:33.0118 8092 NetTcpPortSharing - ok
11:17:34.0069 8092 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
11:17:34.0256 8092 netw5v64 - ok
11:17:34.0412 8092 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:17:34.0428 8092 nfrd960 - ok
11:17:34.0522 8092 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
11:17:34.0537 8092 NlaSvc - ok
11:17:34.0802 8092 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
11:17:34.0896 8092 NOBU - ok
11:17:35.0458 8092 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:17:35.0458 8092 Npfs - ok
11:17:35.0582 8092 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:17:35.0629 8092 nsi - ok
11:17:35.0848 8092 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:17:35.0848 8092 nsiproxy - ok
11:17:36.0082 8092 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:17:36.0144 8092 Ntfs - ok
11:17:36.0331 8092 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:17:36.0362 8092 Null - ok
11:17:36.0518 8092 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:17:36.0534 8092 nvraid - ok
11:17:36.0908 8092 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:17:36.0924 8092 nvstor - ok
11:17:36.0971 8092 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:17:36.0986 8092 nv_agp - ok
11:17:37.0033 8092 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:17:37.0033 8092 ohci1394 - ok
11:17:37.0423 8092 OnlineBackupSchedulerService (d1efe596c33e0481a30c31364c91886d) C:\Program Files (x86)\Verizon\Online Backup and Sharing\Scheduler\OnlineBackup.SchedulerService.exe
11:17:37.0423 8092 OnlineBackupSchedulerService - ok
11:17:37.0766 8092 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:17:37.0782 8092 ose - ok
11:17:39.0358 8092 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:17:39.0545 8092 osppsvc - ok
11:17:39.0919 8092 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:17:39.0935 8092 p2pimsvc - ok
11:17:40.0262 8092 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:17:40.0294 8092 p2psvc - ok
11:17:40.0418 8092 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:17:40.0434 8092 Parport - ok
11:17:40.0481 8092 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
11:17:40.0512 8092 partmgr - ok
11:17:40.0574 8092 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:17:40.0590 8092 PcaSvc - ok
11:17:40.0855 8092 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:17:40.0871 8092 pci - ok
11:17:40.0918 8092 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:17:40.0918 8092 pciide - ok
11:17:41.0760 8092 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:17:41.0776 8092 pcmcia - ok
11:17:41.0822 8092 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:17:41.0885 8092 pcw - ok
11:17:41.0963 8092 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:17:42.0041 8092 PEAUTH - ok
11:17:42.0602 8092 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:17:42.0602 8092 PerfHost - ok
11:17:42.0821 8092 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
11:17:42.0899 8092 pla - ok
11:17:42.0977 8092 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
11:17:42.0992 8092 PlugPlay - ok
11:17:43.0148 8092 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
11:17:43.0195 8092 Pml Driver HPZ12 - ok
11:17:43.0226 8092 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:17:43.0382 8092 PNRPAutoReg - ok
11:17:43.0445 8092 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:17:43.0445 8092 PNRPsvc - ok
11:17:43.0523 8092 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
11:17:43.0570 8092 PolicyAgent - ok
11:17:43.0632 8092 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:17:43.0663 8092 Power - ok
11:17:43.0788 8092 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:17:43.0788 8092 PptpMiniport - ok
11:17:43.0819 8092 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:17:43.0835 8092 Processor - ok
11:17:43.0913 8092 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
11:17:43.0944 8092 ProfSvc - ok
11:17:43.0991 8092 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:17:44.0006 8092 ProtectedStorage - ok
11:17:44.0084 8092 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:17:44.0100 8092 Psched - ok
11:17:44.0272 8092 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:17:44.0318 8092 ql2300 - ok
11:17:44.0506 8092 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:17:44.0537 8092 ql40xx - ok
11:17:44.0646 8092 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:17:44.0646 8092 QWAVE - ok
11:17:44.0708 8092 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:17:44.0724 8092 QWAVEdrv - ok
11:17:44.0755 8092 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:17:44.0771 8092 RasAcd - ok
11:17:44.0786 8092 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:17:44.0786 8092 RasAgileVpn - ok
11:17:44.0833 8092 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:17:44.0849 8092 RasAuto - ok
11:17:44.0927 8092 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:17:44.0942 8092 Rasl2tp - ok
11:17:45.0005 8092 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
11:17:45.0036 8092 RasMan - ok
11:17:45.0083 8092 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:17:45.0083 8092 RasPppoe - ok
11:17:45.0114 8092 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:17:45.0145 8092 RasSstp - ok
11:17:45.0208 8092 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:17:45.0223 8092 rdbss - ok
11:17:45.0270 8092 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:17:45.0301 8092 rdpbus - ok
11:17:45.0348 8092 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:17:45.0364 8092 RDPCDD - ok
11:17:45.0410 8092 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:17:45.0410 8092 RDPENCDD - ok
11:17:45.0457 8092 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:17:45.0473 8092 RDPREFMP - ok
11:17:45.0691 8092 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
11:17:45.0707 8092 RDPWD - ok
11:17:45.0800 8092 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:17:45.0800 8092 rdyboost - ok
11:17:45.0832 8092 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:17:45.0847 8092 RemoteAccess - ok
11:17:45.0894 8092 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:17:45.0941 8092 RemoteRegistry - ok
11:17:46.0003 8092 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:17:46.0050 8092 RpcEptMapper - ok
11:17:46.0066 8092 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:17:46.0081 8092 RpcLocator - ok
11:17:46.0159 8092 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
11:17:46.0175 8092 RpcSs - ok
11:17:46.0222 8092 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:17:46.0237 8092 rspndr - ok
11:17:46.0300 8092 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\system32\Drivers\RtsUStor.sys
11:17:46.0315 8092 RSUSBSTOR - ok
11:17:46.0440 8092 RTL8167 (777fc2c418465404e3d8a290dc247d24) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:17:46.0471 8092 RTL8167 - ok
11:17:46.0518 8092 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:17:46.0518 8092 SamSs - ok
11:17:46.0580 8092 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:17:46.0596 8092 sbp2port - ok
11:17:48.0094 8092 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
11:17:48.0140 8092 SBSDWSCService - ok
11:17:48.0203 8092 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:17:48.0218 8092 SCardSvr - ok
11:17:48.0312 8092 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:17:48.0328 8092 scfilter - ok
11:17:48.0437 8092 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
11:17:48.0484 8092 Schedule - ok
11:17:48.0530 8092 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
11:17:48.0530 8092 SCPolicySvc - ok
11:17:48.0608 8092 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
11:17:48.0608 8092 sdbus - ok
11:17:48.0686 8092 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
11:17:48.0702 8092 SDRSVC - ok
11:17:48.0827 8092 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:17:48.0842 8092 SeaPort - ok
11:17:48.0889 8092 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:17:48.0889 8092 secdrv - ok
11:17:48.0936 8092 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
11:17:48.0967 8092 seclogon - ok
11:17:48.0998 8092 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
11:17:49.0045 8092 SENS - ok
11:17:49.0076 8092 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:17:49.0092 8092 SensrSvc - ok
11:17:49.0139 8092 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:17:49.0139 8092 Serenum - ok
11:17:49.0186 8092 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:17:49.0232 8092 Serial - ok
11:17:49.0264 8092 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:17:49.0310 8092 sermouse - ok
11:17:49.0388 8092 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
11:17:49.0404 8092 SessionEnv - ok
11:17:49.0451 8092 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:17:49.0466 8092 sffdisk - ok
11:17:49.0498 8092 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:17:49.0513 8092 sffp_mmc - ok
11:17:49.0544 8092 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:17:49.0560 8092 sffp_sd - ok
11:17:49.0591 8092 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:17:49.0607 8092 sfloppy - ok
11:17:49.0747 8092 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
11:17:49.0778 8092 Sftfs - ok
11:17:50.0418 8092 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:17:50.0434 8092 sftlist - ok
11:17:50.0824 8092 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
11:17:50.0824 8092 Sftplay - ok
11:17:50.0870 8092 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
11:17:50.0870 8092 Sftredir - ok
11:17:50.0995 8092 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
11:17:50.0995 8092 Sftvol - ok
11:17:51.0370 8092 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:17:51.0401 8092 sftvsa - ok
11:17:51.0869 8092 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:17:51.0900 8092 SharedAccess - ok
11:17:51.0994 8092 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
11:17:51.0994 8092 ShellHWDetection - ok
11:17:52.0103 8092 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:17:52.0118 8092 SiSRaid2 - ok
11:17:52.0196 8092 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:17:52.0196 8092 SiSRaid4 - ok
11:17:52.0415 8092 SkypeUpdate (ef3b592545676301cdeb7c2609eed7bf) C:\Program Files (x86)\Skype\Updater\Updater.exe
11:17:52.0430 8092 SkypeUpdate - ok
11:17:53.0226 8092 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:17:53.0257 8092 Smb - ok
11:17:53.0335 8092 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:17:53.0351 8092 SNMPTRAP - ok
11:17:53.0366 8092 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:17:53.0382 8092 spldr - ok
11:17:53.0460 8092 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
11:17:53.0491 8092 Spooler - ok
11:17:53.0819 8092 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
11:17:53.0959 8092 sppsvc - ok
11:17:54.0708 8092 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:17:54.0724 8092 sppuinotify - ok
11:17:54.0864 8092 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:17:54.0880 8092 srv - ok
11:17:54.0973 8092 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:17:54.0989 8092 srv2 - ok
11:17:55.0800 8092 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:17:55.0847 8092 SrvHsfHDA - ok
11:17:56.0018 8092 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:17:56.0096 8092 SrvHsfV92 - ok
11:17:56.0284 8092 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:17:56.0315 8092 SrvHsfWinac - ok
11:17:56.0393 8092 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:17:56.0424 8092 srvnet - ok
11:17:56.0502 8092 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:17:56.0533 8092 SSDPSRV - ok
11:17:56.0549 8092 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:17:56.0564 8092 SstpSvc - ok
11:17:56.0798 8092 STacSV (b00068ba94f5f306911b14b425aaeb56) C:\Program Files\IDT\WDM\STacSV64.exe
11:17:56.0814 8092 STacSV - ok
11:17:56.0970 8092 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:17:57.0001 8092 stexstor - ok
11:17:57.0906 8092 STHDA (da40d9c9ccb9836d6abd1706935a2277) C:\Windows\system32\DRIVERS\stwrt64.sys
11:17:57.0953 8092 STHDA - ok
11:17:58.0374 8092 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
11:17:58.0405 8092 stisvc - ok
11:17:58.0561 8092 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:17:58.0577 8092 swenum - ok
11:17:59.0404 8092 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:17:59.0466 8092 swprv - ok
11:18:00.0059 8092 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
11:18:00.0137 8092 SynTP - ok
11:18:01.0182 8092 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
11:18:01.0260 8092 SysMain - ok
11:18:02.0243 8092 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
11:18:02.0305 8092 TabletInputService - ok
11:18:02.0664 8092 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
11:18:02.0695 8092 TapiSrv - ok
11:18:02.0914 8092 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:18:02.0929 8092 TBS - ok
11:18:04.0021 8092 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
11:18:04.0130 8092 Tcpip - ok
11:18:05.0129 8092 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
11:18:05.0160 8092 TCPIP6 - ok
11:18:05.0862 8092 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:18:05.0909 8092 tcpipreg - ok
11:18:06.0080 8092 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:18:06.0096 8092 TDPIPE - ok
11:18:06.0158 8092 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
11:18:06.0158 8092 TDTCP - ok
11:18:06.0252 8092 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:18:06.0252 8092 tdx - ok
11:18:06.0346 8092 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:18:06.0361 8092 TermDD - ok
11:18:06.0658 8092 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
11:18:06.0689 8092 TermService - ok
11:18:06.0782 8092 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:18:06.0782 8092 Themes - ok
11:18:06.0860 8092 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:18:06.0860 8092 THREADORDER - ok
11:18:07.0079 8092 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:18:07.0110 8092 TrkWks - ok
11:18:07.0391 8092 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
11:18:07.0406 8092 TrustedInstaller - ok
11:18:07.0594 8092 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:18:07.0609 8092 tssecsrv - ok
11:18:07.0703 8092 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:18:07.0703 8092 TsUsbFlt - ok
11:18:07.0796 8092 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:18:07.0796 8092 tunnel - ok
11:18:08.0046 8092 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:18:08.0062 8092 uagp35 - ok
11:18:08.0155 8092 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:18:08.0186 8092 udfs - ok
11:18:08.0249 8092 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:18:08.0249 8092 UI0Detect - ok
11:18:08.0342 8092 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:18:08.0358 8092 uliagpkx - ok
11:18:08.0654 8092 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
11:18:08.0670 8092 umbus - ok
11:18:08.0732 8092 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:18:08.0748 8092 UmPass - ok
11:18:09.0263 8092 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:18:09.0294 8092 upnphost - ok
11:18:09.0419 8092 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:18:09.0419 8092 usbccgp - ok
11:18:09.0746 8092 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:18:09.0778 8092 usbcir - ok
11:18:09.0902 8092 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
11:18:09.0934 8092 usbehci - ok
11:18:10.0074 8092 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
11:18:10.0105 8092 usbfilter - ok
11:18:10.0230 8092 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:18:10.0246 8092 usbhub - ok
11:18:10.0308 8092 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
11:18:10.0308 8092 usbohci - ok
11:18:10.0464 8092 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:18:10.0464 8092 usbprint - ok
11:18:10.0526 8092 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:18:10.0526 8092 usbscan - ok
11:18:10.0745 8092 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:18:10.0776 8092 USBSTOR - ok
11:18:10.0807 8092 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
11:18:10.0823 8092 usbuhci - ok
11:18:10.0901 8092 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
11:18:10.0901 8092 usbvideo - ok
11:18:10.0994 8092 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:18:11.0010 8092 UxSms - ok
11:18:11.0119 8092 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
11:18:11.0119 8092 VaultSvc - ok
11:18:11.0494 8092 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:18:11.0494 8092 vdrvroot - ok
11:18:11.0728 8092 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
11:18:11.0759 8092 vds - ok
11:18:11.0821 8092 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:18:11.0821 8092 vga - ok
11:18:11.0852 8092 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:18:11.0852 8092 VgaSave - ok
11:18:12.0086 8092 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:18:12.0133 8092 vhdmp - ok
11:18:12.0289 8092 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:18:12.0305 8092 viaide - ok
11:18:12.0352 8092 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:18:12.0352 8092 volmgr - ok
11:18:12.0601 8092 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:18:12.0617 8092 volmgrx - ok
11:18:12.0976 8092 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:18:13.0022 8092 volsnap - ok
11:18:13.0147 8092 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:18:13.0163 8092 vsmraid - ok
11:18:13.0397 8092 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
11:18:13.0475 8092 VSS - ok
11:18:14.0645 8092 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
11:18:14.0692 8092 vToolbarUpdater11.2.0 - ok
11:18:15.0347 8092 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:18:15.0362 8092 vwifibus - ok
11:18:15.0487 8092 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:18:15.0487 8092 vwififlt - ok
11:18:15.0596 8092 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
11:18:15.0612 8092 vwifimp - ok
11:18:15.0799 8092 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:18:15.0815 8092 W32Time - ok
11:18:15.0877 8092 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:18:15.0877 8092 WacomPen - ok
11:18:16.0002 8092 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:18:16.0002 8092 WANARP - ok
11:18:16.0049 8092 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:18:16.0064 8092 Wanarpv6 - ok
11:18:16.0408 8092 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:18:16.0517 8092 WatAdminSvc - ok
11:18:17.0203 8092 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
11:18:17.0281 8092 wbengine - ok
11:18:17.0905 8092 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:18:17.0936 8092 WbioSrvc - ok
11:18:18.0373 8092 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
11:18:18.0389 8092 wcncsvc - ok
11:18:18.0732 8092 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:18:18.0763 8092 WcsPlugInService - ok
11:18:18.0935 8092 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:18:18.0966 8092 Wd - ok
11:18:19.0684 8092 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:18:19.0715 8092 Wdf01000 - ok
11:18:20.0105 8092 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:18:20.0136 8092 WdiServiceHost - ok
11:18:20.0152 8092 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:18:20.0152 8092 WdiSystemHost - ok
11:18:20.0464 8092 Web Assistant Updater (efb3074bdbabe0a137d89d8e58f02392) C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
11:18:20.0479 8092 Web Assistant Updater - ok
11:18:20.0573 8092 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
11:18:20.0635 8092 WebClient - ok
11:18:20.0729 8092 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:18:20.0744 8092 Wecsvc - ok
11:18:20.0807 8092 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:18:20.0822 8092 wercplsupport - ok
11:18:21.0056 8092 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:18:21.0088 8092 WerSvc - ok
11:18:21.0275 8092 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:18:21.0275 8092 WfpLwf - ok
11:18:21.0337 8092 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:18:21.0337 8092 WIMMount - ok
11:18:21.0353 8092 WinHttpAutoProxySvc - ok
11:18:22.0039 8092 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:18:22.0070 8092 Winmgmt - ok
11:18:22.0382 8092 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
11:18:22.0492 8092 WinRM - ok
11:18:23.0084 8092 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:18:23.0084 8092 WinUsb - ok
11:18:23.0537 8092 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:18:23.0568 8092 Wlansvc - ok
11:18:23.0942 8092 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:18:23.0958 8092 wlcrasvc - ok
11:18:25.0253 8092 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:18:25.0346 8092 wlidsvc - ok
11:18:26.0204 8092 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:18:26.0236 8092 WmiAcpi - ok
11:18:26.0953 8092 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:18:27.0000 8092 wmiApSrv - ok
11:18:27.0125 8092 WMPNetworkSvc - ok
11:18:27.0203 8092 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:18:27.0218 8092 WPCSvc - ok
11:18:27.0608 8092 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
11:18:27.0624 8092 WPDBusEnum - ok
11:18:27.0811 8092 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:18:27.0858 8092 ws2ifsl - ok
11:18:27.0858 8092 WSearch - ok
11:18:28.0716 8092 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
11:18:28.0825 8092 wuauserv - ok
11:18:29.0480 8092 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:18:29.0480 8092 WudfPf - ok
11:18:29.0558 8092 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:18:29.0574 8092 WUDFRd - ok
11:18:29.0668 8092 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
11:18:29.0683 8092 wudfsvc - ok
11:18:29.0730 8092 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:18:29.0730 8092 WwanSvc - ok
11:18:30.0416 8092 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:18:30.0432 8092 YahooAUService - ok
11:18:30.0635 8092 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
11:18:30.0666 8092 yukonw7 - ok
11:18:30.0744 8092 MBR (0x1B8) (a749d21ba94ba4e22c56c531f9d1435a) \Device\Harddisk0\DR0
11:18:31.0196 8092 \Device\Harddisk0\DR0 - ok
11:18:31.0212 8092 MBR (0x1B8) (8493acd54e9e06c2a594d3469d30a261) \Device\Harddisk1\DR2
11:18:36.0422 8092 \Device\Harddisk1\DR2 - ok
11:18:36.0438 8092 Boot (0x1200) (56a4c3abe803332ebf12fb99af2abcb8) \Device\Harddisk0\DR0\Partition0
11:18:36.0438 8092 \Device\Harddisk0\DR0\Partition0 - ok
11:18:36.0469 8092 Boot (0x1200) (0a2dda0c23f99c9d13f2f88f1b7b931e) \Device\Harddisk0\DR0\Partition1
11:18:36.0469 8092 \Device\Harddisk0\DR0\Partition1 - ok
11:18:36.0516 8092 Boot (0x1200) (fac1cb8bce0aedde0831852d541b9d06) \Device\Harddisk0\DR0\Partition2
11:18:36.0516 8092 \Device\Harddisk0\DR0\Partition2 - ok
11:18:36.0563 8092 Boot (0x1200) (1f4e17fe7362874bfbd8a861daff437e) \Device\Harddisk0\DR0\Partition3
11:18:36.0563 8092 \Device\Harddisk0\DR0\Partition3 - ok
11:18:36.0563 8092 ============================================================
11:18:36.0563 8092 Scan finished
11:18:36.0563 8092 ============================================================
11:18:36.0594 7792 Detected object count: 0
11:18:36.0594 7792 Actual detected object count: 0
11:57:28.0317 11004 Deinitialize success

aswMBR LOG
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-16 11:25:26
-----------------------------
11:25:26.531 OS Version: Windows x64 6.1.7601 Service Pack 1
11:25:26.531 Number of processors: 2 586 0x603
11:25:26.531 ComputerName: RASHAD-HP UserName: rashad
11:25:36.203 Initialize success
11:26:49.097 AVAST engine defs: 12071600
11:27:02.404 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:27:02.420 Disk 0 Vendor: WDC_WD5000BEVT-60A0RT0 02.01A02 Size: 476940MB BusType: 11
11:27:02.420 Disk 1 \Device\Harddisk1\DR2 -> \Device\00000091
11:27:02.420 Disk 1 Vendor: Size: 476940MB BusType: 0
11:27:02.451 Disk 0 MBR read successfully
11:27:02.451 Disk 0 MBR scan
11:27:02.467 Disk 0 unknown MBR code
11:27:02.467 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
11:27:02.498 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 456504 MB offset 409600
11:27:02.529 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 20132 MB offset 935329792
11:27:02.560 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 976560128
11:27:02.623 Disk 0 scanning C:\Windows\system32\drivers
11:27:27.786 Service scanning
11:28:36.379 Modules scanning
11:28:36.394 Disk 0 trace - called modules:
11:28:36.426 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:28:36.441 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800433f060]
11:28:36.457 3 CLASSPNP.SYS[fffff880019ae43f] -> nt!IofCallDriver -> [0xfffffa800433e040]
11:28:36.472 5 hpdskflt.sys[fffff88001955289] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80042c0060]
11:28:46.129 AVAST engine scan C:\Windows
11:28:59.748 AVAST engine scan C:\Windows\system32
11:37:04.004 AVAST engine scan C:\Windows\system32\drivers
11:38:00.039 AVAST engine scan C:\Users\rashad
11:44:00.977 Disk 0 MBR has been saved successfully to "C:\Users\rashad\Desktop\pic_reference\MBR.dat"
11:44:01.008 The log file has been saved successfully to "C:\Users\rashad\Desktop\pic_reference\aswMBR.txt"
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-16 11:25:26



ESET online scanner

C:\Users\rashad\AppData\Local\Temp\NOD7A7E.tmp Win32/Adware.MultiPlug.A application cleaned by deleting (after the next restart) - quarantined
C:\Users\rashad\AppData\Local\{a0a99ab8-eb85-13a4-7637-aa156dc951ba}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Users\rashad\Downloads\musicoasis.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:57 PM

Posted 16 July 2012 - 08:04 PM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{a0a99ab8-eb85-13a4-7637-aa156dc951ba}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 discoduck

discoduck
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 17 July 2012 - 03:07 PM

systemlook

SystemLook 30.07.11 by jpshortstuff
Log created at 12:38 on 17/07/2012 by rashad
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{a0a99ab8-eb85-13a4-7637-aa156dc951ba}"
C:\Users\rashad\AppData\Local\{a0a99ab8-eb85-13a4-7637-aa156dc951ba} d--hs-- [03:35 11/01/2012]

Searching for " "
No folders found.

-= EOF =-



i scanned with malwarebytes and no malware was detected

mini toolbox log

MiniToolBox by Farbar Version: 15-07-2012
Ran by rashad (administrator) on 17-07-2012 at 15:52:09
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com

There are 15236 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : rashad-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 6E-0F-6E-68-08-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 4C-0F-6E-68-08-99
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::49c2:115d:8f3d:ac05%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 16, 2012 11:29:28 PM
Lease Expires . . . . . . . . . . : Wednesday, July 18, 2012 12:29:43 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 306974574
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6E-AB-A0-3C-4A-92-4D-18-A7
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A2EB0DCD-E9E6-442D-8CD6-45CC899C8FCD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:844:386a:9d8a:b4cb(Preferred)
Link-local IPv6 Address . . . . . : fe80::844:386a:9d8a:b4cb%29(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Reusable ISATAP Interface {EF08DCE9-8183-4F93-9C71-DA71C9504B5A}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:802::100e
74.125.228.66
74.125.228.69
74.125.228.67
74.125.228.70
74.125.228.68
74.125.228.73
74.125.228.72
74.125.228.65
74.125.228.64
74.125.228.78
74.125.228.71


Pinging google.com [74.125.228.70] with 32 bytes of data:
Reply from 74.125.228.70: bytes=32 time=32ms TTL=55
Reply from 74.125.228.70: bytes=32 time=34ms TTL=55

Ping statistics for 74.125.228.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 34ms, Average = 33ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=95ms TTL=56
Reply from 72.30.38.140: bytes=32 time=94ms TTL=56

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 94ms, Maximum = 95ms, Average = 94ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=15ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 5ms, Maximum = 15ms, Average = 10ms
===========================================================================
Interface List
19...6e 0f 6e 68 08 99 ......Microsoft Virtual WiFi Miniport Adapter
11...4c 0f 6e 68 08 99 ......Atheros AR9285 802.11b/g/n WiFi Adapter
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
29...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
29 58 ::/0 On-link
1 306 ::1/128 On-link
29 58 2001::/32 On-link
29 306 2001:0:4137:9e76:844:386a:9d8a:b4cb/128
On-link
11 281 fe80::/64 On-link
29 306 fe80::/64 On-link
29 306 fe80::844:386a:9d8a:b4cb/128
On-link
11 281 fe80::49c2:115d:8f3d:ac05/128
On-link
1 306 ff00::/8 On-link
29 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/17/2012 02:47:36 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1a8c

Start Time: 01cd6449640a12c0

Termination Time: 32

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: a837f8c1-d03f-11e1-82c8-d5b6e2a698a3

Error: (07/17/2012 10:31:54 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (07/16/2012 05:49:16 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1cc4

Start Time: 01cd639ca9fb781a

Termination Time: 359

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (07/16/2012 01:16:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/16/2012 01:16:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/16/2012 01:16:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/16/2012 01:06:57 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f54

Start Time: 01cd6375543aa1db

Termination Time: 296

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (07/16/2012 11:51:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/16/2012 11:51:23 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/16/2012 11:51:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (07/16/2012 11:29:38 PM) (Source: Service Control Manager) (User: )
Description: The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed.

Error: (07/16/2012 05:43:50 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.

Error: (07/16/2012 08:46:03 AM) (Source: Service Control Manager) (User: )
Description: The MEMSWEEP2 service failed to start due to the following error:
%%1275

Error: (07/16/2012 08:46:03 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\system32\1306.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/16/2012 08:40:37 AM) (Source: Service Control Manager) (User: )
Description: The MEMSWEEP2 service failed to start due to the following error:
%%1275

Error: (07/16/2012 08:40:37 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\system32\1306.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/16/2012 08:40:35 AM) (Source: Service Control Manager) (User: )
Description: The MEMSWEEP2 service failed to start due to the following error:
%%1275

Error: (07/16/2012 08:40:35 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\system32\1306.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (07/16/2012 08:40:34 AM) (Source: Service Control Manager) (User: )
Description: The MEMSWEEP2 service failed to start due to the following error:
%%1275

Error: (07/16/2012 08:40:34 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\system32\1306.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Microsoft Office Sessions:
=========================
Error: (07/17/2012 02:47:36 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164471a8c01cd6449640a12c032C:\Program Files (x86)\Internet Explorer\iexplore.exea837f8c1-d03f-11e1-82c8-d5b6e2a698a3

Error: (07/17/2012 10:31:54 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (07/16/2012 05:49:16 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164471cc401cd639ca9fb781a359C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (07/16/2012 01:16:15 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\rashad\Desktop\pic_reference\esetsmartinstaller_enu.exe

Error: (07/16/2012 01:16:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\rashad\Desktop\pic_reference\esetsmartinstaller_enu.exe

Error: (07/16/2012 01:16:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\rashad\Desktop\pic_reference\esetsmartinstaller_enu.exe

Error: (07/16/2012 01:06:57 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.164471f5401cd6375543aa1db296C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (07/16/2012 11:51:34 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\rashad\Desktop\pic_reference\esetsmartinstaller_enu.exe

Error: (07/16/2012 11:51:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\rashad\Desktop\pic_reference\esetsmartinstaller_enu.exe

Error: (07/16/2012 11:51:02 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\rashad\Desktop\pic_reference\esetsmartinstaller_enu.exe


=========================== Installed Programs ============================

4500_G510gm_Help (Version: 000.0.439.000)
4500G510gm (Version: 000.0.423.000)
4500G510gm_Software_Min (Version: 000.0.423.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Acoustica MP3 Audio Mixer
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Advanced GIF Animator 3.0 (Version: 3.0)
AMD USB Filter Driver (Version: 1.0.15.94)
AOL Messaging Toolbar
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.3.127)
Artoonix 1.5
ASIO4ALL (Version: 2.10)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
Atheros Driver Installation Program (Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Audacity 2.0
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.0.614.0)
Bistro Boulevard (Version: 2.2.0.98)
Blackhawk Striker 2 (Version: 2.2.0.95)
blinkx beat (Version: 1.5.0)
Blue's Clues: Meet Blue's Baby Brother (Version: 2.2.0.98)
Bubble Bonanza
BufferChm (Version: 130.0.331.000)
Build-a-lot (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Burger Bustle (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.98)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Full Existing (Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Full New (Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Light (Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Previews Common (Version: 2010.0416.541.8279)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0416.541.8279)
Catalyst Control Center InstallProxy (Version: 2010.0416.541.8279)
Catalyst Control Center Localization All (Version: 2010.0416.541.8279)
ccc-core-static (Version: 2010.0416.541.8279)
ccc-utility64 (Version: 2010.0416.541.8279)
CCC Help Chinese Standard (Version: 2010.0416.0540.8279)
CCC Help Chinese Traditional (Version: 2010.0416.0540.8279)
CCC Help Czech (Version: 2010.0416.0540.8279)
CCC Help Danish (Version: 2010.0416.0540.8279)
CCC Help Dutch (Version: 2010.0416.0540.8279)
CCC Help English (Version: 2010.0416.0540.8279)
CCC Help Finnish (Version: 2010.0416.0540.8279)
CCC Help French (Version: 2010.0416.0540.8279)
CCC Help German (Version: 2010.0416.0540.8279)
CCC Help Greek (Version: 2010.0416.0540.8279)
CCC Help Hungarian (Version: 2010.0416.0540.8279)
CCC Help Italian (Version: 2010.0416.0540.8279)
CCC Help Japanese (Version: 2010.0416.0540.8279)
CCC Help Korean (Version: 2010.0416.0540.8279)
CCC Help Norwegian (Version: 2010.0416.0540.8279)
CCC Help Polish (Version: 2010.0416.0540.8279)
CCC Help Portuguese (Version: 2010.0416.0540.8279)
CCC Help Russian (Version: 2010.0416.0540.8279)
CCC Help Spanish (Version: 2010.0416.0540.8279)
CCC Help Swedish (Version: 2010.0416.0540.8279)
CCC Help Thai (Version: 2010.0416.0540.8279)
CCC Help Turkish (Version: 2010.0416.0540.8279)
Chocolatier (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Codecv (Version: )
Cooking Academy 2 - World Cuisine (Version: 2.2.0.97)
Cooking Academy 3: Recipe for Success (Version: 2.2.0.110)
CyberLink DVD Suite (Version: 7.0.3003)
D3DX10 (Version: 15.4.2368.0902)
Dead Hungry Diner (Version: 2.2.0.110)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DocMgr (Version: 130.0.000.000)
DocProc (Version: 13.0.0.0)
Dora's Carnival Adventure (Version: 2.2.0.95)
Download Updater (AOL LLC)
Dracula Series Part 3: The Destruction of the Evil (Version: 2.2.0.98)
Drugstore Mania (Version: 2.2.0.98)
DVD Menu Pack for HP MediaSmart Video (Version: 4.1.4121)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
Fax (Version: 130.0.418.000)
Final Drive Nitro (Version: 2.2.0.95)
FL Studio 10
Game Elements Game Controller (Version: 2003.07.28)
GPBaseService2 (Version: 130.0.371.000)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hotdog Hotshot (Version: 2.2.0.95)
HP 3D DriveGuard (Version: 4.0.5.1)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Document Manager 2.0 (Version: 2.0)
HP Documentation (Version: 1.1.1.0)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Games (Version: 1.0.3.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP MediaSmart DVD (Version: 4.1.4229)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (Version: 4.1.4215)
HP MediaSmart Photo (Version: 4.1.4211)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.1.4214)
HP MediaSmart Webcam (Version: 4.1.3024)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.9.0)
HP Officejet 4500 G510g-m (Version: 13.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.2.3)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Software Framework (Version: 4.1.6.1)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HP Wireless Assistant (Version: 4.0.9.0)
HPProductAssistant (Version: 130.0.371.000)
Hulu Desktop (Version: 0.9.13)
I SPY Treasure Hunt (Version: 2.2.0.97)
Ice Cream Mania (Version: 2.2.0.98)
IDT Audio (Version: 1.0.6292.0)
IHA_MessageCenter (Version: 1.1.0)
IL Download Manager
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Jessicas Cupcake Cafe (Version: 2.2.0.95)
Jewel Quest 3 (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kitchen Brigade (Version: 2.2.0.95)
LabelPrint (Version: 2.5.2907)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Student 2010 - English (Version: 14.0.6109.5003)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft PowerPoint Viewer (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.1.4030)
Mozilla Firefox 6.0.2 (x86 en-US) (Version: 6.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.374.000)
Network64 (Version: 140.0.221.000)
NG Center (C:\Program Files (x86)\Core Design\)
NG Center (C:\Program Files (x86)\Core Design\) #3
NG Center (C:\Program Files (x86)\NG_CENTER\)
NG Center (C:\Program Files (x86)\NG_CENTER\) #3
NG Center (C:\Program Files (x86)\NG_CENTER\) #4
NG Center (C:\Program Files (x86)\NG_CENTER\) #5
NG Center (C:\Program Files (x86)\NG_CENTER\) #6
NG Center (C:\Program Files (x86)\NG_CENTER\) #8
NG Center 1.3
Nick Jr Bingo (Version: 2.2.0.98)
Norton Online Backup (Version: 2.1.17869)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
PlayStation®Network Downloader (Version: 2.04.00651)
PlayStation®Store (Version: 4.0.14.10643)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
PricePeep for Internet Explorer (Version: 2.1.180.0)
QuickTime (Version: 7.69.80.9)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.11.1127.2009)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Recovery Manager (Version: 5.5.3023)
Roxio CinemaNow 2.0 (Version: 1.0.284)
Scan (Version: 13.0.0.0)
Scrabble Blast Deluxe
Skype Click to Call (Version: 5.10.9560)
Skype™ 5.10 (Version: 5.10.115)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
SpongeBob Diner Dash
SpongeBob Diner Dash 2 (Version: 2.2.0.95)
SpongeBob Typing (Version: 2.2.0.98)
SpongeBob: Clash of Triton (Version: 2.2.0.98)
Spybot - Search & Destroy (Version: 1.6.2)
Stand O'Food 3 (Version: 2.2.0.98)
Status (Version: 130.0.373.000)
Synaptics Pointing Device Driver (Version: 15.1.6.64)
Times Reader (Version: 2.061)
Toolbox (Version: 130.0.648.000)
Torchlight (Version: 2.2.0.95)
TrayApp (Version: 130.0.376.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Vanilla and Chocolate (Version: 2.2.0.98)
Verizon Online Backup and Sharing (Version: 4.6.3480)
Virtual Families (Version: 2.2.0.95)
Virtual Villagers - The Secret City (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Vz In Home Agent (Version: 8.02.23)
Web Assistant 2.0.0.439
WebReg (Version: 130.0.132.017)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games App (HP Games) (Version: 4.0.5.14)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media 8 Encoding Utility
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 3834.9 MB
Available physical RAM: 1519.82 MB
Total Pagefile: 7668 MB
Available Pagefile: 4619.66 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.67 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:445.8 GB) (Free:377 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:19.66 GB) (Free:2.86 GB) NTFS
4 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

========================= Users: ========================================

User accounts for \\RASHAD-HP

Administrator Guest rashad


**** End of log ****


FSS LOG

Farbar Service Scanner Version: 08-07-2012
Ran by rashad (administrator) on 17-07-2012 at 16:04:45
Running from "C:\Users\rashad\Desktop\pic_reference"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log **

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:57 PM

Posted 17 July 2012 - 04:05 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\rashad\AppData\Local\{a0a99ab8-eb85-13a4-7637-aa156dc951ba}

Delete the folder

Create a restore point before trying this

Download

wscsvc
defender


Launch them ,click YES when you get UAC prompt

restart the PC and post the new FSS log

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Repair WMI
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

#7 discoduck

discoduck
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 17 July 2012 - 08:08 PM

okay i deleted that folder and created a restore point, downloaded the registry entries and i used the FSS like before here is the log

fss log
Farbar Service Scanner Version: 08-07-2012
Ran by rashad (administrator) on 17-07-2012 at 20:36:38
Running from "C:\Users\rashad\Desktop\pic_reference"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log

that is the log before i ran the windows repair, oh the windows repair prompted me to back up my registry and create another restore point i did. did you want me to run the FSS after i used windows repair and restarted my pc

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:57 PM

Posted 17 July 2012 - 08:50 PM

Uninstall ask toolbar

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 discoduck

discoduck
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 17 July 2012 - 10:10 PM

thanks i think that worked i clicked on two links on bing and was not redirected to a different page
i didnt try google.
now about these apps i downloaded
are they installed i did not see all of them on my remove hardware list
should i just delete them all except malwarebytes




and thanks again!!! :thumbsup:


now all i need is to speed my pc back up

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:57 PM

Posted 18 July 2012 - 12:45 AM

You're welcome :)

#11 discoduck

discoduck
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 21 July 2012 - 06:30 AM

hey i hate to bother you again but...

i know certain sites i go to cant be infected but the redirect thing happen when i tried to open a search result in google. when this happened i just restored my system to the previous clean state from a restore point. am i safe or is the virus still on my system in another restore point


oh and my pc does not do automatic restore points anymore and is slower

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:57 PM

Posted 21 July 2012 - 06:59 AM

Didn't you follow my last instructions on deleting restore points ??? You could have replied here if you still had redirects before trying a restore

We need to take a deeper look

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#13 discoduck

discoduck
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 21 July 2012 - 07:59 AM

yeah i only have 3 restore points
the one i made after i got rid of the trojan and two more.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:57 PM

Posted 21 July 2012 - 08:07 AM

Please follow my previous instructions and create a topic in other forum.

#15 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,911 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:02:57 PM

Posted 24 July 2012 - 04:18 PM

Hello,

I found your new topic here http://www.bleepingcomputer.com/forums/topic462243.html but you neglected to furnish the required logs or any indication that you tried to produce them and couldn't.

So, to restate your latest instructions in a different way:

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic: http://www.bleepingcomputer.com/forums/topic462243.html by using the Add Reply button found near the bottom of that topic.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users