Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Browser Redirecting


  • Please log in to reply
11 replies to this topic

#1 cdittemore

cdittemore

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:09 PM

Posted 29 July 2012 - 09:56 PM

Hello,

I was recently hit with probably 10 different trojan viruses.

They got on both of my computers and ended up spreading to my FTP program and causing havok on all my domains.

I think I've removed all of the trojans. I use SuperAntiSpyware, TDSSKiller, MalwareBytes, Avg, among others.

However, I am still redirecting and my computer is still acting sluggish, so I'm not sure what I have missed.

Thanks!

Christopher Dittemore

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 PM

Posted 30 July 2012 - 06:08 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 cdittemore

cdittemore
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:09 PM

Posted 30 July 2012 - 02:33 PM

Thanks!

Here's the info...

TDSS Killer Log
---------------

12:32:38.0189 5796 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
12:32:38.0492 5796 ============================================================
12:32:38.0492 5796 Current date / time: 2012/07/30 12:32:38.0492
12:32:38.0492 5796 SystemInfo:
12:32:38.0492 5796
12:32:38.0493 5796 OS Version: 6.1.7601 ServicePack: 1.0
12:32:38.0493 5796 Product type: Workstation
12:32:38.0493 5796 ComputerName: C-TOSH
12:32:38.0493 5796 UserName: C
12:32:38.0493 5796 Windows directory: C:\windows
12:32:38.0493 5796 System windows directory: C:\windows
12:32:38.0493 5796 Running under WOW64
12:32:38.0493 5796 Processor architecture: Intel x64
12:32:38.0493 5796 Number of processors: 2
12:32:38.0493 5796 Page size: 0x1000
12:32:38.0493 5796 Boot type: Normal boot
12:32:38.0493 5796 ============================================================
12:32:39.0001 5796 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:32:39.0006 5796 ============================================================
12:32:39.0006 5796 \Device\Harddisk0\DR0:
12:32:39.0006 5796 MBR partitions:
12:32:39.0006 5796 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235B9800
12:32:39.0006 5796 ============================================================
12:32:39.0040 5796 C: <-> \Device\Harddisk0\DR0\Partition0
12:32:39.0040 5796 ============================================================
12:32:39.0040 5796 Initialize success
12:32:39.0040 5796 ============================================================
12:32:53.0024 7652 ============================================================
12:32:53.0024 7652 Scan started
12:32:53.0024 7652 Mode: Manual; TDLFS;
12:32:53.0024 7652 ============================================================
12:32:54.0530 7652 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:32:54.0534 7652 !SASCORE - ok
12:32:54.0781 7652 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
12:32:54.0784 7652 1394ohci - ok
12:32:54.0884 7652 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
12:32:54.0890 7652 ACPI - ok
12:32:54.0914 7652 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
12:32:54.0915 7652 AcpiPmi - ok
12:32:55.0036 7652 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:32:55.0037 7652 AdobeARMservice - ok
12:32:55.0105 7652 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
12:32:55.0110 7652 adp94xx - ok
12:32:55.0231 7652 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
12:32:55.0237 7652 adpahci - ok
12:32:55.0329 7652 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
12:32:55.0331 7652 adpu320 - ok
12:32:55.0397 7652 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
12:32:55.0398 7652 AeLookupSvc - ok
12:32:55.0461 7652 AFD (d5b031c308a409a0a576bff4cf083d30) C:\windows\system32\drivers\afd.sys
12:32:55.0467 7652 AFD - ok
12:32:55.0510 7652 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
12:32:55.0511 7652 agp440 - ok
12:32:55.0560 7652 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
12:32:55.0562 7652 ALG - ok
12:32:55.0591 7652 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
12:32:55.0592 7652 aliide - ok
12:32:55.0615 7652 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
12:32:55.0616 7652 amdide - ok
12:32:55.0646 7652 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
12:32:55.0648 7652 AmdK8 - ok
12:32:55.0667 7652 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
12:32:55.0668 7652 AmdPPM - ok
12:32:55.0726 7652 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
12:32:55.0740 7652 amdsata - ok
12:32:55.0833 7652 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
12:32:55.0835 7652 amdsbs - ok
12:32:55.0889 7652 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
12:32:55.0890 7652 amdxata - ok
12:32:56.0007 7652 AOL ACS (85180cf88c5ebad73b452a43a004ca51) C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
12:32:56.0010 7652 AOL ACS - ok
12:32:56.0064 7652 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
12:32:56.0067 7652 AppID - ok
12:32:56.0094 7652 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
12:32:56.0096 7652 AppIDSvc - ok
12:32:56.0131 7652 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
12:32:56.0133 7652 Appinfo - ok
12:32:56.0214 7652 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:32:56.0232 7652 Apple Mobile Device - ok
12:32:56.0310 7652 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
12:32:56.0312 7652 arc - ok
12:32:56.0360 7652 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
12:32:56.0362 7652 arcsas - ok
12:32:56.0513 7652 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:32:56.0550 7652 aspnet_state - ok
12:32:56.0604 7652 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
12:32:56.0606 7652 AsyncMac - ok
12:32:56.0658 7652 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
12:32:56.0659 7652 atapi - ok
12:32:56.0723 7652 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
12:32:56.0730 7652 AudioEndpointBuilder - ok
12:32:56.0739 7652 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
12:32:56.0744 7652 AudioSrv - ok
12:32:57.0198 7652 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
12:32:57.0230 7652 AVGIDSAgent - ok
12:32:57.0376 7652 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\windows\system32\DRIVERS\avgidsdrivera.sys
12:32:57.0378 7652 AVGIDSDriver - ok
12:32:57.0397 7652 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\windows\system32\DRIVERS\avgidsfiltera.sys
12:32:57.0398 7652 AVGIDSFilter - ok
12:32:57.0441 7652 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\windows\system32\DRIVERS\avgidsha.sys
12:32:57.0451 7652 AVGIDSHA - ok
12:32:57.0506 7652 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\windows\system32\DRIVERS\avgldx64.sys
12:32:57.0509 7652 Avgldx64 - ok
12:32:57.0527 7652 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\windows\system32\DRIVERS\avgmfx64.sys
12:32:57.0528 7652 Avgmfx64 - ok
12:32:57.0572 7652 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\windows\system32\DRIVERS\avgrkx64.sys
12:32:57.0572 7652 Avgrkx64 - ok
12:32:57.0630 7652 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\windows\system32\DRIVERS\avgtdia.sys
12:32:57.0634 7652 Avgtdia - ok
12:32:57.0709 7652 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
12:32:57.0711 7652 avgwd - ok
12:32:57.0755 7652 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
12:32:57.0757 7652 AxInstSV - ok
12:32:57.0811 7652 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
12:32:57.0815 7652 b06bdrv - ok
12:32:57.0857 7652 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
12:32:57.0859 7652 b57nd60a - ok
12:32:57.0915 7652 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
12:32:57.0916 7652 BDESVC - ok
12:32:57.0941 7652 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
12:32:57.0942 7652 Beep - ok
12:32:58.0043 7652 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
12:32:58.0050 7652 BFE - ok
12:32:58.0110 7652 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
12:32:58.0112 7652 blbdrive - ok
12:32:58.0148 7652 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
12:32:58.0149 7652 bowser - ok
12:32:58.0187 7652 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
12:32:58.0188 7652 BrFiltLo - ok
12:32:58.0196 7652 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
12:32:58.0196 7652 BrFiltUp - ok
12:32:58.0232 7652 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\windows\system32\DRIVERS\bridge.sys
12:32:58.0233 7652 BridgeMP - ok
12:32:58.0278 7652 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
12:32:58.0283 7652 Browser - ok
12:32:58.0435 7652 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
12:32:58.0441 7652 Brserid - ok
12:32:58.0479 7652 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
12:32:58.0480 7652 BrSerWdm - ok
12:32:58.0501 7652 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
12:32:58.0502 7652 BrUsbMdm - ok
12:32:58.0531 7652 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
12:32:58.0532 7652 BrUsbSer - ok
12:32:58.0551 7652 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
12:32:58.0553 7652 BTHMODEM - ok
12:32:58.0602 7652 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
12:32:58.0604 7652 bthserv - ok
12:32:58.0716 7652 CamDrL64 (6e1641724439e18ce55adee2d347aa19) C:\windows\system32\DRIVERS\CamDrL64.sys
12:32:58.0724 7652 CamDrL64 - ok
12:32:58.0790 7652 catchme - ok
12:32:58.0839 7652 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
12:32:58.0840 7652 cdfs - ok
12:32:58.0895 7652 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
12:32:58.0897 7652 cdrom - ok
12:32:58.0961 7652 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
12:32:58.0963 7652 CertPropSvc - ok
12:32:58.0981 7652 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
12:32:58.0982 7652 circlass - ok
12:32:59.0024 7652 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
12:32:59.0029 7652 CLFS - ok
12:32:59.0122 7652 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:32:59.0123 7652 clr_optimization_v2.0.50727_32 - ok
12:32:59.0160 7652 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:32:59.0161 7652 clr_optimization_v2.0.50727_64 - ok
12:32:59.0302 7652 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:32:59.0364 7652 clr_optimization_v4.0.30319_32 - ok
12:32:59.0489 7652 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:32:59.0516 7652 clr_optimization_v4.0.30319_64 - ok
12:32:59.0557 7652 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
12:32:59.0559 7652 CmBatt - ok
12:32:59.0576 7652 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
12:32:59.0578 7652 cmdide - ok
12:32:59.0610 7652 CNG (d5fea92400f12412b3922087c09da6a5) C:\windows\system32\Drivers\cng.sys
12:32:59.0614 7652 CNG - ok
12:32:59.0660 7652 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
12:32:59.0661 7652 Compbatt - ok
12:32:59.0689 7652 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
12:32:59.0690 7652 CompositeBus - ok
12:32:59.0708 7652 COMSysApp - ok
12:32:59.0737 7652 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
12:32:59.0738 7652 crcdisk - ok
12:32:59.0784 7652 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
12:32:59.0786 7652 CryptSvc - ok
12:32:59.0961 7652 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
12:32:59.0967 7652 DcomLaunch - ok
12:33:00.0024 7652 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
12:33:00.0027 7652 defragsvc - ok
12:33:00.0070 7652 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
12:33:00.0072 7652 DfsC - ok
12:33:00.0146 7652 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
12:33:00.0150 7652 Dhcp - ok
12:33:00.0185 7652 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
12:33:00.0186 7652 discache - ok
12:33:00.0247 7652 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
12:33:00.0249 7652 Disk - ok
12:33:00.0312 7652 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
12:33:00.0315 7652 Dnscache - ok
12:33:00.0371 7652 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
12:33:00.0374 7652 dot3svc - ok
12:33:00.0448 7652 dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys
12:33:00.0485 7652 dot4 - ok
12:33:00.0504 7652 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\windows\system32\DRIVERS\Dot4Prt.sys
12:33:00.0504 7652 Dot4Print - ok
12:33:00.0543 7652 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys
12:33:00.0544 7652 dot4usb - ok
12:33:00.0576 7652 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
12:33:00.0578 7652 DPS - ok
12:33:00.0640 7652 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
12:33:00.0641 7652 drmkaud - ok
12:33:00.0703 7652 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
12:33:00.0712 7652 DXGKrnl - ok
12:33:00.0764 7652 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
12:33:00.0765 7652 EapHost - ok
12:33:01.0016 7652 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
12:33:01.0038 7652 ebdrv - ok
12:33:01.0194 7652 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\System32\lsass.exe
12:33:01.0206 7652 EFS - ok
12:33:01.0298 7652 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
12:33:01.0304 7652 ehRecvr - ok
12:33:01.0358 7652 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
12:33:01.0360 7652 ehSched - ok
12:33:01.0431 7652 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
12:33:01.0435 7652 elxstor - ok
12:33:01.0455 7652 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
12:33:01.0456 7652 ErrDev - ok
12:33:01.0498 7652 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
12:33:01.0502 7652 EventSystem - ok
12:33:01.0530 7652 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
12:33:01.0532 7652 exfat - ok
12:33:01.0557 7652 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
12:33:01.0559 7652 fastfat - ok
12:33:01.0616 7652 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
12:33:01.0623 7652 Fax - ok
12:33:01.0651 7652 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
12:33:01.0652 7652 fdc - ok
12:33:01.0693 7652 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
12:33:01.0695 7652 fdPHost - ok
12:33:01.0704 7652 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
12:33:01.0705 7652 FDResPub - ok
12:33:01.0721 7652 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
12:33:01.0722 7652 FileInfo - ok
12:33:01.0746 7652 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
12:33:01.0747 7652 Filetrace - ok
12:33:01.0762 7652 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
12:33:01.0763 7652 flpydisk - ok
12:33:01.0788 7652 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
12:33:01.0791 7652 FltMgr - ok
12:33:01.0857 7652 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
12:33:01.0867 7652 FontCache - ok
12:33:01.0939 7652 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:33:01.0941 7652 FontCache3.0.0.0 - ok
12:33:01.0982 7652 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
12:33:01.0983 7652 FsDepends - ok
12:33:01.0993 7652 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys
12:33:01.0994 7652 Fs_Rec - ok
12:33:02.0025 7652 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
12:33:02.0028 7652 fvevol - ok
12:33:02.0057 7652 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
12:33:02.0058 7652 gagp30kx - ok
12:33:02.0098 7652 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
12:33:02.0109 7652 GEARAspiWDM - ok
12:33:02.0148 7652 GFNEXSrv (fa07ec01952729ddddc5bf4bae06b09e) C:\Windows\System32\GFNEXSrv.exe
12:33:02.0151 7652 GFNEXSrv - ok
12:33:02.0201 7652 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
12:33:02.0210 7652 gpsvc - ok
12:33:02.0283 7652 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:33:02.0285 7652 gupdate - ok
12:33:02.0290 7652 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:33:02.0292 7652 gupdatem - ok
12:33:02.0341 7652 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:33:02.0343 7652 gusvc - ok
12:33:02.0387 7652 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
12:33:02.0388 7652 hcw85cir - ok
12:33:02.0438 7652 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
12:33:02.0441 7652 HdAudAddService - ok
12:33:02.0467 7652 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
12:33:02.0468 7652 HDAudBus - ok
12:33:02.0501 7652 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
12:33:02.0502 7652 HidBatt - ok
12:33:02.0526 7652 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
12:33:02.0527 7652 HidBth - ok
12:33:02.0537 7652 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
12:33:02.0538 7652 HidIr - ok
12:33:02.0559 7652 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
12:33:02.0561 7652 hidserv - ok
12:33:02.0601 7652 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
12:33:02.0602 7652 HidUsb - ok
12:33:02.0634 7652 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
12:33:02.0636 7652 hkmsvc - ok
12:33:02.0666 7652 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
12:33:02.0670 7652 HomeGroupListener - ok
12:33:02.0716 7652 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
12:33:02.0721 7652 HomeGroupProvider - ok
12:33:02.0774 7652 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
12:33:02.0776 7652 HpSAMD - ok
12:33:02.0833 7652 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
12:33:02.0844 7652 HTTP - ok
12:33:02.0864 7652 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
12:33:02.0865 7652 hwpolicy - ok
12:33:02.0876 7652 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
12:33:02.0878 7652 i8042prt - ok
12:33:02.0915 7652 iaStor (d469b77687e12fe43e344806740b624d) C:\windows\system32\DRIVERS\iaStor.sys
12:33:02.0919 7652 iaStor - ok
12:33:02.0985 7652 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
12:33:02.0990 7652 iaStorV - ok
12:33:03.0071 7652 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:33:03.0074 7652 IDriverT - ok
12:33:03.0204 7652 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:33:03.0216 7652 idsvc - ok
12:33:03.0791 7652 igfx (370c2a8629b30f910f740387795ddc6f) C:\windows\system32\DRIVERS\igdkmd64.sys
12:33:04.0022 7652 igfx - ok
12:33:04.0138 7652 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
12:33:04.0141 7652 iirsp - ok
12:33:04.0188 7652 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
12:33:04.0203 7652 IKEEXT - ok
12:33:04.0346 7652 IntcAzAudAddService (16c324e22208e6e8336c3f2da14cfe2d) C:\windows\system32\drivers\RTKVHD64.sys
12:33:04.0379 7652 IntcAzAudAddService - ok
12:33:04.0497 7652 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
12:33:04.0499 7652 intelide - ok
12:33:04.0531 7652 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
12:33:04.0533 7652 intelppm - ok
12:33:04.0565 7652 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
12:33:04.0569 7652 IPBusEnum - ok
12:33:04.0585 7652 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
12:33:04.0587 7652 IpFilterDriver - ok
12:33:04.0617 7652 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
12:33:04.0624 7652 iphlpsvc - ok
12:33:04.0638 7652 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
12:33:04.0640 7652 IPMIDRV - ok
12:33:04.0663 7652 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
12:33:04.0665 7652 IPNAT - ok
12:33:04.0750 7652 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
12:33:04.0760 7652 iPod Service - ok
12:33:04.0811 7652 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
12:33:04.0812 7652 IRENUM - ok
12:33:04.0831 7652 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
12:33:04.0832 7652 isapnp - ok
12:33:04.0851 7652 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
12:33:04.0855 7652 iScsiPrt - ok
12:33:04.0889 7652 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
12:33:04.0890 7652 kbdclass - ok
12:33:04.0928 7652 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
12:33:04.0930 7652 kbdhid - ok
12:33:04.0951 7652 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
12:33:04.0952 7652 KeyIso - ok
12:33:04.0988 7652 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\windows\system32\Drivers\ksecdd.sys
12:33:04.0990 7652 KSecDD - ok
12:33:05.0023 7652 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\windows\system32\Drivers\ksecpkg.sys
12:33:05.0029 7652 KSecPkg - ok
12:33:05.0078 7652 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
12:33:05.0079 7652 ksthunk - ok
12:33:05.0141 7652 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
12:33:05.0148 7652 KtmRm - ok
12:33:05.0302 7652 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\System32\srvsvc.dll
12:33:05.0307 7652 LanmanServer - ok
12:33:05.0331 7652 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
12:33:05.0335 7652 LanmanWorkstation - ok
12:33:05.0368 7652 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
12:33:05.0369 7652 lltdio - ok
12:33:05.0411 7652 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
12:33:05.0416 7652 lltdsvc - ok
12:33:05.0434 7652 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
12:33:05.0436 7652 lmhosts - ok
12:33:05.0566 7652 LMIGuardianSvc (98b0fcc176dfb711b67651becb88c445) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
12:33:05.0575 7652 LMIGuardianSvc - ok
12:33:05.0630 7652 LMIInfo (0317335b15ff3bda8e10197e3434cfc0) C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
12:33:05.0631 7652 LMIInfo - ok
12:33:05.0686 7652 LMIMaint (b712511029cbd68645a90a241fd6ae43) C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
12:33:05.0689 7652 LMIMaint - ok
12:33:05.0733 7652 lmimirr (413ecdcfad9a82804d3674c8d7eec24e) C:\windows\system32\DRIVERS\lmimirr.sys
12:33:05.0734 7652 lmimirr - ok
12:33:05.0758 7652 LMIRfsClientNP - ok
12:33:05.0805 7652 LMIRfsDriver (c57d3faa50e6f395759ffb7c709bd944) C:\windows\system32\drivers\LMIRfsDriver.sys
12:33:05.0808 7652 LMIRfsDriver - ok
12:33:05.0867 7652 LMS (7f32d4c47a50e7223491e8fb9359907d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:33:05.0873 7652 LMS - ok
12:33:05.0915 7652 LogMeIn (d3760bc17e1755091b7120cf32dbf56b) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
12:33:05.0920 7652 LogMeIn - ok
12:33:05.0963 7652 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
12:33:05.0966 7652 LSI_FC - ok
12:33:05.0977 7652 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
12:33:05.0980 7652 LSI_SAS - ok
12:33:05.0999 7652 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
12:33:06.0001 7652 LSI_SAS2 - ok
12:33:06.0034 7652 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
12:33:06.0036 7652 LSI_SCSI - ok
12:33:06.0078 7652 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
12:33:06.0080 7652 luafv - ok
12:33:06.0146 7652 LVUSBS64 (9761370ffb533cf6e4a7176f4baa3ba9) C:\windows\system32\drivers\LVUSBS64.sys
12:33:06.0148 7652 LVUSBS64 - ok
12:33:06.0217 7652 ManyCam (d33e2b74cf8b3a652bf0a9fbd068e87a) C:\windows\system32\DRIVERS\ManyCam_x64.sys
12:33:06.0218 7652 ManyCam - ok
12:33:06.0304 7652 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
12:33:06.0327 7652 McComponentHostService - ok
12:33:06.0354 7652 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
12:33:06.0358 7652 Mcx2Svc - ok
12:33:06.0385 7652 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
12:33:06.0388 7652 megasas - ok
12:33:06.0414 7652 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
12:33:06.0418 7652 MegaSR - ok
12:33:06.0448 7652 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
12:33:06.0449 7652 MEIx64 - ok
12:33:06.0487 7652 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
12:33:06.0489 7652 MMCSS - ok
12:33:06.0521 7652 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
12:33:06.0525 7652 Modem - ok
12:33:06.0554 7652 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
12:33:06.0559 7652 monitor - ok
12:33:06.0594 7652 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
12:33:06.0596 7652 mouclass - ok
12:33:06.0621 7652 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\drivers\mouhid.sys
12:33:06.0623 7652 mouhid - ok
12:33:06.0642 7652 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
12:33:06.0644 7652 mountmgr - ok
12:33:06.0753 7652 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:33:06.0755 7652 MozillaMaintenance - ok
12:33:06.0771 7652 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
12:33:06.0774 7652 mpio - ok
12:33:06.0803 7652 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
12:33:06.0805 7652 mpsdrv - ok
12:33:06.0856 7652 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
12:33:06.0867 7652 MpsSvc - ok
12:33:06.0887 7652 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
12:33:06.0889 7652 MRxDAV - ok
12:33:06.0914 7652 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
12:33:06.0917 7652 mrxsmb - ok
12:33:06.0952 7652 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
12:33:06.0956 7652 mrxsmb10 - ok
12:33:06.0983 7652 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
12:33:06.0986 7652 mrxsmb20 - ok
12:33:07.0024 7652 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\DRIVERS\msahci.sys
12:33:07.0025 7652 msahci - ok
12:33:07.0042 7652 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
12:33:07.0045 7652 msdsm - ok
12:33:07.0093 7652 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
12:33:07.0097 7652 MSDTC - ok
12:33:07.0149 7652 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
12:33:07.0151 7652 Msfs - ok
12:33:07.0178 7652 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
12:33:07.0179 7652 mshidkmdf - ok
12:33:07.0194 7652 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
12:33:07.0195 7652 msisadrv - ok
12:33:07.0237 7652 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
12:33:07.0241 7652 MSiSCSI - ok
12:33:07.0244 7652 msiserver - ok
12:33:07.0272 7652 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
12:33:07.0273 7652 MSKSSRV - ok
12:33:07.0301 7652 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
12:33:07.0303 7652 MSPCLOCK - ok
12:33:07.0310 7652 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
12:33:07.0312 7652 MSPQM - ok
12:33:07.0349 7652 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
12:33:07.0354 7652 MsRPC - ok
12:33:07.0372 7652 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
12:33:07.0373 7652 mssmbios - ok
12:33:07.0408 7652 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
12:33:07.0409 7652 MSTEE - ok
12:33:07.0431 7652 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
12:33:07.0434 7652 MTConfig - ok
12:33:07.0459 7652 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
12:33:07.0461 7652 Mup - ok
12:33:07.0494 7652 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
12:33:07.0504 7652 napagent - ok
12:33:07.0554 7652 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
12:33:07.0559 7652 NativeWifiP - ok
12:33:07.0616 7652 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
12:33:07.0627 7652 NDIS - ok
12:33:07.0695 7652 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
12:33:07.0696 7652 NdisCap - ok
12:33:07.0733 7652 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
12:33:07.0736 7652 NdisTapi - ok
12:33:07.0782 7652 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
12:33:07.0783 7652 Ndisuio - ok
12:33:07.0826 7652 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
12:33:07.0828 7652 NdisWan - ok
12:33:07.0840 7652 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
12:33:07.0842 7652 NDProxy - ok
12:33:07.0875 7652 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
12:33:07.0877 7652 NetBIOS - ok
12:33:07.0919 7652 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
12:33:07.0922 7652 NetBT - ok
12:33:07.0974 7652 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
12:33:07.0976 7652 Netlogon - ok
12:33:08.0023 7652 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
12:33:08.0029 7652 Netman - ok
12:33:08.0166 7652 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:33:08.0169 7652 NetMsmqActivator - ok
12:33:08.0194 7652 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:33:08.0197 7652 NetPipeActivator - ok
12:33:08.0245 7652 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
12:33:08.0253 7652 netprofm - ok
12:33:08.0292 7652 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:33:08.0293 7652 NetTcpActivator - ok
12:33:08.0297 7652 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:33:08.0299 7652 NetTcpPortSharing - ok
12:33:08.0360 7652 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
12:33:08.0361 7652 nfrd960 - ok
12:33:08.0418 7652 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
12:33:08.0423 7652 NlaSvc - ok
12:33:08.0478 7652 Norton PC Checkup Application Launcher - ok
12:33:08.0498 7652 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
12:33:08.0500 7652 Npfs - ok
12:33:08.0525 7652 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
12:33:08.0527 7652 nsi - ok
12:33:08.0556 7652 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
12:33:08.0556 7652 nsiproxy - ok
12:33:08.0663 7652 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
12:33:08.0682 7652 Ntfs - ok
12:33:08.0792 7652 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
12:33:08.0793 7652 Null - ok
12:33:08.0858 7652 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
12:33:08.0861 7652 nvraid - ok
12:33:08.0883 7652 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
12:33:08.0885 7652 nvstor - ok
12:33:08.0920 7652 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
12:33:08.0922 7652 nv_agp - ok
12:33:08.0935 7652 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
12:33:08.0937 7652 ohci1394 - ok
12:33:09.0022 7652 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:33:09.0041 7652 ose - ok
12:33:09.0412 7652 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:33:09.0537 7652 osppsvc - ok
12:33:09.0652 7652 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
12:33:09.0658 7652 p2pimsvc - ok
12:33:09.0690 7652 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
12:33:09.0697 7652 p2psvc - ok
12:33:09.0756 7652 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
12:33:09.0758 7652 Parport - ok
12:33:09.0777 7652 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
12:33:09.0779 7652 partmgr - ok
12:33:09.0808 7652 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
12:33:09.0812 7652 PcaSvc - ok
12:33:09.0884 7652 PCCUJobMgr (2f86be1818c2d7ac90478e3323ee7fcb) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
12:33:09.0886 7652 PCCUJobMgr - ok
12:33:09.0924 7652 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
12:33:09.0926 7652 pci - ok
12:33:09.0943 7652 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
12:33:09.0948 7652 pciide - ok
12:33:09.0981 7652 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
12:33:09.0984 7652 pcmcia - ok
12:33:10.0013 7652 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
12:33:10.0015 7652 pcw - ok
12:33:10.0062 7652 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
12:33:10.0070 7652 PEAUTH - ok
12:33:10.0133 7652 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
12:33:10.0135 7652 PerfHost - ok
12:33:10.0172 7652 PGEffect (91111cebbde8015e822c46120ed9537c) C:\windows\system32\DRIVERS\pgeffect.sys
12:33:10.0173 7652 PGEffect - ok
12:33:10.0263 7652 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
12:33:10.0281 7652 pla - ok
12:33:10.0328 7652 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
12:33:10.0335 7652 PlugPlay - ok
12:33:10.0376 7652 pneteth (8ac5649c9070674d4607301c180ab10b) C:\windows\system32\DRIVERS\pneteth.sys
12:33:10.0378 7652 pneteth - ok
12:33:10.0407 7652 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
12:33:10.0409 7652 PNRPAutoReg - ok
12:33:10.0430 7652 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
12:33:10.0434 7652 PNRPsvc - ok
12:33:10.0477 7652 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
12:33:10.0483 7652 PolicyAgent - ok
12:33:10.0523 7652 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
12:33:10.0527 7652 Power - ok
12:33:10.0560 7652 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
12:33:10.0562 7652 PptpMiniport - ok
12:33:10.0575 7652 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
12:33:10.0577 7652 Processor - ok
12:33:10.0618 7652 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
12:33:10.0622 7652 ProfSvc - ok
12:33:10.0640 7652 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
12:33:10.0642 7652 ProtectedStorage - ok
12:33:10.0668 7652 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
12:33:10.0670 7652 Psched - ok
12:33:10.0734 7652 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
12:33:10.0735 7652 PxHlpa64 - ok
12:33:10.0804 7652 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
12:33:10.0821 7652 ql2300 - ok
12:33:10.0997 7652 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
12:33:10.0999 7652 ql40xx - ok
12:33:11.0040 7652 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
12:33:11.0044 7652 QWAVE - ok
12:33:11.0064 7652 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
12:33:11.0066 7652 QWAVEdrv - ok
12:33:11.0145 7652 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\windows\WindowsMobile\rapimgr.dll
12:33:11.0150 7652 RapiMgr - ok
12:33:11.0189 7652 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
12:33:11.0191 7652 RasAcd - ok
12:33:11.0244 7652 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
12:33:11.0245 7652 RasAgileVpn - ok
12:33:11.0280 7652 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
12:33:11.0284 7652 RasAuto - ok
12:33:11.0307 7652 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
12:33:11.0309 7652 Rasl2tp - ok
12:33:11.0356 7652 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
12:33:11.0361 7652 RasMan - ok
12:33:11.0405 7652 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
12:33:11.0408 7652 RasPppoe - ok
12:33:11.0457 7652 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
12:33:11.0460 7652 RasSstp - ok
12:33:11.0491 7652 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
12:33:11.0495 7652 rdbss - ok
12:33:11.0536 7652 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
12:33:11.0538 7652 rdpbus - ok
12:33:11.0561 7652 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
12:33:11.0561 7652 RDPCDD - ok
12:33:11.0580 7652 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
12:33:11.0586 7652 RDPENCDD - ok
12:33:11.0593 7652 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
12:33:11.0594 7652 RDPREFMP - ok
12:33:11.0616 7652 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\windows\system32\drivers\RDPWD.sys
12:33:11.0619 7652 RDPWD - ok
12:33:11.0676 7652 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
12:33:11.0686 7652 rdyboost - ok
12:33:11.0719 7652 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
12:33:11.0722 7652 RemoteAccess - ok
12:33:11.0750 7652 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
12:33:11.0755 7652 RemoteRegistry - ok
12:33:11.0775 7652 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
12:33:11.0778 7652 RpcEptMapper - ok
12:33:11.0796 7652 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
12:33:11.0797 7652 RpcLocator - ok
12:33:11.0831 7652 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
12:33:11.0836 7652 RpcSs - ok
12:33:11.0873 7652 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
12:33:11.0875 7652 rspndr - ok
12:33:11.0925 7652 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
12:33:11.0932 7652 RSUSBSTOR - ok
12:33:11.0968 7652 RTL8167 (6d3c7e7d82d3dc92dc2a8b0df9f20f8a) C:\windows\system32\DRIVERS\Rt64win7.sys
12:33:11.0980 7652 RTL8167 - ok
12:33:12.0046 7652 RTL8192Ce (e7d79600575f755614dd5d79b044d588) C:\windows\system32\DRIVERS\rtl8192Ce.sys
12:33:12.0060 7652 RTL8192Ce - ok
12:33:12.0083 7652 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
12:33:12.0085 7652 SamSs - ok
12:33:12.0156 7652 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:33:12.0162 7652 SASDIFSV - ok
12:33:12.0192 7652 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:33:12.0193 7652 SASKUTIL - ok
12:33:12.0216 7652 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
12:33:12.0218 7652 sbp2port - ok
12:33:12.0237 7652 SBRE - ok
12:33:12.0278 7652 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
12:33:12.0285 7652 SCardSvr - ok
12:33:12.0294 7652 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
12:33:12.0296 7652 scfilter - ok
12:33:12.0353 7652 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
12:33:12.0366 7652 Schedule - ok
12:33:12.0390 7652 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
12:33:12.0391 7652 SCPolicySvc - ok
12:33:12.0419 7652 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
12:33:12.0423 7652 SDRSVC - ok
12:33:12.0480 7652 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
12:33:12.0482 7652 secdrv - ok
12:33:12.0513 7652 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
12:33:12.0516 7652 seclogon - ok
12:33:12.0535 7652 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
12:33:12.0537 7652 SENS - ok
12:33:12.0553 7652 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
12:33:12.0555 7652 SensrSvc - ok
12:33:12.0583 7652 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
12:33:12.0584 7652 Serenum - ok
12:33:12.0620 7652 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
12:33:12.0622 7652 Serial - ok
12:33:12.0649 7652 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
12:33:12.0651 7652 sermouse - ok
12:33:12.0694 7652 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
12:33:12.0698 7652 SessionEnv - ok
12:33:12.0702 7652 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
12:33:12.0703 7652 sffdisk - ok
12:33:12.0727 7652 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
12:33:12.0729 7652 sffp_mmc - ok
12:33:12.0734 7652 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
12:33:12.0735 7652 sffp_sd - ok
12:33:12.0739 7652 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
12:33:12.0740 7652 sfloppy - ok
12:33:12.0797 7652 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
12:33:12.0802 7652 SharedAccess - ok
12:33:12.0839 7652 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
12:33:12.0845 7652 ShellHWDetection - ok
12:33:12.0878 7652 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
12:33:12.0879 7652 SiSRaid2 - ok
12:33:12.0912 7652 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
12:33:12.0913 7652 SiSRaid4 - ok
12:33:13.0185 7652 Skype C2C Service (0f97e7a47a52f4a36969f0fc319654c2) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:33:13.0255 7652 Skype C2C Service - ok
12:33:13.0347 7652 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
12:33:13.0350 7652 SkypeUpdate - ok
12:33:13.0477 7652 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
12:33:13.0479 7652 Smb - ok
12:33:13.0527 7652 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
12:33:13.0529 7652 SNMPTRAP - ok
12:33:13.0563 7652 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
12:33:13.0564 7652 spldr - ok
12:33:13.0609 7652 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
12:33:13.0618 7652 Spooler - ok
12:33:13.0764 7652 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
12:33:13.0823 7652 sppsvc - ok
12:33:13.0932 7652 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
12:33:13.0936 7652 sppuinotify - ok
12:33:13.0991 7652 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
12:33:13.0996 7652 srv - ok
12:33:14.0025 7652 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
12:33:14.0032 7652 srv2 - ok
12:33:14.0066 7652 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
12:33:14.0069 7652 srvnet - ok
12:33:14.0102 7652 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
12:33:14.0106 7652 SSDPSRV - ok
12:33:14.0123 7652 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
12:33:14.0127 7652 SstpSvc - ok
12:33:14.0152 7652 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
12:33:14.0154 7652 stexstor - ok
12:33:14.0203 7652 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
12:33:14.0212 7652 stisvc - ok
12:33:14.0238 7652 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
12:33:14.0239 7652 swenum - ok
12:33:14.0343 7652 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:33:14.0366 7652 SwitchBoard - ok
12:33:14.0407 7652 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
12:33:14.0416 7652 swprv - ok
12:33:14.0505 7652 SynTP (f5b46df59feaa48a442aed7eeb754d4b) C:\windows\system32\DRIVERS\SynTP.sys
12:33:14.0525 7652 SynTP - ok
12:33:14.0676 7652 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
12:33:14.0697 7652 SysMain - ok
12:33:14.0807 7652 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
12:33:14.0812 7652 TabletInputService - ok
12:33:14.0886 7652 tap0901 (f0b9d3ed88e56d3cd713dff21e42aaf0) C:\windows\system32\DRIVERS\tap0901.sys
12:33:14.0899 7652 tap0901 - ok
12:33:14.0935 7652 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
12:33:14.0944 7652 TapiSrv - ok
12:33:14.0964 7652 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
12:33:14.0967 7652 TBS - ok
12:33:15.0053 7652 Tcpip (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\drivers\tcpip.sys
12:33:15.0076 7652 Tcpip - ok
12:33:15.0265 7652 TCPIP6 (f0e98c00a09fdf791525829a1d14240f) C:\windows\system32\DRIVERS\tcpip.sys
12:33:15.0279 7652 TCPIP6 - ok
12:33:15.0396 7652 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
12:33:15.0397 7652 tcpipreg - ok
12:33:15.0418 7652 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys
12:33:15.0420 7652 tdcmdpst - ok
12:33:15.0441 7652 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
12:33:15.0442 7652 TDPIPE - ok
12:33:15.0448 7652 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys
12:33:15.0451 7652 TDTCP - ok
12:33:15.0473 7652 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
12:33:15.0475 7652 tdx - ok
12:33:15.0651 7652 TeamViewer7 (33966a658ff37e0c65d46e59f37e2380) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
12:33:15.0692 7652 TeamViewer7 - ok
12:33:15.0809 7652 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
12:33:15.0811 7652 TermDD - ok
12:33:15.0856 7652 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
12:33:15.0867 7652 TermService - ok
12:33:15.0885 7652 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
12:33:15.0887 7652 Themes - ok
12:33:15.0916 7652 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
12:33:15.0917 7652 THREADORDER - ok
12:33:16.0042 7652 TinyWall (36f36843c02f7a98019a4e5503d28788) C:\Program Files (x86)\TinyWall\TinyWall.exe
12:33:16.0049 7652 TinyWall - ok
12:33:16.0120 7652 TMachInfo (83e91963c4452be6899503cf9ebfd3ed) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
12:33:16.0121 7652 TMachInfo - ok
12:33:16.0153 7652 TODDSrv (8e2c799d3476eac32c3ba0df7ce6af19) C:\windows\system32\TODDSrv.exe
12:33:16.0157 7652 TODDSrv - ok
12:33:16.0241 7652 TosCoSrv (cdc97fa5c42b07fb0d4600e17c32f582) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
12:33:16.0248 7652 TosCoSrv - ok
12:33:16.0286 7652 TOSHIBA HDD SSD Alert Service (edb4b432db13ea3d1eb2356310d33263) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
12:33:16.0289 7652 TOSHIBA HDD SSD Alert Service - ok
12:33:16.0358 7652 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys
12:33:16.0364 7652 tos_sps64 - ok
12:33:16.0398 7652 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
12:33:16.0401 7652 TrkWks - ok
12:33:16.0446 7652 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
12:33:16.0448 7652 TrustedInstaller - ok
12:33:16.0473 7652 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
12:33:16.0475 7652 tssecsrv - ok
12:33:16.0502 7652 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
12:33:16.0504 7652 TsUsbFlt - ok
12:33:16.0523 7652 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
12:33:16.0524 7652 TsUsbGD - ok
12:33:16.0551 7652 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
12:33:16.0554 7652 tunnel - ok
12:33:16.0590 7652 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS
12:33:16.0591 7652 TVALZ - ok
12:33:16.0620 7652 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
12:33:16.0622 7652 uagp35 - ok
12:33:16.0666 7652 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
12:33:16.0670 7652 udfs - ok
12:33:16.0705 7652 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
12:33:16.0707 7652 UI0Detect - ok
12:33:16.0739 7652 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
12:33:16.0741 7652 uliagpkx - ok
12:33:16.0765 7652 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
12:33:16.0767 7652 umbus - ok
12:33:16.0786 7652 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
12:33:16.0787 7652 UmPass - ok
12:33:16.0959 7652 UNS (2c16648a12999ae69a9ebf41974b0ba2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:33:17.0046 7652 UNS - ok
12:33:17.0185 7652 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
12:33:17.0191 7652 upnphost - ok
12:33:17.0276 7652 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\windows\system32\drivers\usbaudio.sys
12:33:17.0281 7652 usbaudio - ok
12:33:17.0329 7652 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
12:33:17.0332 7652 usbccgp - ok
12:33:17.0377 7652 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
12:33:17.0383 7652 usbcir - ok
12:33:17.0430 7652 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
12:33:17.0432 7652 usbehci - ok
12:33:17.0463 7652 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
12:33:17.0469 7652 usbhub - ok
12:33:17.0485 7652 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
12:33:17.0487 7652 usbohci - ok
12:33:17.0521 7652 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
12:33:17.0522 7652 usbprint - ok
12:33:17.0569 7652 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
12:33:17.0573 7652 usbscan - ok
12:33:17.0618 7652 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
12:33:17.0620 7652 USBSTOR - ok
12:33:17.0638 7652 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
12:33:17.0640 7652 usbuhci - ok
12:33:17.0690 7652 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
12:33:17.0694 7652 usbvideo - ok
12:33:17.0724 7652 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
12:33:17.0727 7652 UxSms - ok
12:33:17.0749 7652 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\windows\system32\lsass.exe
12:33:17.0751 7652 VaultSvc - ok
12:33:17.0790 7652 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
12:33:17.0791 7652 vdrvroot - ok
12:33:17.0824 7652 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
12:33:17.0833 7652 vds - ok
12:33:17.0849 7652 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
12:33:17.0851 7652 vga - ok
12:33:17.0870 7652 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
12:33:17.0871 7652 VgaSave - ok
12:33:17.0895 7652 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
12:33:17.0899 7652 vhdmp - ok
12:33:17.0932 7652 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
12:33:17.0934 7652 viaide - ok
12:33:17.0952 7652 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
12:33:17.0954 7652 volmgr - ok
12:33:17.0987 7652 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
12:33:17.0992 7652 volmgrx - ok
12:33:18.0040 7652 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
12:33:18.0044 7652 volsnap - ok
12:33:18.0083 7652 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
12:33:18.0086 7652 vsmraid - ok
12:33:18.0219 7652 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
12:33:18.0247 7652 VSS - ok
12:33:18.0562 7652 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
12:33:18.0563 7652 vwifibus - ok
12:33:18.0678 7652 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
12:33:18.0711 7652 vwififlt - ok
12:33:18.0767 7652 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
12:33:18.0775 7652 W32Time - ok
12:33:18.0826 7652 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
12:33:18.0834 7652 WacomPen - ok
12:33:18.0897 7652 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
12:33:18.0899 7652 WANARP - ok
12:33:18.0905 7652 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
12:33:18.0906 7652 Wanarpv6 - ok
12:33:18.0977 7652 wanatw (eceb715bece47e101ddec06b11126066) C:\windows\system32\DRIVERS\wanatw64.sys
12:33:18.0978 7652 wanatw - ok
12:33:19.0177 7652 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
12:33:19.0193 7652 WatAdminSvc - ok
12:33:19.0393 7652 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
12:33:19.0425 7652 wbengine - ok
12:33:19.0678 7652 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
12:33:19.0683 7652 WbioSrvc - ok
12:33:19.0807 7652 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\windows\WindowsMobile\wcescomm.dll
12:33:19.0813 7652 WcesComm - ok
12:33:19.0859 7652 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
12:33:19.0867 7652 wcncsvc - ok
12:33:19.0899 7652 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
12:33:19.0908 7652 WcsPlugInService - ok
12:33:20.0025 7652 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
12:33:20.0028 7652 Wd - ok
12:33:20.0165 7652 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
12:33:20.0198 7652 Wdf01000 - ok
12:33:20.0235 7652 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
12:33:20.0238 7652 WdiServiceHost - ok
12:33:20.0243 7652 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
12:33:20.0246 7652 WdiSystemHost - ok
12:33:20.0285 7652 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
12:33:20.0290 7652 WebClient - ok
12:33:20.0334 7652 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
12:33:20.0340 7652 Wecsvc - ok
12:33:20.0401 7652 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
12:33:20.0412 7652 wercplsupport - ok
12:33:20.0437 7652 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
12:33:20.0441 7652 WerSvc - ok
12:33:20.0564 7652 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
12:33:20.0566 7652 WfpLwf - ok
12:33:20.0587 7652 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
12:33:20.0588 7652 WIMMount - ok
12:33:20.0643 7652 WinDefend - ok
12:33:20.0656 7652 WinHttpAutoProxySvc - ok
12:33:20.0726 7652 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
12:33:20.0730 7652 Winmgmt - ok
12:33:20.0915 7652 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
12:33:20.0958 7652 WinRM - ok
12:33:21.0203 7652 WinUSB (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUSB.sys
12:33:21.0204 7652 WinUSB - ok
12:33:21.0287 7652 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
12:33:21.0305 7652 Wlansvc - ok
12:33:21.0387 7652 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:33:21.0389 7652 wlcrasvc - ok
12:33:21.0651 7652 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:33:21.0694 7652 wlidsvc - ok
12:33:21.0836 7652 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
12:33:21.0838 7652 WmiAcpi - ok
12:33:21.0905 7652 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
12:33:21.0908 7652 wmiApSrv - ok
12:33:21.0946 7652 WMPNetworkSvc - ok
12:33:21.0988 7652 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
12:33:21.0992 7652 WPCSvc - ok
12:33:22.0011 7652 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
12:33:22.0015 7652 WPDBusEnum - ok
12:33:22.0042 7652 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
12:33:22.0043 7652 ws2ifsl - ok
12:33:22.0076 7652 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\system32\wscsvc.dll
12:33:22.0079 7652 wscsvc - ok
12:33:22.0083 7652 WSearch - ok
12:33:22.0190 7652 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
12:33:22.0224 7652 wuauserv - ok
12:33:22.0344 7652 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
12:33:22.0346 7652 WudfPf - ok
12:33:22.0395 7652 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
12:33:22.0398 7652 WUDFRd - ok
12:33:22.0435 7652 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
12:33:22.0438 7652 wudfsvc - ok
12:33:22.0455 7652 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
12:33:22.0461 7652 WwanSvc - ok
12:33:22.0502 7652 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0
12:33:23.0655 7652 \Device\Harddisk0\DR0 - ok
12:33:23.0696 7652 Boot (0x1200) (f8c0a607ff515982ae58ec1e11aca0a9) \Device\Harddisk0\DR0\Partition0
12:33:23.0699 7652 \Device\Harddisk0\DR0\Partition0 - ok
12:33:23.0700 7652 ============================================================
12:33:23.0700 7652 Scan finished
12:33:23.0700 7652 ============================================================
12:33:23.0720 4588 Detected object count: 0
12:33:23.0720 4588 Actual detected object count: 0

ASWMBR LOG
----------

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-30 12:39:45
-----------------------------
12:39:45.993 OS Version: Windows x64 6.1.7601 Service Pack 1
12:39:45.993 Number of processors: 2 586 0x2A07
12:39:45.996 ComputerName: C-TOSH UserName: C
12:39:47.580 Initialize success
12:48:43.271 AVAST engine defs: 12073000
12:51:32.957 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
12:51:32.964 Disk 0 Vendor: TOSHIBA_ GB00 Size: 305245MB BusType: 3
12:51:32.994 Disk 0 MBR read successfully
12:51:33.002 Disk 0 MBR scan
12:51:33.013 Disk 0 Windows VISTA default MBR code
12:51:33.036 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
12:51:33.066 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289651 MB offset 3074048
12:51:33.096 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14093 MB offset 596279296
12:51:33.161 Disk 0 scanning C:\windows\system32\drivers
12:51:45.290 Service scanning
12:52:43.305 Modules scanning
12:52:43.325 Disk 0 trace - called modules:
12:52:43.414 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
12:52:43.780 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80046a1060]
12:52:43.794 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800414ae40]
12:52:43.807 5 ACPI.sys[fffff88000f227a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800414e050]
12:52:45.156 AVAST engine scan C:\windows
12:52:48.045 AVAST engine scan C:\windows\system32
12:56:54.492 AVAST engine scan C:\windows\system32\drivers
12:57:15.925 AVAST engine scan C:\Users\C
13:02:55.902 File: C:\Users\C\AppData\Local\{29f1beab-cf7f-da75-43eb-285dfa995abe}\U\00000001.@ **INFECTED** Win32:Malware-gen
13:02:55.962 File: C:\Users\C\AppData\Local\{29f1beab-cf7f-da75-43eb-285dfa995abe}\U\80000000.@ **INFECTED** Win32:Malware-gen
13:37:31.731 AVAST engine scan C:\ProgramData
13:43:59.958 Scan finished successfully
13:47:39.829 Disk 0 MBR has been saved successfully to "C:\Users\C\Documents\MBR.dat"
13:47:39.834 The log file has been saved successfully to "C:\Users\C\Documents\aswMBR.txt"

ESET LOG
--------

C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spnotifier.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sp_move_serial.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sp_ubm.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\C\AppData\Roaming\capne.dll.vir a variant of Win32/Medfos.AY trojan cleaned by deleting - quarantined
C:\Users\C\AppData\Local\{29f1beab-cf7f-da75-43eb-285dfa995abe}\U\80000000.@ Win64/Sirefef.AL trojan cleaned by deleting - quarantined
C:\Users\C\AppData\Local\{CDE6CFD7-D18E-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\Users\C\Downloads\Temp\malware\cll.php PHP/Zapchast.NAQ trojan cleaned by deleting - quarantined
C:\Users\C\Downloads\Temp\malware\d693c2a978e5c3e490b6da9ec678b515.php PHP/Rst.R trojan cleaned by deleting - quarantined
C:\Users\C\Downloads\Temp\malware\fxxz.php.bak PHP/WebShell.NAH trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 PM

Posted 30 July 2012 - 07:38 PM

Run malwarebytes as instructed in my previous post,Run a full scan

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{29f1beab-cf7f-da75-43eb-285dfa995abe}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#5 cdittemore

cdittemore
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:09 PM

Posted 30 July 2012 - 11:28 PM

Look Log
--------
SystemLook 30.07.11 by jpshortstuff
Log created at 23:28 on 30/07/2012 by C
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{29f1beab-cf7f-da75-43eb-285dfa995abe}"
C:\Users\C\AppData\Local\{29f1beab-cf7f-da75-43eb-285dfa995abe} d--hs-- [03:23 21/11/2010]

-= EOF =-

Malware Bytes Log
-----------------

Malware Bytes Found Nothing

Mini Toolbox Log
----------------

MiniToolBox by Farbar Version: 23-07-2012
Ran by C (administrator) on 30-07-2012 at 23:27:08
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection 2 (Media disconnected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : C-Tosh
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9
Physical Address. . . . . . . . . : 00-FF-36-E9-29-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : PdaNet Broadband Adapter
Physical Address. . . . . . . . . : 00-26-37-BD-39-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : E0-69-95-C5-3F-61
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 4C-ED-DE-87-B3-8A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::30d7:f6d5:50bb:710c%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.64(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 30, 2012 11:21:31 PM
Lease Expires . . . . . . . . . . : Tuesday, July 31, 2012 11:21:32 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 239922654
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-72-8B-66-4C-ED-DE-87-B3-8A
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{36E92904-9AC0-4C73-B86A-DC23B5A51F70}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::381e:5d6:3f57:febf%13(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 402653184
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-72-8B-66-4C-ED-DE-87-B3-8A
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{52D81AE8-7C72-4AC5-A132-5D128B2AAB8D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{ECBC7858-E984-4248-B2D0-854BBF6F8A01}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.225.136] with 32 bytes of data:
Reply from 74.125.225.136: bytes=32 time=35ms TTL=53
Reply from 74.125.225.136: bytes=32 time=34ms TTL=53

Ping statistics for 74.125.225.136:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 34ms, Maximum = 35ms, Average = 34ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=68ms TTL=42
Reply from 98.139.183.24: bytes=32 time=86ms TTL=42

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 68ms, Maximum = 86ms, Average = 77ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.254

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...00 ff 36 e9 29 04 ......TAP-Win32 Adapter V9
16...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
12...e0 69 95 c5 3f 61 ......Realtek PCIe FE Family Controller
11...4c ed de 87 b3 8a ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.64 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.64 281
192.168.1.64 255.255.255.255 On-link 192.168.1.64 281
192.168.1.255 255.255.255.255 On-link 192.168.1.64 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.64 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.64 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
13 306 fe80::/64 On-link
11 281 fe80::30d7:f6d5:50bb:710c/128
On-link
13 306 fe80::381e:5d6:3f57:febf/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/30/2012 11:23:52 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 11:21:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 07:24:56 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 07:23:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 01:49:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/30/2012 01:49:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/30/2012 01:49:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/30/2012 01:49:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/28/2012 10:31:11 PM) (Source: Application Error) (User: )
Description: Faulting application name: Safari.exe, version: 5.34.57.2, time stamp: 0x4f982b5e
Faulting module name: Safari.dll, version: 7534.57.2.4, time stamp: 0x4f982b22
Exception code: 0xc0000005
Fault offset: 0x00093503
Faulting process id: 0x2764
Faulting application start time: 0xSafari.exe0
Faulting application path: Safari.exe1
Faulting module path: Safari.exe2
Report Id: Safari.exe3

Error: (07/28/2012 04:54:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: WebKit2WebProcess.exe, version: 7534.57.2.4, time stamp: 0x4f97642d
Faulting module name: np-mswmp.dll_unloaded, version: 0.0.0.0, time stamp: 0x461c294a
Exception code: 0xc0000005
Fault offset: 0x0cccd559
Faulting process id: 0x868
Faulting application start time: 0xWebKit2WebProcess.exe0
Faulting application path: WebKit2WebProcess.exe1
Faulting module path: WebKit2WebProcess.exe2
Report Id: WebKit2WebProcess.exe3


System errors:
=============
Error: (07/30/2012 11:21:37 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (07/30/2012 11:21:30 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (07/30/2012 07:23:32 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (07/30/2012 07:23:17 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%126

Error: (07/28/2012 00:03:17 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.

Error: (07/27/2012 00:20:29 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer7 service.

Error: (07/26/2012 07:46:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (07/26/2012 11:56:55 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (07/26/2012 00:58:42 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer7 service.

Error: (07/24/2012 04:30:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE


Microsoft Office Sessions:
=========================
Error: (07/30/2012 11:23:52 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 11:21:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 07:24:56 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (07/30/2012 07:23:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2012 01:49:10 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\C\Downloads\esetsmartinstaller_enu.exe

Error: (07/30/2012 01:49:07 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\C\Downloads\esetsmartinstaller_enu.exe

Error: (07/30/2012 01:49:07 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\C\Downloads\esetsmartinstaller_enu.exe

Error: (07/30/2012 01:49:05 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\C\Downloads\esetsmartinstaller_enu.exe

Error: (07/28/2012 10:31:11 PM) (Source: Application Error)(User: )
Description: Safari.exe5.34.57.24f982b5eSafari.dll7534.57.2.44f982b22c000000500093503276401cd6c38a93c39ecC:\Program Files (x86)\Safari\Safari.exeC:\Program Files (x86)\Safari\Safari.dll7572d129-d925-11e1-8092-00038a000015

Error: (07/28/2012 04:54:15 PM) (Source: Application Error)(User: )
Description: WebKit2WebProcess.exe7534.57.2.44f97642dnp-mswmp.dll_unloaded0.0.0.0461c294ac00000050cccd55986801cd6c38aa0d96bdC:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exenp-mswmp.dll63b22374-d8f6-11e1-8092-00038a000015


=========================== Installed Programs ============================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Amazon Kindle
Amazon Links (Version: 2.02)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
AuthorityHub (Version: 1.06)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Azon Keyword Generator (Version: 1.0.1.4)
Brother MFL-Pro Suite MFC-230C (Version: 1.0.2.0)
CameraHelperMsi (Version: 13.30.1395.0)
Camtasia Studio 6 (Version: 6.0.3)
CCleaner (Version: 3.20)
CloudBerry Explorer for Amazon S3 3.2.4 (Version: 3.2.4)
Core FTP LE
CutePDF Writer 2.8
D3DX10 (Version: 15.4.2368.0902)
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diigo Toolbar for Internet Explorer
Domain Name Analyzer v6.011412
Dropbox (Version: 1.4.7)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Evernote Exporter 0.4.1
Evernote v. 4.5.5 (Version: 4.5.5.6827)
FastStone Capture 7.0 (Version: 7.0)
FB Cash Accelerator 3.0 (Version: 3.0)
FB Lead Finder 3.0 (Version: 3.0)
FileLab Plugin 1.1.32 (Version: 1.1.32)
FreeMind (Version: 0.9.0)
Google Chrome (Version: 20.0.1132.57)
Google Gmail Notifier
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GoToMeeting 5.2.0.952 (Version: 5.2.0.952)
HandBrake 0.9.5 (Version: 0.9.5)
HD Writer AE 3.0 (Version: 3.00.019.1033)
HideIPVPN 1.0.0.2 (Version: 1.0.0.2)
Hitman Pro 3.5 (Version: 3.5.9.131)
HP Update (Version: 5.003.001.001)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 10.5.1.42)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Jing (Version: 2.6.12032.1)
join.me (Version: 1.2.1.374)
Junk Mail filter update (Version: 15.4.3502.0922)
Keyword Blaze (Version: 1.0.3)
Keyword Country
Keyword Pad v1.0.112706 (Version: 1.0)
Label@Once 1.0 (Version: 1.0)
LastPass (uninstall only)
Little Red Snapper v1.0
Localizer Leads Tool (Version: 3.4)
Logitech Webcam Software (Version: 2.30)
LogMeIn (Version: 4.1.1868)
LWS Facebook (Version: 13.30.1346.0)
LWS Gallery (Version: 13.30.1379.0)
LWS Help_main (Version: 13.30.1396.0)
LWS Launcher (Version: 13.30.1379.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.30.1395.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.30.1379.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.30.1346.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
ManyCam 2.6.60 (remove only) (Version: 2.6.60)
Market Samurai (Version: 0.91.0)
McAfee Security Scan Plus (Version: 2.0.181.2)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mobile Renegade 1.60 (Version: 1.60)
Mobilizer (Version: 0.9.5)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
NOOK ebook to PDF Converter (Version: )
NOOK for PC (Version: 2.5.5.8763)
Notepad++ (Version: 5.9.3)
Paint.NET v3.5.10 (Version: 3.60.0)
Pamela Pro 4.8 (Version: 4.8)
PdaNet for Android 3.02
PDF Settings CS6 (Version: 11.0)
Places Scout (Version: 2.2.8)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Raydal Autoresponder Series Maker 2.1.0.112
Realtek Ethernet Controller Driver (Version: 7.38.113.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6289)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Realtek WLAN Driver (Version: 2.00.0013)
RTC Client API v1.2 (Version: 1.2.0000)
Safari (Version: 5.34.57.2)
Sansa Updater (Version: 1.313)
Screenshot Captor 2.103.01
Skype Click to Call (Version: 6.1.10441)
Skype Launcher (Version: 2.01)
Skype Toolbar for Microsoft Office (Version: "1.1.0.10")
Skype™ 5.10 (Version: 5.10.115)
SmartDraw 2012
SniperBot plugIns ( a.k.a Kalbot ) 1.8 (Version: 1.8)
SniperBot Pro 1.0 (Version: 1.0)
Software Informer 1.1
SumatraPDF (Version: 2.1.1)
SUPERAntiSpyware (Version: 5.5.1012)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TC Web Conferencing (Version: 7.89)
TeamViewer 7 (Version: 7.0.12313)
Time Doctor 1.3.31
TinyWall (Version: 2.0.1.0)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 4.02.02)
Toshiba Book Place (Version: 2.2.6775)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 2.00.0010)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
Toshiba Laptop Checkup (Version: 2.0.10.26)
TOSHIBA Media Controller (Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (Version: 1.0.6.1)
Toshiba Online Backup (Version: 2.0.0.25)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.0)
TOSHIBA Service Station (Version: 2.1.52)
TOSHIBA Supervisor Password (Version: 2.00.0006)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Web Camera Application (Version: 2.0.0.13)
TOSHIBA Wireless LAN Indicator (Version: 1.0.2)
ToshibaRegistration (Version: 1.0.4)
Uniblue SpeedUpMyPC (Version: 5.3.0.14)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft OneNote 2010 (KB2493983)
Update for Microsoft Outlook Social Connector (KB2583935)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 2.0.1 (Version: 2.0.1)
Web Weaver Platinum (Version: 2.0.2)
Web Weaver Platinum (Version: 2.0.2.6)
Winamp (Version: 5.622 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Mobile Device Center (Version: 6.1.6965.0)
XMind (Version: 3.2.1)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 60%
Total physical RAM: 4007.98 MB
Available physical RAM: 1577.16 MB
Total Pagefile: 8014.16 MB
Available Pagefile: 5119.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.18 MB

========================= Partitions: =====================================

1 Drive c: (TI106130W0F) (Fixed) (Total:282.86 GB) (Free:136.19 GB) NTFS

========================= Users: ========================================

User accounts for \\C-TOSH

Administrator C Guest


**** End of log ****


FSS LOG
-------

Farbar Service Scanner Version: 26-07-2012
Ran by C (administrator) on 30-07-2012 at 23:26:15
Running from "C:\Users\C\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


Adware Cleaner
--------------

# AdwCleaner v1.703 - Logfile created 07/30/2012 at 23:19:13
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : C - C-TOSH
# Running from : C:\Users\C\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Program Files (x86)\Viewpoint

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Viewpoint
[x64] Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

-\\ Google Chrome v20.0.1132.57

*************************

AdwCleaner[S1].txt - [260 octets] - [30/07/2012 23:18:49]
AdwCleaner[S2].txt - [1731 octets] - [30/07/2012 23:19:13]

########## EOF - C:\AdwCleaner[S2].txt - [1859 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 PM

Posted 31 July 2012 - 06:46 AM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\C\AppData\Local\{29f1beab-cf7f-da75-43eb-285dfa995abe}

delete the folder

Download

BITS

Launch it,click YES

Restart the PC,post the new FSS log

#7 cdittemore

cdittemore
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:09 PM

Posted 31 July 2012 - 11:03 AM

I checked the App Data folder, but its not showing the file at all?

So, I redid the look to see if it was there and it is, but it's not showing up in windows explorer?

And I have all files being shown?

Here's a screenshot:
http://screencast.com/t/vSy9vPErrndV

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 PM

Posted 31 July 2012 - 01:03 PM

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok


Please re do this again and check

#9 cdittemore

cdittemore
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:09 PM

Posted 02 August 2012 - 01:41 AM

Farbar Service Scanner Version: 26-07-2012
Ran by C (administrator) on 02-08-2012 at 02:28:42
Running from "C:\Users\C\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 PM

Posted 02 August 2012 - 09:19 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:folderfind
{29f1beab-cf7f-da75-43eb-285dfa995abe}

Click on LOOK,post the generated log

#11 cdittemore

cdittemore
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:09 PM

Posted 02 August 2012 - 12:48 PM

SystemLook 30.07.11 by jpshortstuff
Log created at 13:45 on 02/08/2012 by C
Administrator - Elevation successful

========== folderfind ==========

Searching for "{29f1beab-cf7f-da75-43eb-285dfa995abe}"
No folders found.

-= EOF =-

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:09 PM

Posted 02 August 2012 - 01:10 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users