Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

trojan dropper bcminer


  • Please log in to reply
9 replies to this topic

#1 dontlikeviruses

dontlikeviruses

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 05 August 2012 - 01:10 AM

Hi there

I got infected with the trojan dropper bcminer virus
I ran a ton of scans (anti malbytes,AVG,ad-adware,kaspersky virus removal tool)

none of the scans are showing it up anymore , I did do combofix unsupervised and I think on about step 43 or something it said a system file was corrupted
I haven't ran combofix again, kasperspy and anti malbytes seemed to have removed it but I can't be for sure

what should I do now? because I read the nature of this virus can keep coming back and a threat to security/passwords etc I'm a little worried

I don't have the windows recovery disks with me (windows vista) and if it is never a sure thing it will be gone I might buy a new laptop to be safe (this one is a little old)

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 05 August 2012 - 03:25 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 dontlikeviruses

dontlikeviruses
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 05 August 2012 - 04:55 PM

Hi

Here is the results, ESET found three threats

TDSS killer

10:39:14.0858 4232 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
10:39:14.0951 4232 ============================================================
10:39:14.0951 4232 Current date / time: 2012/08/05 10:39:14.0951
10:39:14.0951 4232 SystemInfo:
10:39:14.0951 4232
10:39:14.0951 4232 OS Version: 6.0.6002 ServicePack: 2.0
10:39:14.0951 4232 Product type: Workstation
10:39:14.0951 4232 ComputerName: JUSTIN-PC
10:39:14.0951 4232 UserName: Justin
10:39:14.0951 4232 Windows directory: C:\Windows
10:39:14.0951 4232 System windows directory: C:\Windows
10:39:14.0951 4232 Running under WOW64
10:39:14.0951 4232 Processor architecture: Intel x64
10:39:14.0951 4232 Number of processors: 2
10:39:14.0951 4232 Page size: 0x1000
10:39:14.0951 4232 Boot type: Normal boot
10:39:14.0951 4232 ============================================================
10:39:18.0165 4232 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:39:18.0181 4232 ============================================================
10:39:18.0181 4232 \Device\Harddisk0\DR0:
10:39:18.0227 4232 MBR partitions:
10:39:18.0227 4232 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B7E7CAA
10:39:18.0227 4232 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B7E7CE9, BlocksNum 0x19DC898
10:39:18.0227 4232 ============================================================
10:39:18.0430 4232 C: <-> \Device\Harddisk0\DR0\Partition0
10:39:18.0727 4232 D: <-> \Device\Harddisk0\DR0\Partition1
10:39:18.0727 4232 ============================================================
10:39:18.0727 4232 Initialize success
10:39:18.0727 4232 ============================================================
10:39:46.0181 6092 ============================================================
10:39:46.0181 6092 Scan started
10:39:46.0181 6092 Mode: Manual; TDLFS;
10:39:46.0181 6092 ============================================================
10:39:47.0663 6092 42306620 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\42306620.sys
10:39:47.0710 6092 42306620 - ok
10:39:47.0866 6092 42785658 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\42785658.sys
10:39:47.0913 6092 42785658 - ok
10:39:47.0959 6092 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
10:39:48.0053 6092 ACPI - ok
10:39:48.0193 6092 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
10:39:48.0256 6092 adp94xx - ok
10:39:48.0334 6092 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
10:39:48.0381 6092 adpahci - ok
10:39:48.0427 6092 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
10:39:48.0459 6092 adpu160m - ok
10:39:48.0490 6092 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
10:39:48.0505 6092 adpu320 - ok
10:39:48.0537 6092 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
10:39:48.0537 6092 AeLookupSvc - ok
10:39:48.0599 6092 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
10:39:48.0630 6092 AFD - ok
10:39:48.0677 6092 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
10:39:48.0677 6092 agp440 - ok
10:39:48.0708 6092 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
10:39:48.0724 6092 aic78xx - ok
10:39:48.0739 6092 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
10:39:48.0771 6092 ALG - ok
10:39:48.0817 6092 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
10:39:48.0833 6092 aliide - ok
10:39:48.0833 6092 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
10:39:48.0833 6092 amdide - ok
10:39:48.0973 6092 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\DRIVERS\amdk8.sys
10:39:48.0973 6092 AmdK8 - ok
10:39:49.0005 6092 ApfiltrService (da67966fa1072cbcbc63b2c39bcc64a3) C:\Windows\system32\DRIVERS\Apfiltr.sys
10:39:49.0067 6092 ApfiltrService - ok
10:39:49.0129 6092 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
10:39:49.0129 6092 Appinfo - ok
10:39:49.0457 6092 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:39:49.0473 6092 Apple Mobile Device - ok
10:39:49.0535 6092 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
10:39:49.0535 6092 arc - ok
10:39:49.0582 6092 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
10:39:49.0597 6092 arcsas - ok
10:39:49.0644 6092 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
10:39:49.0644 6092 AsyncMac - ok
10:39:49.0800 6092 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
10:39:49.0816 6092 atapi - ok
10:39:50.0128 6092 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
10:39:50.0253 6092 AudioEndpointBuilder - ok
10:39:50.0268 6092 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
10:39:50.0284 6092 AudioSrv - ok
10:39:52.0562 6092 AVGIDSAgent (7a0f6a3e0e41425b9ba54616b482668a) C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
10:39:52.0640 6092 AVGIDSAgent - ok
10:39:53.0062 6092 AVGIDSDriver (6ab06c4e99f575b9b5701a33ba9fd19e) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
10:39:53.0077 6092 AVGIDSDriver - ok
10:39:53.0124 6092 AVGIDSEH (0994ba65388c7d5282242d1124fe8373) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
10:39:53.0171 6092 AVGIDSEH - ok
10:39:53.0218 6092 AVGIDSFilter (bf9ebe32b3827991d2100fcebca1af01) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
10:39:53.0218 6092 AVGIDSFilter - ok
10:39:53.0311 6092 Avgldx64 (ff7383388a7d2283dae5831abc2b0720) C:\Windows\system32\DRIVERS\avgldx64.sys
10:39:53.0342 6092 Avgldx64 - ok
10:39:53.0374 6092 Avgmfx64 (997d002827d3e3dcbbb25bf46db161ab) C:\Windows\system32\DRIVERS\avgmfx64.sys
10:39:53.0374 6092 Avgmfx64 - ok
10:39:53.0405 6092 Avgrkx64 (bccfe3374c887075cde2ac8fdb1cb2f8) C:\Windows\system32\DRIVERS\avgrkx64.sys
10:39:53.0405 6092 Avgrkx64 - ok
10:39:53.0483 6092 Avgtdia (0d49adcebe243b79366ea523b647519a) C:\Windows\system32\DRIVERS\avgtdia.sys
10:39:53.0514 6092 Avgtdia - ok
10:39:54.0200 6092 avgwd (fc2bc51120a945f7c70376495e4e7737) C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
10:39:54.0200 6092 avgwd - ok
10:39:54.0278 6092 axefx2load (2c37491e10004b3ee45f0fb4a05126ec) C:\Windows\system32\Drivers\axefx2load.sys
10:39:54.0310 6092 axefx2load - ok
10:39:54.0606 6092 Basics Service (55fed228fe147ecb9c47a1c55388896e) C:\Program Files (x86)\Seagate\Basics\Service\SyncServicesBasics.exe
10:39:54.0606 6092 Basics Service - ok
10:39:54.0793 6092 BCM43XV (a2160c5d70f3517fc7356b689abd6fcd) C:\Windows\system32\DRIVERS\bcmwl664.sys
10:39:54.0840 6092 BCM43XV - ok
10:39:55.0012 6092 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
10:39:55.0074 6092 BFE - ok
10:39:55.0573 6092 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
10:39:55.0916 6092 BITS - ok
10:39:56.0431 6092 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
10:39:56.0431 6092 blbdrive - ok
10:39:56.0556 6092 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:39:56.0572 6092 Bonjour Service - ok
10:39:56.0821 6092 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys
10:39:56.0821 6092 bowser - ok
10:39:56.0899 6092 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
10:39:56.0946 6092 BrFiltLo - ok
10:39:56.0962 6092 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
10:39:56.0962 6092 BrFiltUp - ok
10:39:57.0008 6092 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
10:39:57.0008 6092 Browser - ok
10:39:57.0040 6092 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
10:39:57.0055 6092 Brserid - ok
10:39:57.0071 6092 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
10:39:57.0071 6092 BrSerWdm - ok
10:39:57.0102 6092 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
10:39:57.0102 6092 BrUsbMdm - ok
10:39:57.0133 6092 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
10:39:57.0133 6092 BrUsbSer - ok
10:39:57.0180 6092 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
10:39:57.0180 6092 BthEnum - ok
10:39:57.0211 6092 BTHMODEM (72f70a38bb15252eb7c4da7ba3bd4ed1) C:\Windows\system32\DRIVERS\bthmodem.sys
10:39:57.0242 6092 BTHMODEM - ok
10:39:57.0289 6092 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
10:39:57.0305 6092 BthPan - ok
10:39:57.0367 6092 BTHPORT (2ff122eeb3a712feda238fb331f738b9) C:\Windows\system32\Drivers\BTHport.sys
10:39:57.0430 6092 BTHPORT - ok
10:39:57.0492 6092 BthServ (22e65ffd640f16968f855f5b3528d366) C:\Windows\System32\bthserv.dll
10:39:57.0492 6092 BthServ - ok
10:39:57.0508 6092 BTHUSB (2b668e7c1616c0e931714272934c678b) C:\Windows\system32\Drivers\BTHUSB.sys
10:39:57.0508 6092 BTHUSB - ok
10:39:57.0570 6092 btwaudio (5c73e29f176a0a258ef2d339c1bd9e3e) C:\Windows\system32\drivers\btwaudio.sys
10:39:57.0570 6092 btwaudio - ok
10:39:57.0617 6092 btwavdt (73b4341807e3398dac73102e4709ecb0) C:\Windows\system32\drivers\btwavdt.sys
10:39:57.0617 6092 btwavdt - ok
10:39:57.0648 6092 btwrchid (da0386aed062087147a4a9e09a23f6f1) C:\Windows\system32\DRIVERS\btwrchid.sys
10:39:57.0648 6092 btwrchid - ok
10:39:57.0664 6092 catchme - ok
10:39:57.0757 6092 CAXHWAZL (942bd3cb0933febd194b42d4e489c246) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
10:39:57.0788 6092 CAXHWAZL - ok
10:39:57.0820 6092 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
10:39:57.0835 6092 cdfs - ok
10:39:57.0866 6092 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
10:39:57.0898 6092 cdrom - ok
10:39:57.0944 6092 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
10:39:57.0944 6092 CertPropSvc - ok
10:39:58.0164 6092 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
10:39:58.0164 6092 circlass - ok
10:39:58.0273 6092 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
10:39:58.0413 6092 CLFS - ok
10:39:58.0819 6092 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:39:58.0850 6092 clr_optimization_v2.0.50727_32 - ok
10:39:59.0287 6092 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:39:59.0349 6092 clr_optimization_v2.0.50727_64 - ok
10:39:59.0599 6092 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:39:59.0615 6092 clr_optimization_v4.0.30319_32 - ok
10:39:59.0755 6092 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:39:59.0755 6092 clr_optimization_v4.0.30319_64 - ok
10:39:59.0817 6092 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
10:39:59.0849 6092 CmBatt - ok
10:39:59.0911 6092 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
10:39:59.0927 6092 cmdide - ok
10:39:59.0989 6092 CnxtHdAudService (5a220d86c6e0dd92ea0ea157ed3ca267) C:\Windows\system32\drivers\CHDRT64.sys
10:40:00.0083 6092 CnxtHdAudService - ok
10:40:00.0239 6092 Com4Qlb (d8774ace03b46c9b01a49818055f9ad4) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
10:40:00.0348 6092 Com4Qlb - ok
10:40:00.0348 6092 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
10:40:00.0363 6092 Compbatt - ok
10:40:00.0379 6092 COMSysApp - ok
10:40:00.0426 6092 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
10:40:00.0426 6092 crcdisk - ok
10:40:00.0519 6092 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
10:40:00.0535 6092 CryptSvc - ok
10:40:00.0863 6092 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
10:40:00.0941 6092 DcomLaunch - ok
10:40:00.0987 6092 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
10:40:01.0034 6092 DfsC - ok
10:40:01.0129 6092 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
10:40:01.0129 6092 Dhcp - ok
10:40:01.0441 6092 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
10:40:01.0456 6092 disk - ok
10:40:01.0597 6092 Dnscache (21d16b37257370975c7457c3a5efa530) C:\Windows\System32\dnsrslvr.dll
10:40:01.0612 6092 Dnscache - ok
10:40:02.0128 6092 dnWhoDisp (201d48cd1c4e874e071444ce7c874813) C:\Program Files (x86)\Rockwell Software\RSLINX\dnwhodisp.exe
10:40:02.0159 6092 dnWhoDisp - ok
10:40:02.0206 6092 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
10:40:02.0222 6092 dot3svc - ok
10:40:02.0269 6092 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
10:40:02.0331 6092 DPS - ok
10:40:02.0471 6092 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
10:40:02.0503 6092 drmkaud - ok
10:40:02.0752 6092 DXGKrnl (1d96e28ebcd96ad1b44a3fd02ca6433d) C:\Windows\System32\drivers\dxgkrnl.sys
10:40:02.0799 6092 DXGKrnl - ok
10:40:02.0971 6092 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
10:40:03.0064 6092 E1G60 - ok
10:40:03.0127 6092 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
10:40:03.0142 6092 EapHost - ok
10:40:03.0267 6092 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
10:40:03.0283 6092 Ecache - ok
10:40:03.0470 6092 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
10:40:03.0470 6092 ehRecvr - ok
10:40:03.0610 6092 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
10:40:03.0610 6092 ehSched - ok
10:40:03.0657 6092 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
10:40:03.0657 6092 ehstart - ok
10:40:03.0766 6092 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
10:40:03.0797 6092 elxstor - ok
10:40:03.0860 6092 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
10:40:04.0016 6092 EMDMgmt - ok
10:40:04.0078 6092 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
10:40:04.0078 6092 ErrDev - ok
10:40:04.0173 6092 EventClientMultiplexer (515cb9649fc4ae1bd0345449737e42ff) C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
10:40:04.0173 6092 EventClientMultiplexer - ok
10:40:04.0266 6092 EventServer (914a8aa39de70d497baaa659f7cab7bd) C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
10:40:04.0266 6092 EventServer - ok
10:40:04.0313 6092 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
10:40:04.0329 6092 EventSystem - ok
10:40:04.0438 6092 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
10:40:04.0516 6092 exfat - ok
10:40:04.0688 6092 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
10:40:04.0750 6092 fastfat - ok
10:40:04.0812 6092 fasusbaudio (9002a18bf50c3a607bf13a32e57dd946) C:\Windows\system32\DRIVERS\fasusbaudio_x64.sys
10:40:04.0953 6092 fasusbaudio - ok
10:40:05.0062 6092 fasusbaudioks (50e0e73a290d69d846a1b10d405c143f) C:\Windows\system32\DRIVERS\fasusbaudioks_x64.sys
10:40:05.0078 6092 fasusbaudioks - ok
10:40:05.0249 6092 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
10:40:05.0265 6092 fdc - ok
10:40:05.0312 6092 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
10:40:05.0312 6092 fdPHost - ok
10:40:05.0405 6092 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
10:40:05.0483 6092 FDResPub - ok
10:40:05.0499 6092 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
10:40:05.0514 6092 FileInfo - ok
10:40:05.0546 6092 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
10:40:05.0561 6092 Filetrace - ok
10:40:05.0624 6092 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
10:40:05.0624 6092 flpydisk - ok
10:40:05.0670 6092 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
10:40:05.0748 6092 FltMgr - ok
10:40:06.0029 6092 FontCache (fdf5f06efc8f98bac5fe8b216f93aa5e) C:\Windows\system32\FntCache.dll
10:40:06.0076 6092 FontCache - ok
10:40:06.0232 6092 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:40:06.0248 6092 FontCache3.0.0.0 - ok
10:40:06.0388 6092 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
10:40:06.0404 6092 Fs_Rec - ok
10:40:06.0435 6092 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
10:40:06.0435 6092 gagp30kx - ok
10:40:06.0544 6092 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\Drivers\GEARAspiWDM.sys
10:40:06.0684 6092 GEARAspiWDM - ok
10:40:06.0747 6092 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
10:40:06.0809 6092 gpsvc - ok
10:40:07.0043 6092 Harmony (732ccd45411dd65fb8e442b12f3dbd7e) C:\Program Files (x86)\Rockwell Software\RSCommon\RSOBSERV.EXE
10:40:07.0090 6092 Harmony - ok
10:40:07.0184 6092 HdAudAddService (730998bf8b5d23c94628cfbbdcec93c7) C:\Windows\system32\drivers\CHDART64.sys
10:40:07.0262 6092 HdAudAddService - ok
10:40:07.0449 6092 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:40:07.0542 6092 HDAudBus - ok
10:40:07.0745 6092 HidBth (39f7d79b3401be029d8451f761d30331) C:\Windows\system32\DRIVERS\hidbth.sys
10:40:07.0745 6092 HidBth - ok
10:40:07.0792 6092 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
10:40:07.0792 6092 HidIr - ok
10:40:07.0917 6092 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\System32\hidserv.dll
10:40:07.0932 6092 hidserv - ok
10:40:07.0964 6092 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
10:40:07.0979 6092 HidUsb - ok
10:40:08.0182 6092 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
10:40:08.0183 6092 hkmsvc - ok
10:40:08.0370 6092 HP Health Check Service (0d26c438e2938a3e6bdd91173bc96ff0) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
10:40:08.0370 6092 HP Health Check Service - ok
10:40:08.0448 6092 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
10:40:08.0464 6092 HpCISSs - ok
10:40:08.0542 6092 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
10:40:08.0557 6092 HpqKbFiltr - ok
10:40:08.0947 6092 HpqRemHid (e53d53d66d61794af8160741946d0b43) C:\Windows\system32\DRIVERS\HpqRemHid.sys
10:40:08.0963 6092 HpqRemHid - ok
10:40:09.0010 6092 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:40:09.0010 6092 hpqwmiex - ok
10:40:09.0259 6092 HSFHWAZL (57ba73b5b321291e5114cb21350e1ea0) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
10:40:09.0322 6092 HSFHWAZL - ok
10:40:09.0790 6092 HSF_DPV (dda869537ae9ce501954cb7793134d96) C:\Windows\system32\DRIVERS\CAX_DPV.sys
10:40:09.0852 6092 HSF_DPV - ok
10:40:10.0117 6092 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
10:40:10.0195 6092 HTTP - ok
10:40:10.0242 6092 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
10:40:10.0242 6092 i2omp - ok
10:40:10.0289 6092 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
10:40:10.0289 6092 i8042prt - ok
10:40:10.0383 6092 iaStor (ceb53bb804b41c52ab0782505c8e2994) C:\Windows\system32\DRIVERS\iaStor.sys
10:40:10.0383 6092 iaStor - ok
10:40:10.0445 6092 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
10:40:10.0461 6092 iaStorV - ok
10:40:10.0585 6092 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:40:10.0617 6092 IDriverT - ok
10:40:10.0991 6092 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:40:11.0007 6092 idsvc - ok
10:40:11.0958 6092 igfx (df87170ec724080676c18d5a0af87fc5) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:40:12.0223 6092 igfx - ok
10:40:12.0520 6092 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
10:40:12.0535 6092 iirsp - ok
10:40:12.0785 6092 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
10:40:12.0941 6092 IKEEXT - ok
10:40:12.0988 6092 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
10:40:12.0988 6092 intelide - ok
10:40:13.0019 6092 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
10:40:13.0019 6092 intelppm - ok
10:40:13.0050 6092 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
10:40:13.0066 6092 IPBusEnum - ok
10:40:13.0300 6092 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:40:13.0315 6092 IpFilterDriver - ok
10:40:13.0471 6092 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
10:40:13.0612 6092 iphlpsvc - ok
10:40:13.0612 6092 IpInIp - ok
10:40:13.0737 6092 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
10:40:13.0752 6092 IPMIDRV - ok
10:40:13.0924 6092 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
10:40:13.0939 6092 IPNAT - ok
10:40:14.0298 6092 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
10:40:14.0314 6092 iPod Service - ok
10:40:14.0439 6092 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
10:40:14.0439 6092 IRENUM - ok
10:40:14.0485 6092 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
10:40:14.0485 6092 isapnp - ok
10:40:14.0548 6092 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
10:40:14.0563 6092 iScsiPrt - ok
10:40:14.0610 6092 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
10:40:14.0610 6092 iteatapi - ok
10:40:14.0657 6092 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
10:40:14.0657 6092 iteraid - ok
10:40:14.0704 6092 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
10:40:14.0704 6092 kbdclass - ok
10:40:14.0875 6092 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
10:40:14.0891 6092 kbdhid - ok
10:40:14.0985 6092 KeyIso (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
10:40:14.0985 6092 KeyIso - ok
10:40:15.0234 6092 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
10:40:15.0312 6092 KSecDD - ok
10:40:15.0375 6092 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
10:40:15.0375 6092 ksthunk - ok
10:40:15.0562 6092 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
10:40:15.0671 6092 KtmRm - ok
10:40:15.0780 6092 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\System32\srvsvc.dll
10:40:15.0796 6092 LanmanServer - ok
10:40:15.0858 6092 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
10:40:15.0921 6092 LanmanWorkstation - ok
10:40:16.0545 6092 Lavasoft Ad-Aware Service (ed60ffd305ac0424920d146db9f9ed78) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
10:40:16.0576 6092 Lavasoft Ad-Aware Service - ok
10:40:16.0950 6092 Lbd (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys
10:40:17.0013 6092 Lbd - ok
10:40:17.0231 6092 LBTServ (88e52495b47c67126b510af53fdb0bc7) C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
10:40:17.0247 6092 LBTServ - ok
10:40:17.0387 6092 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
10:40:17.0403 6092 LHidFilt - ok
10:40:17.0699 6092 LightScribeService (53710476495886d9961be46983a6a33f) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:40:17.0699 6092 LightScribeService - ok
10:40:17.0855 6092 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
10:40:17.0871 6092 lltdio - ok
10:40:17.0980 6092 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
10:40:18.0011 6092 lltdsvc - ok
10:40:18.0042 6092 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
10:40:18.0058 6092 lmhosts - ok
10:40:18.0089 6092 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
10:40:18.0089 6092 LMouFilt - ok
10:40:18.0136 6092 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
10:40:18.0183 6092 LSI_FC - ok
10:40:18.0214 6092 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
10:40:18.0245 6092 LSI_SAS - ok
10:40:18.0292 6092 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
10:40:18.0307 6092 LSI_SCSI - ok
10:40:18.0339 6092 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
10:40:18.0401 6092 luafv - ok
10:40:18.0463 6092 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\Windows\system32\Drivers\LUsbFilt.Sys
10:40:18.0463 6092 LUsbFilt - ok
10:40:18.0510 6092 MAUSBFTP - ok
10:40:18.0619 6092 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
10:40:18.0619 6092 Mcx2Svc - ok
10:40:18.0682 6092 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:40:18.0697 6092 mdmxsdk - ok
10:40:18.0760 6092 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
10:40:18.0760 6092 megasas - ok
10:40:18.0885 6092 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
10:40:18.0931 6092 MegaSR - ok
10:40:19.0056 6092 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
10:40:19.0072 6092 MMCSS - ok
10:40:19.0103 6092 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
10:40:19.0103 6092 Modem - ok
10:40:19.0353 6092 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
10:40:19.0353 6092 monitor - ok
10:40:19.0446 6092 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
10:40:19.0462 6092 mouclass - ok
10:40:19.0524 6092 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
10:40:19.0540 6092 mouhid - ok
10:40:19.0618 6092 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
10:40:19.0633 6092 MountMgr - ok
10:40:19.0680 6092 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
10:40:19.0743 6092 mpio - ok
10:40:19.0789 6092 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
10:40:19.0852 6092 mpsdrv - ok
10:40:19.0945 6092 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
10:40:19.0961 6092 Mraid35x - ok
10:40:20.0070 6092 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
10:40:20.0086 6092 MRxDAV - ok
10:40:20.0273 6092 mrxsmb (d58d129e26705e83a4deba7177eb7972) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:40:20.0304 6092 mrxsmb - ok
10:40:20.0491 6092 mrxsmb10 (d5be5c14e0f1dc489f5bb2a67983f630) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:40:20.0616 6092 mrxsmb10 - ok
10:40:20.0710 6092 mrxsmb20 (09a2990c3b293c212816c9bc0d7c200e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:40:20.0725 6092 mrxsmb20 - ok
10:40:20.0772 6092 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
10:40:20.0803 6092 msahci - ok
10:40:21.0037 6092 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
10:40:21.0037 6092 msdsm - ok
10:40:21.0100 6092 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
10:40:21.0115 6092 MSDTC - ok
10:40:21.0256 6092 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
10:40:21.0256 6092 Msfs - ok
10:40:21.0334 6092 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
10:40:21.0349 6092 msisadrv - ok
10:40:21.0443 6092 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
10:40:21.0490 6092 MSiSCSI - ok
10:40:21.0505 6092 msiserver - ok
10:40:21.0568 6092 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
10:40:21.0568 6092 MSKSSRV - ok
10:40:21.0599 6092 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
10:40:21.0615 6092 MSPCLOCK - ok
10:40:21.0646 6092 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
10:40:21.0646 6092 MSPQM - ok
10:40:21.0739 6092 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
10:40:21.0817 6092 MsRPC - ok
10:40:21.0849 6092 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
10:40:21.0849 6092 mssmbios - ok
10:40:21.0864 6092 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
10:40:21.0880 6092 MSTEE - ok
10:40:21.0895 6092 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
10:40:21.0927 6092 Mup - ok
10:40:22.0067 6092 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
10:40:22.0176 6092 napagent - ok
10:40:22.0254 6092 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
10:40:22.0270 6092 NativeWifiP - ok
10:40:22.0473 6092 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
10:40:22.0566 6092 NDIS - ok
10:40:22.0738 6092 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
10:40:22.0800 6092 NdisTapi - ok
10:40:22.0863 6092 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
10:40:22.0863 6092 Ndisuio - ok
10:40:22.0925 6092 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
10:40:22.0987 6092 NdisWan - ok
10:40:23.0003 6092 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
10:40:23.0034 6092 NDProxy - ok
10:40:23.0065 6092 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
10:40:23.0065 6092 NetBIOS - ok
10:40:23.0112 6092 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
10:40:23.0159 6092 netbt - ok
10:40:23.0190 6092 Netlogon (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
10:40:23.0190 6092 Netlogon - ok
10:40:23.0284 6092 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
10:40:23.0393 6092 Netman - ok
10:40:23.0471 6092 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
10:40:23.0471 6092 netprofm - ok
10:40:23.0799 6092 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:40:23.0814 6092 NetTcpPortSharing - ok
10:40:24.0282 6092 NETw4v64 (dae4178cf30cf07df3c53837ee5e96a7) C:\Windows\system32\DRIVERS\NETw4v64.sys
10:40:24.0407 6092 NETw4v64 - ok
10:40:25.0499 6092 NETw5v64 (2bdcb7b7917380794c9d87ac2153ce33) C:\Windows\system32\DRIVERS\NETw5v64.sys
10:40:25.0655 6092 NETw5v64 - ok
10:40:26.0201 6092 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
10:40:26.0263 6092 nfrd960 - ok
10:40:26.0326 6092 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
10:40:26.0373 6092 NlaSvc - ok
10:40:26.0622 6092 NmspHost (63bef46939f1ba9744affe5bb3591652) C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
10:40:26.0622 6092 NmspHost - ok
10:40:26.0809 6092 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
10:40:26.0809 6092 Npfs - ok
10:40:27.0028 6092 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
10:40:27.0043 6092 nsi - ok
10:40:27.0059 6092 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
10:40:27.0075 6092 nsiproxy - ok
10:40:27.0340 6092 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
10:40:27.0481 6092 Ntfs - ok
10:40:27.0856 6092 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
10:40:27.0856 6092 Null - ok
10:40:27.0934 6092 NVENETFD (9733f305fa84aaf84e7fb09c0b345adb) C:\Windows\system32\DRIVERS\nvm60x64.sys
10:40:28.0012 6092 NVENETFD - ok
10:40:28.0136 6092 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
10:40:28.0152 6092 nvraid - ok
10:40:28.0199 6092 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
10:40:28.0324 6092 nvstor - ok
10:40:28.0339 6092 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
10:40:28.0370 6092 nv_agp - ok
10:40:28.0370 6092 NwlnkFlt - ok
10:40:28.0386 6092 NwlnkFwd - ok
10:40:28.0433 6092 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
10:40:28.0464 6092 ohci1394 - ok
10:40:28.0620 6092 OpcEnum (a12b32fb9e4c88998997e61db4a07670) C:\Windows\SysWOW64\OpcEnum.exe
10:40:28.0667 6092 OpcEnum - ok
10:40:28.0823 6092 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:40:28.0885 6092 p2pimsvc - ok
10:40:28.0916 6092 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:40:28.0932 6092 p2psvc - ok
10:40:29.0135 6092 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
10:40:29.0150 6092 Parport - ok
10:40:29.0166 6092 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
10:40:29.0166 6092 partmgr - ok
10:40:29.0260 6092 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
10:40:29.0260 6092 PcaSvc - ok
10:40:29.0525 6092 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
10:40:29.0525 6092 pccsmcfd - ok
10:40:29.0790 6092 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
10:40:29.0806 6092 pci - ok
10:40:29.0821 6092 pcidnt - ok
10:40:30.0055 6092 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
10:40:30.0071 6092 pciide - ok
10:40:30.0118 6092 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
10:40:30.0227 6092 pcmcia - ok
10:40:30.0336 6092 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
10:40:30.0476 6092 PEAUTH - ok
10:40:30.0586 6092 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
10:40:30.0586 6092 PerfHost - ok
10:40:30.0773 6092 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
10:40:30.0820 6092 pla - ok
10:40:30.0866 6092 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
10:40:30.0944 6092 PlugPlay - ok
10:40:31.0194 6092 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:40:31.0210 6092 PNRPAutoReg - ok
10:40:31.0225 6092 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
10:40:31.0241 6092 PNRPsvc - ok
10:40:31.0568 6092 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
10:40:31.0740 6092 PolicyAgent - ok
10:40:31.0802 6092 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
10:40:31.0880 6092 PptpMiniport - ok
10:40:31.0927 6092 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
10:40:31.0927 6092 Processor - ok
10:40:32.0068 6092 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
10:40:32.0083 6092 ProfSvc - ok
10:40:32.0255 6092 ProtectedStorage (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
10:40:32.0255 6092 ProtectedStorage - ok
10:40:32.0302 6092 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
10:40:32.0317 6092 PSched - ok
10:40:32.0676 6092 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
10:40:32.0738 6092 ql2300 - ok
10:40:32.0816 6092 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
10:40:32.0863 6092 ql40xx - ok
10:40:32.0988 6092 QPCapSvc (ba396d1c71934e22679d3f4dac17e7ab) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
10:40:32.0988 6092 QPCapSvc - ok
10:40:33.0144 6092 QPSched (4b455e8c41cad3219ccf53024dcad604) C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
10:40:33.0144 6092 QPSched - ok
10:40:33.0331 6092 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
10:40:33.0456 6092 QWAVE - ok
10:40:33.0487 6092 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
10:40:33.0487 6092 QWAVEdrv - ok
10:40:33.0690 6092 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
10:40:33.0690 6092 RapiMgr - ok
10:40:33.0737 6092 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
10:40:33.0737 6092 RasAcd - ok
10:40:33.0784 6092 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
10:40:33.0784 6092 RasAuto - ok
10:40:33.0830 6092 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:40:33.0940 6092 Rasl2tp - ok
10:40:34.0064 6092 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
10:40:34.0111 6092 RasMan - ok
10:40:34.0298 6092 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
10:40:34.0314 6092 RasPppoe - ok
10:40:34.0579 6092 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
10:40:34.0595 6092 RasSstp - ok
10:40:34.0829 6092 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
10:40:34.0844 6092 rdbss - ok
10:40:35.0063 6092 RdcyHost (83b5017f5bd1e2be91654329244ef45f) C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
10:40:35.0063 6092 RdcyHost - ok
10:40:35.0203 6092 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:40:35.0219 6092 RDPCDD - ok
10:40:35.0328 6092 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
10:40:35.0359 6092 rdpdr - ok
10:40:35.0375 6092 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
10:40:35.0390 6092 RDPENCDD - ok
10:40:35.0468 6092 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
10:40:35.0515 6092 RDPWD - ok
10:40:35.0640 6092 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
10:40:35.0640 6092 RemoteAccess - ok
10:40:35.0718 6092 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
10:40:35.0749 6092 RemoteRegistry - ok
10:40:35.0952 6092 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
10:40:36.0046 6092 RFCOMM - ok
10:40:36.0389 6092 RichVideo (17e0bef5ca5c9ce52cc8082ac6ebc449) C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
10:40:36.0389 6092 RichVideo - ok
10:40:36.0482 6092 rimmptsk (ea67debad5eeb97a5003011145b6fd19) C:\Windows\system32\DRIVERS\rimmpx64.sys
10:40:36.0482 6092 rimmptsk - ok
10:40:36.0702 6092 rimsptsk (bb9edc55b0b8cb4fcd713428820e0776) C:\Windows\system32\DRIVERS\rimspx64.sys
10:40:36.0702 6092 rimsptsk - ok
10:40:36.0936 6092 rismxdp (481c3fdeacaae04b74c58288dbc91df9) C:\Windows\system32\DRIVERS\rixdpx64.sys
10:40:36.0951 6092 rismxdp - ok
10:40:37.0201 6092 RNADiagnosticsService (dd313735da6029e3364d0a54091874dc) C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
10:40:37.0201 6092 RNADiagnosticsService - ok
10:40:37.0607 6092 RNADiagReceiver (18f60539e2b05a25f389765ba212ec48) C:\Program Files (x86)\Common Files\Rockwell\RNADiagReceiver.exe
10:40:37.0794 6092 RNADiagReceiver - ok
10:40:37.0950 6092 RNADirectory (03fe2ef97255cafe915e53a7e4b7e689) C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
10:40:37.0950 6092 RNADirectory - ok
10:40:38.0106 6092 RNADirMultiplexor (8489bf294d33416415749656a6261ed3) C:\Program Files (x86)\Common Files\Rockwell\RNADirMultiplexor.exe
10:40:38.0106 6092 RNADirMultiplexor - ok
10:40:38.0636 6092 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
10:40:38.0667 6092 RpcLocator - ok
10:40:38.0792 6092 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
10:40:38.0808 6092 RpcSs - ok
10:40:39.0151 6092 RSLinx - ok
10:40:39.0338 6092 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
10:40:39.0354 6092 rspndr - ok
10:40:39.0369 6092 RSSERIAL - ok
10:40:39.0572 6092 RsvcHost (8edd7060ff6599d3ef949aeb698145a4) C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
10:40:39.0572 6092 RsvcHost - ok
10:40:39.0745 6092 SamSs (40348dcec0712ed42231c5f90a69a690) C:\Windows\system32\lsass.exe
10:40:39.0745 6092 SamSs - ok
10:40:39.0979 6092 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
10:40:39.0979 6092 sbp2port - ok
10:40:40.0010 6092 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
10:40:40.0041 6092 SCardSvr - ok
10:40:40.0244 6092 Schedule (717c12df4b7c93fec97d146ac1342b25) C:\Windows\system32\schedsvc.dll
10:40:40.0525 6092 Schedule - ok
10:40:40.0618 6092 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
10:40:40.0618 6092 SCPolicySvc - ok
10:40:40.0821 6092 sdbus (be100bc2be2513314c717bb2c4cfff10) C:\Windows\system32\DRIVERS\sdbus.sys
10:40:40.0837 6092 sdbus - ok
10:40:41.0102 6092 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
10:40:41.0118 6092 SDRSVC - ok
10:40:41.0289 6092 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:40:41.0398 6092 secdrv - ok
10:40:41.0461 6092 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
10:40:41.0461 6092 seclogon - ok
10:40:41.0508 6092 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
10:40:41.0554 6092 SENS - ok
10:40:41.0601 6092 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
10:40:41.0601 6092 Serenum - ok
10:40:41.0695 6092 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
10:40:41.0773 6092 Serial - ok
10:40:41.0804 6092 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
10:40:41.0804 6092 sermouse - ok
10:40:42.0069 6092 ServiceLayer (58d5bfdf3adf49fe9cabd78cc61d92f6) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
10:40:42.0132 6092 ServiceLayer - ok
10:40:42.0210 6092 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
10:40:42.0225 6092 SessionEnv - ok
10:40:42.0381 6092 sffdisk (3a19c899bcf0ea24cfec2038e6a489db) C:\Windows\system32\DRIVERS\sffdisk.sys
10:40:42.0490 6092 sffdisk - ok
10:40:42.0662 6092 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
10:40:42.0662 6092 sffp_mmc - ok
10:40:42.0709 6092 sffp_sd (fdca63a2eee528585eb66ceac183ec22) C:\Windows\system32\DRIVERS\sffp_sd.sys
10:40:42.0709 6092 sffp_sd - ok
10:40:42.0740 6092 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
10:40:42.0740 6092 sfloppy - ok
10:40:42.0818 6092 ShellHWDetection (2ad15758174dcc7993ff3c00a955dd66) C:\Windows\System32\shsvcs.dll
10:40:42.0896 6092 ShellHWDetection - ok
10:40:42.0958 6092 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
10:40:42.0958 6092 SiSRaid2 - ok
10:40:43.0005 6092 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
10:40:43.0021 6092 SiSRaid4 - ok
10:40:43.0255 6092 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe
10:40:43.0411 6092 SkypeUpdate - ok
10:40:44.0238 6092 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
10:40:44.0284 6092 slsvc - ok
10:40:44.0628 6092 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
10:40:44.0643 6092 SLUINotify - ok
10:40:45.0018 6092 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
10:40:45.0033 6092 Smb - ok
10:40:45.0080 6092 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
10:40:45.0080 6092 SNMPTRAP - ok
10:40:45.0142 6092 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
10:40:45.0142 6092 spldr - ok
10:40:45.0392 6092 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
10:40:45.0408 6092 Spooler - ok
10:40:45.0626 6092 srv (8cd33a47ca02c79038b669f31f95bdac) C:\Windows\system32\DRIVERS\srv.sys
10:40:45.0704 6092 srv - ok
10:40:45.0751 6092 srv2 (1bedf533096c56e70f87e3e3ee02caf5) C:\Windows\system32\DRIVERS\srv2.sys
10:40:45.0891 6092 srv2 - ok
10:40:45.0985 6092 srvnet (2b8c340f830c465f514d966f7e6a822f) C:\Windows\system32\DRIVERS\srvnet.sys
10:40:46.0000 6092 srvnet - ok
10:40:46.0017 6092 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
10:40:46.0048 6092 SSDPSRV - ok
10:40:46.0111 6092 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
10:40:46.0126 6092 SstpSvc - ok
10:40:46.0235 6092 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
10:40:46.0376 6092 stisvc - ok
10:40:46.0547 6092 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
10:40:46.0563 6092 swenum - ok
10:40:46.0625 6092 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
10:40:46.0657 6092 swprv - ok
10:40:46.0672 6092 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
10:40:46.0766 6092 Symc8xx - ok
10:40:46.0781 6092 SymIM - ok
10:40:46.0797 6092 SymIMMP - ok
10:40:46.0891 6092 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
10:40:46.0906 6092 Sym_hi - ok
10:40:46.0937 6092 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
10:40:46.0953 6092 Sym_u3 - ok
10:40:47.0015 6092 SynUSB64 (bcb6aa197267d3506be2535342fc40e0) C:\Windows\system32\DRIVERS\SynUSB64.sys
10:40:47.0063 6092 SynUSB64 - ok
10:40:47.0406 6092 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
10:40:47.0453 6092 SysMain - ok
10:40:47.0640 6092 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
10:40:47.0656 6092 TabletInputService - ok
10:40:47.0984 6092 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
10:40:48.0046 6092 TapiSrv - ok
10:40:48.0062 6092 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
10:40:48.0077 6092 TBS - ok
10:40:48.0467 6092 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
10:40:48.0545 6092 Tcpip - ok
10:40:49.0325 6092 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
10:40:49.0341 6092 Tcpip6 - ok
10:40:49.0809 6092 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
10:40:49.0871 6092 tcpipreg - ok
10:40:50.0074 6092 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
10:40:50.0105 6092 TDPIPE - ok
10:40:50.0270 6092 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
10:40:50.0317 6092 TDTCP - ok
10:40:50.0395 6092 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
10:40:50.0395 6092 tdx - ok
10:40:50.0457 6092 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
10:40:50.0504 6092 TermDD - ok
10:40:50.0566 6092 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
10:40:50.0598 6092 TermService - ok
10:40:50.0644 6092 Themes (2ad15758174dcc7993ff3c00a955dd66) C:\Windows\system32\shsvcs.dll
10:40:50.0676 6092 Themes - ok
10:40:50.0769 6092 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
10:40:50.0769 6092 THREADORDER - ok
10:40:50.0988 6092 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
10:40:51.0003 6092 TrkWks - ok
10:40:51.0112 6092 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
10:40:51.0112 6092 TrustedInstaller - ok
10:40:51.0144 6092 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:40:51.0159 6092 tssecsrv - ok
10:40:51.0190 6092 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
10:40:51.0206 6092 tunmp - ok
10:40:51.0346 6092 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
10:40:51.0378 6092 tunnel - ok
10:40:51.0580 6092 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
10:40:51.0596 6092 uagp35 - ok
10:40:51.0643 6092 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
10:40:51.0674 6092 udfs - ok
10:40:51.0721 6092 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
10:40:51.0721 6092 UI0Detect - ok
10:40:51.0768 6092 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
10:40:51.0846 6092 uliagpkx - ok
10:40:51.0892 6092 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
10:40:51.0908 6092 uliahci - ok
10:40:51.0955 6092 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
10:40:51.0970 6092 UlSata - ok
10:40:51.0986 6092 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
10:40:52.0002 6092 ulsata2 - ok
10:40:52.0033 6092 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
10:40:52.0064 6092 umbus - ok
10:40:52.0111 6092 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
10:40:52.0126 6092 upnphost - ok
10:40:52.0532 6092 upperdev - ok
10:40:52.0579 6092 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
10:40:52.0641 6092 USBAAPL64 - ok
10:40:52.0750 6092 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
10:40:52.0797 6092 usbaudio - ok
10:40:52.0938 6092 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
10:40:52.0969 6092 usbccgp - ok
10:40:53.0016 6092 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
10:40:53.0016 6092 usbcir - ok
10:40:53.0125 6092 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
10:40:53.0140 6092 usbehci - ok
10:40:53.0203 6092 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
10:40:53.0328 6092 usbhub - ok
10:40:53.0484 6092 usbohci (540b622da0949695c40cdc9d5d497a8b) C:\Windows\system32\DRIVERS\usbohci.sys
10:40:53.0484 6092 usbohci - ok
10:40:53.0515 6092 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
10:40:53.0562 6092 usbprint - ok
10:40:53.0624 6092 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:40:53.0640 6092 USBSTOR - ok
10:40:53.0686 6092 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
10:40:53.0780 6092 usbuhci - ok
10:40:53.0920 6092 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
10:40:53.0952 6092 usbvideo - ok
10:40:54.0154 6092 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
10:40:54.0170 6092 UxSms - ok
10:40:54.0326 6092 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
10:40:54.0513 6092 vds - ok
10:40:54.0607 6092 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
10:40:54.0622 6092 vga - ok
10:40:54.0654 6092 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
10:40:54.0700 6092 VgaSave - ok
10:40:54.0732 6092 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
10:40:54.0747 6092 viaide - ok
10:40:54.0747 6092 VirtualBackplane - ok
10:40:54.0856 6092 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
10:40:54.0872 6092 volmgr - ok
10:40:55.0075 6092 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
10:40:55.0215 6092 volmgrx - ok
10:40:55.0309 6092 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
10:40:55.0356 6092 volsnap - ok
10:40:55.0527 6092 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
10:40:55.0558 6092 vsmraid - ok
10:40:55.0886 6092 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
10:40:55.0917 6092 VSS - ok
10:40:56.0448 6092 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
10:40:56.0557 6092 W32Time - ok
10:40:56.0697 6092 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
10:40:56.0760 6092 WacomPen - ok
10:40:56.0931 6092 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
10:40:57.0040 6092 Wanarp - ok
10:40:57.0040 6092 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
10:40:57.0040 6092 Wanarpv6 - ok
10:40:57.0196 6092 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
10:40:57.0243 6092 WcesComm - ok
10:40:57.0446 6092 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
10:40:57.0555 6092 wcncsvc - ok
10:40:57.0602 6092 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
10:40:57.0602 6092 WcsPlugInService - ok
10:40:57.0633 6092 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
10:40:57.0633 6092 Wd - ok
10:40:57.0758 6092 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
10:40:57.0805 6092 Wdf01000 - ok
10:40:57.0836 6092 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
10:40:57.0836 6092 WdiServiceHost - ok
10:40:57.0852 6092 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
10:40:57.0852 6092 WdiSystemHost - ok
10:40:57.0945 6092 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
10:40:58.0101 6092 WebClient - ok
10:40:58.0210 6092 Wecsvc (bd9a749f36710ffa02e0e530f7451936) C:\Windows\system32\wecsvc.dll
10:40:58.0273 6092 Wecsvc - ok
10:40:58.0288 6092 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
10:40:58.0304 6092 wercplsupport - ok
10:40:58.0491 6092 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
10:40:58.0522 6092 WerSvc - ok
10:40:59.0022 6092 winachsf (590812dd01a4fe83c6e92fdb701e59a6) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
10:40:59.0068 6092 winachsf - ok
10:40:59.0178 6092 WinDefend - ok
10:40:59.0209 6092 WinHttpAutoProxySvc - ok
10:40:59.0380 6092 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
10:40:59.0396 6092 Winmgmt - ok
10:40:59.0677 6092 WinRM (42717db2be3a075d0f0cd5c927c27a43) C:\Windows\system32\WsmSvc.dll
10:40:59.0724 6092 WinRM - ok
10:40:59.0942 6092 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
10:40:59.0989 6092 Wlansvc - ok
10:41:03.0344 6092 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:41:03.0359 6092 wlidsvc - ok
10:41:03.0484 6092 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
10:41:03.0484 6092 WmiAcpi - ok
10:41:03.0547 6092 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
10:41:03.0625 6092 wmiApSrv - ok
10:41:03.0703 6092 WMPNetworkSvc - ok
10:41:03.0734 6092 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
10:41:03.0796 6092 WPCSvc - ok
10:41:04.0155 6092 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
10:41:04.0155 6092 WPDBusEnum - ok
10:41:04.0451 6092 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
10:41:04.0498 6092 WpdUsb - ok
10:41:05.0824 6092 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:41:06.0089 6092 WPFFontCache_v0400 - ok
10:41:06.0136 6092 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
10:41:06.0136 6092 ws2ifsl - ok
10:41:06.0167 6092 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\system32\wscsvc.dll
10:41:06.0199 6092 wscsvc - ok
10:41:06.0199 6092 WSearch - ok
10:41:08.0057 6092 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
10:41:08.0744 6092 wuauserv - ok
10:41:09.0510 6092 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:41:09.0572 6092 WUDFRd - ok
10:41:09.0884 6092 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
10:41:09.0915 6092 wudfsvc - ok
10:41:10.0040 6092 XAudio (f22e443518bc599d12888daf292a56d8) C:\Windows\system32\DRIVERS\xaudio64.sys
10:41:10.0040 6092 XAudio - ok
10:41:11.0070 6092 XAudioService (963c27034bba4ac52a13f7a3c657c708) C:\Windows\system32\DRIVERS\xaudio64.exe
10:41:11.0085 6092 XAudioService - ok
10:41:11.0148 6092 yukonx64 (2ae06b41b36549fabf0886b2af89a599) C:\Windows\system32\DRIVERS\yk60x64.sys
10:41:11.0273 6092 yukonx64 - ok
10:41:11.0366 6092 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
10:41:11.0678 6092 \Device\Harddisk0\DR0 - ok
10:41:11.0709 6092 Boot (0x1200) (a10c3fac81ffda14c6741b60687f9eca) \Device\Harddisk0\DR0\Partition0
10:41:11.0725 6092 \Device\Harddisk0\DR0\Partition0 - ok
10:41:11.0756 6092 Boot (0x1200) (2511bfabb241a227394ab57eb587834a) \Device\Harddisk0\DR0\Partition1
10:41:11.0787 6092 \Device\Harddisk0\DR0\Partition1 - ok
10:41:11.0787 6092 ============================================================
10:41:11.0787 6092 Scan finished
10:41:11.0787 6092 ============================================================
10:41:11.0803 3520 Detected object count: 0
10:41:11.0803 3520 Actual detected object count: 0







aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-05 10:47:00
-----------------------------
10:47:00.879 OS Version: Windows x64 6.0.6002 Service Pack 2
10:47:00.879 Number of processors: 2 586 0xF0D
10:47:00.879 ComputerName: JUSTIN-PC UserName: Justin
10:47:02.985 Initialize success
10:51:43.121 AVAST engine defs: 12080500
10:52:09.688 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
10:52:09.688 Disk 0 Vendor: ST925082 3.AH Size: 238475MB BusType: 3
10:52:09.704 Disk 1 \Device\Harddisk1\SR0 -> \Device\SdBus-0
10:52:09.720 Disk 1 Vendor: ( Size: 3886MB BusType: 12
10:52:09.751 Disk 0 MBR read successfully
10:52:09.751 Disk 0 MBR scan
10:52:09.766 Disk 0 unknown MBR code
10:52:09.766 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 225231 MB offset 63
10:52:09.798 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 13241 MB offset 461274345
10:52:09.860 Disk 0 scanning C:\Windows\system32\drivers
10:52:31.232 Service scanning
10:53:02.278 Modules scanning
10:53:02.294 Disk 0 trace - called modules:
10:53:02.325 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys iaStor.sys hal.dll
10:53:02.325 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006792790]
10:53:02.340 3 CLASSPNP.SYS[fffffa6001dcfc33] -> nt!IofCallDriver -> [0xfffffa8004c226a0]
10:53:02.356 5 acpi.sys[fffffa60008fdfde] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004c07050]
10:53:04.368 AVAST engine scan C:\Windows
10:53:10.842 AVAST engine scan C:\Windows\system32
10:59:14.891 AVAST engine scan C:\Windows\system32\drivers
11:00:10.133 AVAST engine scan C:\Users\Justin
11:37:48.668 AVAST engine scan C:\ProgramData
11:47:10.867 Scan finished successfully
11:48:13.688 Disk 0 MBR has been saved successfully to "C:\Users\Justin\Desktop\laptop virus\MBR.dat"
11:48:13.703 The log file has been saved successfully to "C:\Users\Justin\Desktop\laptop virus\aswMBR.txt"





ESET

C:\Users\Justin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\58ad53fc-667676dd Java/Exploit.CVE-2012-0507.CM trojan cleaned by deleting - quarantined
C:\Users\Justin\AppData\Roaming\783BF61177E1205B2AF9C86846AB784C\enemies-names.txt Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined
C:\Users\Justin\AppData\Roaming\783BF61177E1205B2AF9C86846AB784C\local.ini Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 05 August 2012 - 05:02 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 dontlikeviruses

dontlikeviruses
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 05 August 2012 - 11:07 PM

Thanks

First and Second Malware bytes found nothing on scan, when I ran the other programs I wasn't hooked up to the internet FYI

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.05.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.18975
Justin :: JUSTIN-PC [administrator]

05/08/2012 3:13:44 PM
mbam-log-2012-08-05 (15-13-44).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 459589
Time elapsed: 1 hour(s), 38 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


second scan on reboot

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.05.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.18975
Justin :: JUSTIN-PC [administrator]

05/08/2012 5:35:43 PM
mbam-log-2012-08-05 (17-35-43).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 459511
Time elapsed: 2 hour(s), 3 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)





mini toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Justin (administrator) on 05-08-2012 at 19:51:52
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Intel® Wireless WiFi Link 4965AGN = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Justin-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : vc.shawcable.net
Description . . . . . . . . . . . : Intel® Wireless WiFi Link 4965AGN
Physical Address. . . . . . . . . : 00-1F-3B-B9-A5-AB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 00-1E-37-E9-77-94
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : vc.shawcable.net
Description . . . . . . . . . . . : Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-1D-72-5E-29-8B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 18:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{95387B54-7ED4-461D-9192-D1A2AFF9CCF4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.vc.shawcable.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{95387B54-7ED4-461D-9192-D1A2AFF9CCF4}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
13 ...00 1f 3b b9 a5 ab ...... Intel® Wireless WiFi Link 4965AGN
12 ...00 1e 37 e9 77 94 ...... Bluetooth Device (Personal Area Network)
10 ...00 1d 72 5e 29 8b ...... Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
1 ........................... Software Loopback Interface 1
15 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
14 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
16 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
24 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
21 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
26 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
17 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
18 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
19 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
22 ...00 00 00 00 00 00 00 e0 isatap.{95387B54-7ED4-461D-9192-D1A2AFF9CCF4}
27 ...00 00 00 00 00 00 00 e0 isatap.vc.shawcable.net
28 ...00 00 00 00 00 00 00 e0 isatap.{95387B54-7ED4-461D-9192-D1A2AFF9CCF4}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/05/2012 05:27:24 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2012 02:51:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (08/05/2012 11:48:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (08/05/2012 10:39:04 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (08/05/2012 10:20:42 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 09:32:20 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.

Error: (08/03/2012 09:31:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2012 07:05:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2012 07:00:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2012 05:48:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/05/2012 05:50:40 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: 0x800f0825fr-FR

Error: (08/05/2012 05:47:41 PM) (Source: yukonx64) (User: )
Description: Driver status 1

Error: (08/05/2012 05:47:41 PM) (Source: yukonx64) (User: )
Description: Driver status 1

Error: (08/05/2012 05:47:41 PM) (Source: yukonx64) (User: )
Description: Driver status 1

Error: (08/05/2012 05:34:10 PM) (Source: Service Control Manager) (User: )
Description: Windows Update

Error: (08/05/2012 05:28:33 PM) (Source: Service Control Manager) (User: )
Description: VirtualBackplane

Error: (08/05/2012 05:28:33 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Task Scheduler (QTS)QuickPlay Background Capture Service (QBCS)%%1070

Error: (08/05/2012 05:28:32 PM) (Source: Service Control Manager) (User: )
Description: QuickPlay Background Capture Service (QBCS)

Error: (08/05/2012 05:27:25 PM) (Source: Service Control Manager) (User: )
Description: Computer Browser%%1060

Error: (08/05/2012 05:26:29 PM) (Source: Microsoft-Windows-TaskScheduler) (User: NT AUTHORITY)
Description: 2147942402


Microsoft Office Sessions:
=========================
Error: (08/05/2012 05:27:24 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2012 02:51:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestI:\laptop virus\esetsmartinstaller_enu.exe

Error: (08/05/2012 11:48:24 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Justin\Desktop\laptop virus\esetsmartinstaller_enu.exe

Error: (08/05/2012 10:39:04 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Justin\Desktop\laptop virus\esetsmartinstaller_enu.exe

Error: (08/05/2012 10:20:42 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2012 09:32:20 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.

Error: (08/03/2012 09:31:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2012 07:05:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/24/2012 07:00:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2012 05:48:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Apple Mobile Device Support (Version: 5.1.1.4)
µTorrent (Version: 1.8.2)
AVG 2011 (Version: 10.0.1424)
AVG 2011 (Version: 10.0.2437)
Bonjour (Version: 3.0.0.10)
CDDRV_Installer (Version: 4.60)
Conexant HD Audio (Version: 4.36.7.60)
EZDrummer64 (Version: 1.3.1)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Help and Support (Version: 1.5.0)
HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 (Version: 6.0.1.5500)
HP Photosmart Essential 2.5 (Version: 2.5)
HP QuickTouch 1.00 C3 (Version: 1.0.5)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.6.1.7)
KhalInstallWrapper (Version: 2.00.0000)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
MSVC80_x64 (Version: 1.0.1.0)
Paint.NET v3.5.2 (Version: 3.52.0)
SPBBC 64bit (Version: 107.0.0.134)
Touch Pad Driver
WeatherBug Gadget (Version: 1.0.0.6)
Windows Driver Package - Fractal Audio Systems (axefx2load) USB (05/15/2011 1.0.0.9) (Version: 05/15/2011 1.0.0.9)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 4085.43 MB
Available physical RAM: 1672.16 MB
Total Pagefile: 8362.1 MB
Available Pagefile: 6057.71 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.14 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:219.95 GB) (Free:36.7 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.93 GB) (Free:2.7 GB) NTFS
4 Drive f: () (Removable) (Total:3.79 GB) (Free:0.1 GB) FAT32
5 Drive i: (KINGSTON) (Removable) (Total:7.45 GB) (Free:0.61 GB) FAT32

========================= Users: ========================================

User accounts for \\JUSTIN-PC

Administrator Guest Justin


**** End of log ****




FSS

Farbar Service Scanner Version: 04-08-2012 01
Ran by Justin (administrator) on 05-08-2012 at 19:53:38
Running from "C:\Users\Justin\Desktop\laptop virus"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Unable to retrieve ServiceDll of sharedaccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-09-16 18:05] - [2009-04-11 00:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2009-09-16 18:06] - [2009-04-10 22:44] - 0406016 ____A (Microsoft Corporation) 12415CCFD3E7CEC55B5184E67B039FE4

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2010-08-12 13:20] - [2010-06-16 10:11] - 1426816 ____A (Microsoft Corporation) 973658A2EA9C06B2976884B9046DFC6C

C:\Windows\System32\dnsrslvr.dll
[2009-09-16 18:04] - [2009-04-11 00:11] - 0117760 ____A (Microsoft Corporation) 21D16B37257370975C7457C3A5EFA530

C:\Windows\System32\mpssvc.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-09-16 18:04] - [2009-04-11 00:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-09-16 18:06] - [2009-04-11 00:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-09-16 18:04] - [2009-04-11 00:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-09-16 18:05] - [2009-04-11 00:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll
[2009-10-05 17:27] - [2009-08-06 19:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D

C:\Windows\System32\qmgr.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2009-09-16 18:05] - [2009-04-11 00:11] - 0166912 ____A (Microsoft Corporation) 18918613E63F387CDE4D95CA7D49DCF7

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****



adwcleaner

# AdwCleaner v1.800 - Logfile created 08/05/2012 at 20:51:46
# Updated 01/08/2012 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Justin - JUSTIN-PC
# Running from : C:\Users\Justin\Desktop\laptop virus\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Viewpoint
Deleted on reboot : C:\Program Files (x86)\Viewpoint

***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18975

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Justin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "name" : "facemoods",
Deleted : "search_url" : "hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4",
Deleted : "homepage" : "hxxp://start.facemoods.com/?a=ddrnw",
Deleted : "path" : "C:\\Program Files (x86)\\Viewpoint\\Viewpoint Experience Technology\\npViewpoint.dll",

*************************

AdwCleaner[S1].txt - [5038 octets] - [05/08/2012 19:54:28]
AdwCleaner[S2].txt - [1144 octets] - [05/08/2012 20:51:46]

########## EOF - C:\AdwCleaner[S2].txt - [1272 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 06 August 2012 - 07:21 AM

Download

mpssvc
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
Reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

#7 dontlikeviruses

dontlikeviruses
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 06 August 2012 - 07:46 PM

Hi
this is the FSS log
thanks again


Farbar Service Scanner Version: 04-08-2012 01
Ran by Justin (administrator) on 06-08-2012 at 17:33:54
Running from "C:\Users\Justin\Desktop\laptop virus"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error: Google IP is offline
Attempt to access Google.com returned error: Google.com is offline
Attempt to access Yahoo IP returned error: Yahoo IP is offline
Attempt to access Yahoo.com returned error: Yahoo.com is offline


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Auto
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-09-16 18:05] - [2009-04-11 00:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2009-09-16 18:06] - [2009-04-10 22:44] - 0406016 ____A (Microsoft Corporation) 12415CCFD3E7CEC55B5184E67B039FE4

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2010-08-12 13:20] - [2010-06-16 10:11] - 1426816 ____A (Microsoft Corporation) 973658A2EA9C06B2976884B9046DFC6C

C:\Windows\System32\dnsrslvr.dll
[2009-09-16 18:04] - [2009-04-11 00:11] - 0117760 ____A (Microsoft Corporation) 21D16B37257370975C7457C3A5EFA530

C:\Windows\System32\mpssvc.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-09-16 18:04] - [2009-04-11 00:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-09-16 18:06] - [2009-04-11 00:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-09-16 18:04] - [2009-04-11 00:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-09-16 18:05] - [2009-04-11 00:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll
[2009-10-05 17:27] - [2009-08-06 19:24] - 2424024 ____A (Microsoft Corporation) FB3796754FE00F0BDC87A36F164A5F4D

C:\Windows\System32\qmgr.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2009-09-16 18:05] - [2009-04-11 00:11] - 0166912 ____A (Microsoft Corporation) 18918613E63F387CDE4D95CA7D49DCF7

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-09-16 18:06] - [2009-04-11 00:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 06 August 2012 - 11:53 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 dontlikeviruses

dontlikeviruses
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:24 PM

Posted 07 August 2012 - 10:03 PM

thank you very much for your help!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:24 PM

Posted 07 August 2012 - 10:10 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users