Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random sound clips


  • Please log in to reply
20 replies to this topic

#1 al2005

al2005

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 06 August 2012 - 10:59 AM

Hello, I have random sound clips (angry birds and others haha) since 2 weeks ago and it seems a virus or something similar.
can anyone help me to solve this?
Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 06 August 2012 - 11:00 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 06 August 2012 - 11:08 AM

17:41:11.0514 7004 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
17:41:11.0825 7004 ============================================================
17:41:11.0825 7004 Current date / time: 2012/08/06 17:41:11.0825
17:41:11.0825 7004 SystemInfo:
17:41:11.0825 7004
17:41:11.0825 7004 OS Version: 5.2.3790 ServicePack: 1.0
17:41:11.0825 7004 Product type: Workstation
17:41:11.0825 7004 ComputerName: ALBERTO-PC
17:41:11.0825 7004 UserName: Alberto
17:41:11.0825 7004 Windows directory: C:\Windows
17:41:11.0825 7004 System windows directory: C:\Windows
17:41:11.0825 7004 Running under WOW64
17:41:11.0825 7004 Processor architecture: Intel x64
17:41:11.0825 7004 Number of processors: 4
17:41:11.0825 7004 Page size: 0x1000
17:41:11.0826 7004 Boot type: Normal boot
17:41:11.0826 7004 ============================================================
17:41:23.0631 7004 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:23.0656 7004 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:23.0679 7004 Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:33.0496 7004 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:33.0538 7004 ============================================================
17:41:33.0538 7004 \Device\Harddisk0\DR0:
17:41:33.0543 7004 MBR partitions:
17:41:33.0543 7004 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544800
17:41:33.0543 7004 \Device\Harddisk1\DR1:
17:41:33.0558 7004 MBR partitions:
17:41:33.0558 7004 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x249F0000
17:41:33.0558 7004 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x249F0800, BlocksNum 0x32000
17:41:33.0558 7004 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x24A22800, BlocksNum 0x266A3800
17:41:33.0558 7004 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x4B0C6408, BlocksNum 0x639C03FF
17:41:33.0558 7004 \Device\Harddisk3\DR3:
17:41:33.0558 7004 MBR partitions:
17:41:33.0558 7004 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x18FFD800
17:41:33.0558 7004 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x18FFE000, BlocksNum 0xCFE09800
17:41:33.0558 7004 \Device\Harddisk2\DR2:
17:41:33.0559 7004 MBR partitions:
17:41:33.0559 7004 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3B3DE000
17:41:33.0559 7004 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3B3DE800, BlocksNum 0x39327800
17:41:33.0559 7004 ============================================================
17:41:33.0685 7004 C: <-> \Device\Harddisk1\DR1\Partition2
17:41:33.0782 7004 D: <-> \Device\Harddisk0\DR0\Partition0
17:41:33.0793 7004 F: <-> \Device\Harddisk2\DR2\Partition0
17:41:33.0885 7004 G: <-> \Device\Harddisk1\DR1\Partition0
17:41:33.0993 7004 H: <-> \Device\Harddisk1\DR1\Partition3
17:41:34.0009 7004 I: <-> \Device\Harddisk2\DR2\Partition1
17:41:34.0010 7004 J: <-> \Device\Harddisk3\DR3\Partition0
17:41:34.0411 7004 X: <-> \Device\Harddisk3\DR3\Partition1
17:41:34.0411 7004 ============================================================
17:41:34.0411 7004 Initialize success
17:41:34.0411 7004 ============================================================
17:41:41.0127 3256 ============================================================
17:41:41.0127 3256 Scan started
17:41:41.0127 3256 Mode: Manual; SigCheck; TDLFS;
17:41:41.0127 3256 ============================================================
17:41:44.0318 3256 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:41:44.0483 3256 1394ohci - ok
17:41:44.0631 3256 20200412 (ccde590a195cb3a02fb0bfd787ce7ac5) C:\Windows\system32\drivers\47163540.sys
17:41:44.0846 3256 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
17:41:44.0874 3256 ACDaemon - ok
17:41:45.0098 3256 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:41:45.0124 3256 ACPI - ok
17:41:45.0182 3256 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:41:45.0300 3256 AcpiPmi - ok
17:41:45.0460 3256 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:41:45.0478 3256 AdobeARMservice - ok
17:41:46.0204 3256 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:41:46.0225 3256 AdobeFlashPlayerUpdateSvc - ok
17:41:46.0779 3256 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:41:46.0808 3256 adp94xx - ok
17:41:47.0417 3256 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:41:47.0444 3256 adpahci - ok
17:41:47.0632 3256 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:41:47.0658 3256 adpu320 - ok
17:41:47.0824 3256 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:41:48.0413 3256 AeLookupSvc - ok
17:41:48.0718 3256 AF15BDA (0517e1670a58213e3f206066cd209273) C:\Windows\system32\DRIVERS\AF15BDA.sys
17:41:48.0762 3256 AF15BDA - ok
17:41:49.0161 3256 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\Windows\syswow64\drivers\Afc.sys
17:41:49.0188 3256 Afc - ok
17:41:49.0427 3256 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:41:49.0483 3256 AFD - ok
17:41:49.0551 3256 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:41:49.0576 3256 agp440 - ok
17:41:49.0657 3256 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:41:49.0703 3256 ALG - ok
17:41:49.0744 3256 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:41:49.0768 3256 aliide - ok
17:41:49.0790 3256 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:41:49.0815 3256 amdide - ok
17:41:49.0899 3256 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:41:49.0956 3256 AmdK8 - ok
17:41:50.0003 3256 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:41:50.0041 3256 AmdPPM - ok
17:41:50.0126 3256 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:41:50.0151 3256 amdsata - ok
17:41:50.0314 3256 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:41:50.0342 3256 amdsbs - ok
17:41:50.0465 3256 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:41:50.0490 3256 amdxata - ok
17:41:50.0568 3256 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
17:41:50.0615 3256 androidusb - ok
17:41:50.0874 3256 AppHostSvc (59d01fa91962c9c1e9b4022b2d3b46db) C:\Windows\system32\inetsrv\apphostsvc.dll
17:41:50.0971 3256 AppHostSvc - ok
17:41:51.0118 3256 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:41:51.0710 3256 AppID - ok
17:41:51.0774 3256 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:41:51.0845 3256 AppIDSvc - ok
17:41:51.0960 3256 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:41:52.0028 3256 Appinfo - ok
17:41:52.0097 3256 appliand (0eeff7103e4f3e783f3d2b870af67f1c) C:\Windows\system32\DRIVERS\appliand.sys
17:41:52.0119 3256 appliand - ok
17:41:52.0138 3256 appliandMP (0eeff7103e4f3e783f3d2b870af67f1c) C:\Windows\system32\DRIVERS\appliand.sys
17:41:52.0159 3256 appliandMP - ok
17:41:52.0342 3256 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
17:41:52.0389 3256 AppMgmt - ok
17:41:52.0502 3256 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:41:52.0528 3256 arc - ok
17:41:52.0624 3256 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:41:52.0650 3256 arcsas - ok
17:41:52.0962 3256 ArcSec (a7409b5c0e35ddee64f16f3054e5530b) C:\Windows\system32\drivers\ArcSec.sys
17:41:52.0986 3256 ArcSec - ok
17:41:53.0233 3256 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:41:53.0254 3256 aspnet_state - ok
17:41:53.0333 3256 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:41:53.0419 3256 AsyncMac - ok
17:41:53.0511 3256 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:41:53.0534 3256 atapi - ok
17:41:53.0978 3256 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:41:54.0061 3256 AudioEndpointBuilder - ok
17:41:54.0072 3256 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:41:54.0131 3256 AudioSrv - ok
17:41:54.0242 3256 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:41:54.0343 3256 AxInstSV - ok
17:41:54.0689 3256 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:41:54.0743 3256 b06bdrv - ok
17:41:54.0968 3256 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:41:55.0030 3256 b57nd60a - ok
17:41:55.0165 3256 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:41:55.0209 3256 BDESVC - ok
17:41:55.0282 3256 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:41:55.0357 3256 Beep - ok
17:41:55.0423 3256 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:41:55.0449 3256 blbdrive - ok
17:41:55.0557 3256 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:41:55.0608 3256 bowser - ok
17:41:55.0658 3256 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:41:55.0722 3256 BrFiltLo - ok
17:41:55.0759 3256 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:41:55.0836 3256 BrFiltUp - ok
17:41:55.0966 3256 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:41:56.0032 3256 Browser - ok
17:41:56.0521 3256 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:41:56.0584 3256 Brserid - ok
17:41:56.0656 3256 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:41:56.0698 3256 BrSerWdm - ok
17:41:56.0732 3256 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:41:56.0774 3256 BrUsbMdm - ok
17:41:56.0817 3256 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:41:56.0856 3256 BrUsbSer - ok
17:41:56.0952 3256 BthAvrcp (832b121e4532919cc49f2438f1dcaa21) C:\Windows\system32\DRIVERS\BthAvrcp.sys
17:41:56.0994 3256 BthAvrcp - ok
17:41:57.0126 3256 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:41:57.0179 3256 BthEnum - ok
17:41:57.0318 3256 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:41:57.0371 3256 BTHMODEM - ok
17:41:57.0533 3256 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:41:57.0599 3256 BthPan - ok
17:41:58.0133 3256 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:41:58.0179 3256 BTHPORT - ok
17:41:58.0295 3256 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:41:58.0371 3256 bthserv - ok
17:41:58.0505 3256 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:41:58.0566 3256 BTHUSB - ok
17:41:58.0922 3256 cbfs3 (dc019d8622c213a7fa8d87b8e57446ca) C:\Windows\system32\drivers\cbfs3.sys
17:41:58.0954 3256 cbfs3 - ok
17:41:59.0076 3256 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:41:59.0141 3256 cdfs - ok
17:41:59.0339 3256 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:41:59.0424 3256 cdrom - ok
17:41:59.0539 3256 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:41:59.0612 3256 CertPropSvc - ok
17:41:59.0700 3256 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:41:59.0773 3256 circlass - ok
17:42:00.0177 3256 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:42:00.0208 3256 CLFS - ok
17:42:00.0543 3256 CLHNServiceForPowerDVD12 (4c6406cf07d4ebb70c5774d55c6688fb) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
17:42:00.0566 3256 CLHNServiceForPowerDVD12 - ok
17:42:00.0746 3256 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:42:00.0770 3256 clr_optimization_v2.0.50727_32 - ok
17:42:00.0932 3256 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:42:00.0956 3256 clr_optimization_v2.0.50727_64 - ok
17:42:01.0360 3256 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:42:01.0384 3256 clr_optimization_v4.0.30319_32 - ok
17:42:01.0760 3256 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:42:01.0787 3256 clr_optimization_v4.0.30319_64 - ok
17:42:02.0521 3256 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:42:02.0564 3256 CmBatt - ok
17:42:02.0626 3256 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:42:02.0656 3256 cmdide - ok
17:42:02.0987 3256 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
17:42:03.0078 3256 CNG - ok
17:42:03.0141 3256 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:42:03.0170 3256 Compbatt - ok
17:42:03.0258 3256 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:42:03.0310 3256 CompositeBus - ok
17:42:03.0330 3256 COMSysApp - ok
17:42:03.0375 3256 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:42:03.0401 3256 crcdisk - ok
17:42:03.0656 3256 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:42:03.0716 3256 CryptSvc - ok
17:42:04.0235 3256 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
17:42:04.0307 3256 CSC - ok
17:42:04.0974 3256 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
17:42:05.0033 3256 CscService - ok
17:42:05.0335 3256 CyberLink PowerDVD 12 Media Server Monitor Service (ea22bca708b37b82adebc822a171b92e) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
17:42:05.0357 3256 CyberLink PowerDVD 12 Media Server Monitor Service - ok
17:42:05.0710 3256 CyberLink PowerDVD 12 Media Server Service (3168d2f171a64590e7a11355cae60a1e) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
17:42:05.0737 3256 CyberLink PowerDVD 12 Media Server Service - ok
17:42:06.0326 3256 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:42:06.0406 3256 DcomLaunch - ok
17:42:06.0658 3256 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:42:06.0719 3256 defragsvc - ok
17:42:06.0931 3256 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:42:07.0016 3256 DfsC - ok
17:42:07.0043 3256 dgderdrv - ok
17:42:07.0194 3256 dg_ssudbus (6060106ce00f32f63f1a73160e46e9d2) C:\Windows\system32\DRIVERS\ssudbus.sys
17:42:07.0221 3256 dg_ssudbus - ok
17:42:07.0519 3256 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:42:07.0598 3256 Dhcp - ok
17:42:07.0693 3256 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:42:07.0772 3256 discache - ok
17:42:07.0904 3256 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:42:07.0933 3256 Disk - ok
17:42:08.0158 3256 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:42:08.0232 3256 Dnscache - ok
17:42:08.0536 3256 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:42:08.0600 3256 dot3svc - ok
17:42:08.0800 3256 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:42:08.0855 3256 DPS - ok
17:42:08.0899 3256 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:42:08.0947 3256 drmkaud - ok
17:42:09.0882 3256 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:42:09.0925 3256 DXGKrnl - ok
17:42:10.0072 3256 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:42:10.0129 3256 EapHost - ok
17:42:12.0989 3256 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:42:13.0075 3256 ebdrv - ok
17:42:13.0866 3256 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:42:13.0921 3256 EFS - ok
17:42:14.0719 3256 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:42:14.0763 3256 ehRecvr - ok
17:42:14.0878 3256 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:42:14.0925 3256 ehSched - ok
17:42:15.0087 3256 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:42:15.0113 3256 ElbyCDIO - ok
17:42:15.0769 3256 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:42:15.0805 3256 elxstor - ok
17:42:15.0864 3256 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:42:15.0907 3256 ErrDev - ok
17:42:16.0398 3256 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:42:16.0471 3256 EventSystem - ok
17:42:16.0680 3256 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:42:16.0759 3256 exfat - ok
17:42:16.0925 3256 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:42:16.0994 3256 fastfat - ok
17:42:17.0540 3256 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:42:17.0593 3256 Fax - ok
17:42:17.0716 3256 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:42:17.0762 3256 fdc - ok
17:42:17.0837 3256 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:42:17.0922 3256 fdPHost - ok
17:42:18.0001 3256 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:42:18.0072 3256 FDResPub - ok
17:42:18.0190 3256 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:42:18.0218 3256 FileInfo - ok
17:42:18.0274 3256 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:42:18.0351 3256 Filetrace - ok
17:42:18.0418 3256 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:42:18.0449 3256 flpydisk - ok
17:42:18.0787 3256 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:42:18.0818 3256 FltMgr - ok
17:42:20.0168 3256 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:42:20.0224 3256 FontCache - ok
17:42:20.0439 3256 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:42:20.0465 3256 FontCache3.0.0.0 - ok
17:42:20.0576 3256 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:42:20.0606 3256 FsDepends - ok
17:42:20.0670 3256 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:42:20.0699 3256 Fs_Rec - ok
17:42:21.0136 3256 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:42:21.0172 3256 fvevol - ok
17:42:21.0388 3256 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:42:21.0419 3256 gagp30kx - ok
17:42:21.0504 3256 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
17:42:21.0534 3256 ggflt - ok
17:42:21.0616 3256 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
17:42:21.0644 3256 ggsemc - ok
17:42:22.0040 3256 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
17:42:22.0067 3256 GoogleDesktopManager-051210-111108 - ok
17:42:23.0315 3256 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:42:23.0391 3256 gpsvc - ok
17:42:23.0724 3256 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:42:23.0750 3256 gupdate - ok
17:42:23.0791 3256 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:42:23.0818 3256 gupdatem - ok
17:42:23.0930 3256 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:42:23.0970 3256 hcw85cir - ok
17:42:24.0568 3256 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:42:24.0620 3256 HdAudAddService - ok
17:42:24.0837 3256 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:42:24.0883 3256 HDAudBus - ok
17:42:24.0992 3256 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:42:25.0035 3256 HidBatt - ok
17:42:25.0232 3256 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:42:25.0288 3256 HidBth - ok
17:42:25.0403 3256 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:42:25.0455 3256 HidIr - ok
17:42:25.0569 3256 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:42:25.0638 3256 hidserv - ok
17:42:25.0765 3256 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:42:25.0806 3256 HidUsb - ok
17:42:26.0014 3256 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:42:26.0106 3256 hkmsvc - ok
17:42:26.0491 3256 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:42:26.0554 3256 HomeGroupListener - ok
17:42:26.0926 3256 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:42:26.0979 3256 HomeGroupProvider - ok
17:42:27.0135 3256 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:42:27.0168 3256 HpSAMD - ok
17:42:28.0177 3256 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:42:28.0259 3256 HTTP - ok
17:42:28.0326 3256 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:42:28.0356 3256 hwpolicy - ok
17:42:28.0539 3256 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:42:28.0572 3256 i8042prt - ok
17:42:29.0202 3256 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:42:29.0239 3256 iaStorV - ok
17:42:30.0727 3256 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:42:30.0767 3256 idsvc - ok
17:42:30.0907 3256 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:42:30.0937 3256 iirsp - ok
17:42:31.0634 3256 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:42:31.0720 3256 IKEEXT - ok
17:42:31.0803 3256 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:42:31.0836 3256 intelide - ok
17:42:31.0934 3256 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:42:31.0970 3256 intelppm - ok
17:42:32.0083 3256 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:42:32.0156 3256 IPBusEnum - ok
17:42:32.0241 3256 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:42:32.0313 3256 IpFilterDriver - ok
17:42:32.0445 3256 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:42:32.0502 3256 IPMIDRV - ok
17:42:32.0672 3256 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:42:32.0748 3256 IPNAT - ok
17:42:32.0812 3256 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:42:32.0869 3256 IRENUM - ok
17:42:32.0934 3256 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:42:32.0966 3256 isapnp - ok
17:42:33.0266 3256 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:42:33.0302 3256 iScsiPrt - ok
17:42:33.0379 3256 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:42:33.0412 3256 kbdclass - ok
17:42:33.0506 3256 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:42:33.0540 3256 kbdhid - ok
17:42:33.0615 3256 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:33.0649 3256 KeyIso - ok
17:42:33.0765 3256 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
17:42:33.0799 3256 KSecDD - ok
17:42:33.0972 3256 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
17:42:34.0005 3256 KSecPkg - ok
17:42:34.0093 3256 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:42:34.0164 3256 ksthunk - ok
17:42:34.0505 3256 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:42:34.0570 3256 KtmRm - ok
17:42:34.0820 3256 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:42:34.0881 3256 LanmanServer - ok
17:42:34.0997 3256 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:42:35.0075 3256 LanmanWorkstation - ok
17:42:35.0413 3256 LBTServ (7772dfab22611050b79504e671b06e6e) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:42:35.0448 3256 LBTServ - ok
17:42:35.0761 3256 LEqdUsb (ed7ec050cd6c20e1a93a4dafb7efd14d) C:\Windows\system32\DRIVERS\LEqdUsb.Sys
17:42:35.0792 3256 LEqdUsb - ok
17:42:35.0930 3256 LHidEqd (3267bc698e29474a8381e68904eb0390) C:\Windows\system32\DRIVERS\LHidEqd.Sys
17:42:35.0960 3256 LHidEqd - ok
17:42:36.0061 3256 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:42:36.0093 3256 LHidFilt - ok
17:42:36.0205 3256 libusb0 (020dfdb1927c996c990e70ed86cfdb06) C:\Windows\system32\DRIVERS\libusb0.sys
17:42:36.0250 3256 libusb0 - ok
17:42:36.0412 3256 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:42:36.0480 3256 lltdio - ok
17:42:36.0823 3256 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:42:36.0906 3256 lltdsvc - ok
17:42:36.0958 3256 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:42:37.0026 3256 lmhosts - ok
17:42:37.0143 3256 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:42:37.0177 3256 LMouFilt - ok
17:42:37.0370 3256 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:42:37.0406 3256 LSI_FC - ok
17:42:37.0522 3256 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:42:37.0558 3256 LSI_SAS - ok
17:42:37.0652 3256 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:42:37.0690 3256 LSI_SAS2 - ok
17:42:37.0840 3256 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:42:37.0879 3256 LSI_SCSI - ok
17:42:37.0987 3256 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:42:38.0065 3256 luafv - ok
17:42:38.0176 3256 LUsbFilt (29c733e1de824670dc9315cfc9bdbcd3) C:\Windows\system32\Drivers\LUsbFilt.Sys
17:42:38.0208 3256 LUsbFilt - ok
17:42:38.0592 3256 MarvinBus (024da28053d57e9e32bee52600576bbb) C:\Windows\system32\DRIVERS\MarvinBus64.sys
17:42:38.0653 3256 MarvinBus - ok
17:42:38.0787 3256 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:42:38.0824 3256 Mcx2Svc - ok
17:42:38.0930 3256 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:42:38.0964 3256 megasas - ok
17:42:39.0319 3256 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:42:39.0356 3256 MegaSR - ok
17:42:39.0488 3256 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:42:39.0563 3256 MMCSS - ok
17:42:39.0642 3256 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:42:39.0722 3256 Modem - ok
17:42:39.0803 3256 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:42:39.0841 3256 monitor - ok
17:42:39.0960 3256 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:42:39.0997 3256 mouclass - ok
17:42:40.0106 3256 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:42:40.0160 3256 mouhid - ok
17:42:40.0311 3256 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:42:40.0347 3256 mountmgr - ok
17:42:40.0616 3256 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
17:42:40.0653 3256 MpFilter - ok
17:42:40.0877 3256 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:42:40.0915 3256 mpio - ok
17:42:41.0210 3256 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:42:41.0272 3256 mpsdrv - ok
17:42:41.0426 3256 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:42:41.0486 3256 MRxDAV - ok
17:42:41.0731 3256 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:42:41.0810 3256 mrxsmb - ok
17:42:42.0076 3256 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:42:42.0131 3256 mrxsmb10 - ok
17:42:42.0293 3256 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:42:42.0343 3256 mrxsmb20 - ok
17:42:42.0424 3256 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:42:42.0463 3256 msahci - ok
17:42:42.0661 3256 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:42:42.0709 3256 msdsm - ok
17:42:42.0882 3256 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:42:42.0955 3256 MSDTC - ok
17:42:43.0098 3256 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:42:43.0183 3256 Msfs - ok
17:42:43.0225 3256 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:42:43.0299 3256 mshidkmdf - ok
17:42:43.0382 3256 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:42:43.0418 3256 msisadrv - ok
17:42:43.0637 3256 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:42:43.0701 3256 MSiSCSI - ok
17:42:43.0735 3256 msiserver - ok
17:42:43.0831 3256 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:42:43.0911 3256 MSKSSRV - ok
17:42:43.0964 3256 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:42:44.0035 3256 MSPCLOCK - ok
17:42:44.0110 3256 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:42:44.0176 3256 MSPQM - ok
17:42:44.0548 3256 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:42:44.0587 3256 MsRPC - ok
17:42:44.0694 3256 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:42:44.0730 3256 mssmbios - ok
17:42:44.0807 3256 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:42:44.0871 3256 MSTEE - ok
17:42:44.0935 3256 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:42:44.0989 3256 MTConfig - ok
17:42:45.0100 3256 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
17:42:45.0160 3256 MTsensor - ok
17:42:45.0267 3256 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:42:45.0301 3256 Mup - ok
17:42:45.0810 3256 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:42:45.0899 3256 napagent - ok
17:42:46.0347 3256 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:42:46.0433 3256 NativeWifiP - ok
17:42:47.0388 3256 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:42:47.0440 3256 NDIS - ok
17:42:47.0539 3256 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:42:47.0626 3256 NdisCap - ok
17:42:47.0724 3256 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:42:47.0817 3256 NdisTapi - ok
17:42:47.0970 3256 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:42:48.0049 3256 Ndisuio - ok
17:42:48.0294 3256 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:42:48.0373 3256 NdisWan - ok
17:42:48.0486 3256 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:42:48.0561 3256 NDProxy - ok
17:42:48.0689 3256 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:42:48.0752 3256 NetBIOS - ok
17:42:49.0031 3256 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:42:49.0108 3256 NetBT - ok
17:42:49.0190 3256 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:42:49.0229 3256 Netlogon - ok
17:42:49.0636 3256 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:42:49.0726 3256 Netman - ok
17:42:50.0086 3256 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0127 3256 NetMsmqActivator - ok
17:42:50.0172 3256 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0216 3256 NetPipeActivator - ok
17:42:50.0706 3256 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:42:50.0793 3256 netprofm - ok
17:42:50.0838 3256 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0875 3256 NetTcpActivator - ok
17:42:50.0924 3256 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:42:50.0965 3256 NetTcpPortSharing - ok
17:42:51.0269 3256 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:42:51.0308 3256 nfrd960 - ok
17:42:52.0439 3256 NielsenUpdate (56e7999ee68837453b177298542f5a75) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenUpdate.exe
17:42:52.0508 3256 NielsenUpdate - ok
17:42:52.0720 3256 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:42:52.0759 3256 NisDrv - ok
17:42:53.0192 3256 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
17:42:53.0234 3256 NisSrv - ok
17:42:53.0610 3256 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:42:53.0691 3256 NlaSvc - ok
17:42:53.0851 3256 nmwcd (903681bab213d5f84717c0fc42afb28a) C:\Windows\system32\drivers\ccdcmbx64.sys
17:42:53.0955 3256 nmwcd - ok
17:42:54.0101 3256 nmwcdc (ec4c5ebd003e0395bf4ea5a2efd13ce6) C:\Windows\system32\drivers\ccdcmbox64.sys
17:42:54.0219 3256 nmwcdc - ok
17:42:54.0284 3256 nmwcdcx64 (ec4c5ebd003e0395bf4ea5a2efd13ce6) C:\Windows\system32\drivers\ccdcmbox64.sys
17:42:54.0388 3256 nmwcdcx64 - ok
17:42:54.0504 3256 nmwcdnsucx64 (863aa6c58ac85a22355ae943c605e44b) C:\Windows\system32\drivers\nmwcdnsucx64.sys
17:42:54.0629 3256 nmwcdnsucx64 - ok
17:42:54.0808 3256 nmwcdnsux64 (7983d9201788407c4d1fc4d0baa04e32) C:\Windows\system32\drivers\nmwcdnsux64.sys
17:42:54.0930 3256 nmwcdnsux64 - ok
17:42:54.0988 3256 nmwcdx64 (903681bab213d5f84717c0fc42afb28a) C:\Windows\system32\drivers\ccdcmbx64.sys
17:42:55.0098 3256 nmwcdx64 - ok
17:42:55.0363 3256 nnfwdk (9e0eb61f9f56549e020c7af4defccead) C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter3\nnfwdk64.sys
17:42:55.0398 3256 nnfwdk - ok
17:42:55.0535 3256 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
17:42:55.0571 3256 NPF - ok
17:42:55.0684 3256 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:42:55.0751 3256 Npfs - ok
17:42:55.0857 3256 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:42:55.0940 3256 nsi - ok
17:42:56.0039 3256 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:42:56.0126 3256 nsiproxy - ok
17:42:57.0869 3256 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:42:57.0934 3256 Ntfs - ok
17:42:58.0339 3256 ntk_PowerDVD12 (eaac965642ef5f818aed508cadf83e4b) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
17:42:58.0377 3256 ntk_PowerDVD12 - ok
17:42:59.0245 3256 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:42:59.0322 3256 Null - ok
17:43:11.0849 3256 nvlddmkm (0eb204639119370f5f8f2871fbf4e14b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:43:12.0115 3256 nvlddmkm - ok
17:43:13.0082 3256 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:43:13.0129 3256 nvraid - ok
17:43:13.0367 3256 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:43:13.0411 3256 nvstor - ok
17:43:14.0318 3256 nvsvc (32ff8ee6dcee5c0cb91ff892fb1ca364) C:\Windows\system32\nvvsvc.exe
17:43:14.0417 3256 nvsvc - ok
17:43:16.0678 3256 nvUpdatusService (bd012dc22c78be1071bc21eb125d782f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:43:16.0758 3256 nvUpdatusService - ok
17:43:17.0701 3256 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:43:17.0743 3256 nv_agp - ok
17:43:18.0428 3256 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:43:18.0474 3256 odserv - ok
17:43:18.0612 3256 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:43:18.0653 3256 ohci1394 - ok
17:43:18.0768 3256 optousb (84dffad6904d29daa208d28c0c00a8a6) C:\Windows\system32\DRIVERS\optousb.sys
17:43:18.0821 3256 optousb - ok
17:43:18.0975 3256 optovcm (1b30bf9f42d6ac7ce27b8dc83f4b5913) C:\Windows\system32\DRIVERS\optovcm.sys
17:43:19.0030 3256 optovcm - ok
17:43:19.0240 3256 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:43:19.0277 3256 ose - ok
17:43:19.0521 3256 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:43:19.0578 3256 p2pimsvc - ok
17:43:19.0987 3256 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:43:20.0050 3256 p2psvc - ok
17:43:20.0187 3256 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:43:20.0233 3256 Parport - ok
17:43:20.0350 3256 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:43:20.0390 3256 partmgr - ok
17:43:20.0586 3256 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:43:20.0656 3256 PcaSvc - ok
17:43:20.0817 3256 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:43:20.0883 3256 pccsmcfd - ok
17:43:21.0135 3256 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:43:21.0182 3256 pci - ok
17:43:21.0283 3256 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:43:21.0332 3256 pciide - ok
17:43:21.0560 3256 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:43:21.0613 3256 pcmcia - ok
17:43:21.0743 3256 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:43:21.0787 3256 pcw - ok
17:43:22.0237 3256 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:43:22.0335 3256 PEAUTH - ok
17:43:23.0171 3256 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
17:43:23.0247 3256 PeerDistSvc - ok
17:43:23.0916 3256 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:43:23.0978 3256 PerfHost - ok
17:43:26.0117 3256 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:43:26.0218 3256 pla - ok
17:43:26.0662 3256 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:43:26.0734 3256 PlugPlay - ok
17:43:26.0875 3256 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:43:26.0932 3256 PNRPAutoReg - ok
17:43:27.0874 3256 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:43:27.0923 3256 PNRPsvc - ok
17:43:28.0747 3256 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:43:28.0819 3256 PolicyAgent - ok
17:43:29.0191 3256 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:43:29.0266 3256 Power - ok
17:43:29.0648 3256 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:43:29.0733 3256 PptpMiniport - ok
17:43:29.0889 3256 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:43:29.0957 3256 Processor - ok
17:43:30.0325 3256 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:43:30.0389 3256 ProfSvc - ok
17:43:30.0538 3256 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:43:30.0585 3256 ProtectedStorage - ok
17:43:30.0830 3256 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:43:30.0919 3256 Psched - ok
17:43:32.0306 3256 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:43:32.0377 3256 ql2300 - ok
17:43:33.0332 3256 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:43:33.0376 3256 ql40xx - ok
17:43:33.0655 3256 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:43:33.0728 3256 QWAVE - ok
17:43:33.0828 3256 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:43:33.0895 3256 QWAVEdrv - ok
17:43:34.0226 3256 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
17:43:34.0266 3256 RapiMgr - ok
17:43:34.0364 3256 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:43:34.0438 3256 RasAcd - ok
17:43:34.0591 3256 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:43:34.0699 3256 RasAgileVpn - ok
17:43:34.0892 3256 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:43:34.0981 3256 RasAuto - ok
17:43:35.0193 3256 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:43:35.0288 3256 Rasl2tp - ok
17:43:35.0618 3256 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:43:35.0708 3256 RasMan - ok
17:43:35.0894 3256 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:43:35.0969 3256 RasPppoe - ok
17:43:36.0147 3256 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:43:36.0230 3256 RasSstp - ok
17:43:36.0561 3256 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:43:36.0650 3256 rdbss - ok
17:43:36.0781 3256 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:43:36.0844 3256 rdpbus - ok
17:43:36.0947 3256 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:43:37.0038 3256 RDPCDD - ok
17:43:37.0367 3256 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
17:43:37.0426 3256 RDPDR - ok
17:43:37.0560 3256 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:43:37.0655 3256 RDPENCDD - ok
17:43:37.0859 3256 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:43:37.0946 3256 RDPREFMP - ok
17:43:38.0189 3256 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
17:43:38.0250 3256 RdpVideoMiniport - ok
17:43:38.0585 3256 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:43:38.0633 3256 RDPWD - ok
17:43:38.0953 3256 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:43:39.0001 3256 rdyboost - ok
17:43:39.0164 3256 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:43:39.0262 3256 RemoteAccess - ok
17:43:39.0454 3256 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:43:39.0545 3256 RemoteRegistry - ok
17:43:39.0815 3256 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:43:39.0869 3256 RFCOMM - ok
17:43:40.0307 3256 RichVideo (06a49b7bdc36cfbf97dd90804f833369) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
17:43:40.0349 3256 RichVideo - ok
17:43:40.0465 3256 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
17:43:40.0550 3256 ROOTMODEM - ok
17:43:40.0757 3256 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
17:43:40.0801 3256 rpcapd - ok
17:43:40.0924 3256 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:43:41.0022 3256 RpcEptMapper - ok
17:43:41.0148 3256 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:43:41.0212 3256 RpcLocator - ok
17:43:41.0782 3256 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:43:41.0864 3256 RpcSs - ok
17:43:42.0068 3256 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:43:42.0160 3256 rspndr - ok
17:43:42.0708 3256 RTL8187 (333224d4d25f9bcca488e08345083e1c) C:\Windows\system32\DRIVERS\rtl8187.sys
17:43:42.0778 3256 RTL8187 - ok
17:43:42.0911 3256 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
17:43:42.0977 3256 s3cap - ok
17:43:43.0160 3256 S3XXx64 (4f55bc63dca859a6dedc1106e0062135) C:\Windows\system32\DRIVERS\S3XXx64.sys
17:43:43.0246 3256 S3XXx64 - ok
17:43:43.0357 3256 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:43:43.0409 3256 SamSs - ok
17:43:43.0867 3256 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\Windows\System32\SUPDSvc.exe
17:43:43.0907 3256 Samsung UPD Service - ok
17:43:44.0204 3256 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:43:44.0255 3256 sbp2port - ok
17:43:44.0574 3256 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:43:44.0658 3256 SCardSvr - ok
17:43:44.0810 3256 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:43:44.0906 3256 scfilter - ok
17:43:45.0948 3256 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:43:46.0056 3256 Schedule - ok
17:43:46.0375 3256 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:43:46.0465 3256 SCPolicySvc - ok
17:43:46.0690 3256 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:43:46.0745 3256 SDRSVC - ok
17:43:47.0016 3256 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:43:47.0114 3256 secdrv - ok
17:43:47.0264 3256 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:43:47.0369 3256 seclogon - ok
17:43:47.0521 3256 seehcri (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
17:43:47.0535 3256 seehcri ( UnsignedFile.Multi.Generic ) - warning
17:43:47.0535 3256 seehcri - detected UnsignedFile.Multi.Generic (1)
17:43:47.0713 3256 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:43:47.0813 3256 SENS - ok
17:43:47.0944 3256 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:43:48.0007 3256 SensrSvc - ok
17:43:48.0168 3256 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:43:48.0243 3256 Serenum - ok
17:43:48.0395 3256 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:43:48.0445 3256 Serial - ok
17:43:48.0575 3256 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:43:48.0637 3256 sermouse - ok
17:43:49.0495 3256 ServiceLayer (2d841b7b7f6dec32162edfcc69d61f42) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:43:49.0528 3256 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
17:43:49.0528 3256 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
17:43:50.0091 3256 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:43:50.0174 3256 SessionEnv - ok
17:43:50.0323 3256 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:43:50.0399 3256 sffdisk - ok
17:43:50.0511 3256 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:43:50.0593 3256 sffp_mmc - ok
17:43:50.0720 3256 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:43:50.0780 3256 sffp_sd - ok
17:43:50.0936 3256 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:43:51.0022 3256 sfloppy - ok
17:43:51.0531 3256 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:43:51.0625 3256 ShellHWDetection - ok
17:43:51.0782 3256 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:43:51.0829 3256 SiSRaid2 - ok
17:43:51.0981 3256 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:43:52.0029 3256 SiSRaid4 - ok
17:43:52.0387 3256 SkypeUpdate (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
17:43:52.0431 3256 SkypeUpdate - ok
17:43:52.0632 3256 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:43:52.0735 3256 Smb - ok
17:43:53.0211 3256 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:43:53.0285 3256 SNMPTRAP - ok
17:43:53.0436 3256 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:43:53.0485 3256 spldr - ok
17:43:54.0229 3256 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:43:54.0313 3256 Spooler - ok
17:43:57.0396 3256 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:43:57.0539 3256 sppsvc - ok
17:43:58.0442 3256 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:43:58.0537 3256 sppuinotify - ok
17:43:59.0629 3256 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
17:43:59.0629 3256 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
17:43:59.0632 3256 sptd ( LockedFile.Multi.Generic ) - warning
17:43:59.0632 3256 sptd - detected LockedFile.Multi.Generic (1)
17:44:00.0161 3256 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:44:00.0262 3256 srv - ok
17:44:00.0761 3256 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:44:00.0844 3256 srv2 - ok
17:44:01.0155 3256 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:44:01.0211 3256 srvnet - ok
17:44:01.0529 3256 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
17:44:01.0595 3256 ssadbus - ok
17:44:01.0751 3256 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
17:44:01.0831 3256 ssadmdfl - ok
17:44:02.0179 3256 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
17:44:02.0258 3256 ssadmdm - ok
17:44:02.0510 3256 sscdbus (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
17:44:02.0559 3256 sscdbus - ok
17:44:02.0831 3256 sscdmdfl (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:44:02.0884 3256 sscdmdfl - ok
17:44:03.0182 3256 sscdmdm (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
17:44:03.0234 3256 sscdmdm - ok
17:44:03.0569 3256 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:44:03.0658 3256 SSDPSRV - ok
17:44:03.0838 3256 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:44:03.0931 3256 SstpSvc - ok
17:44:04.0269 3256 ssudmdm (855335bf5792e56164f98c012e3d92dd) C:\Windows\system32\DRIVERS\ssudmdm.sys
17:44:04.0318 3256 ssudmdm - ok
17:44:04.0531 3256 Steam Client Service - ok
17:44:05.0297 3256 Stereo Service (fc0a58529a02b1eed55ddc58696b7908) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:44:05.0348 3256 Stereo Service - ok
17:44:05.0509 3256 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:44:05.0560 3256 stexstor - ok
17:44:06.0196 3256 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:44:06.0288 3256 stisvc - ok
17:44:06.0482 3256 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
17:44:06.0534 3256 storflt - ok
17:44:06.0722 3256 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
17:44:06.0783 3256 storvsc - ok
17:44:06.0936 3256 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:44:06.0991 3256 swenum - ok
17:44:07.0688 3256 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:44:07.0805 3256 swprv - ok
17:44:07.0946 3256 Synth3dVsc - ok
17:44:09.0752 3256 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:44:09.0849 3256 SysMain - ok
17:44:10.0775 3256 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:44:10.0865 3256 TabletInputService - ok
17:44:11.0328 3256 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:44:11.0436 3256 TapiSrv - ok
17:44:11.0755 3256 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:44:11.0855 3256 TBS - ok
17:44:13.0786 3256 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:44:13.0868 3256 Tcpip - ok
17:44:16.0672 3256 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:44:16.0758 3256 TCPIP6 - ok
17:44:17.0871 3256 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:44:17.0983 3256 tcpipreg - ok
17:44:18.0255 3256 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:44:18.0317 3256 TDPIPE - ok
17:44:18.0460 3256 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:44:18.0509 3256 TDTCP - ok
17:44:18.0741 3256 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:44:18.0815 3256 tdx - ok
17:44:19.0225 3256 TeamViewer5 (d827a50cec8a16180eec4f1951b7a842) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
17:44:19.0273 3256 TeamViewer5 - ok
17:44:19.0483 3256 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:44:19.0536 3256 TermDD - ok
17:44:20.0129 3256 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:44:20.0223 3256 TermService - ok
17:44:20.0416 3256 TFsExDisk (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
17:44:20.0467 3256 TFsExDisk - ok
17:44:20.0702 3256 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:44:20.0794 3256 Themes - ok
17:44:21.0055 3256 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:44:21.0154 3256 THREADORDER - ok
17:44:21.0537 3256 TOSHIBA Bluetooth Service (1ca76f8d8f56d5b0d716717693b6e484) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
17:44:21.0551 3256 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - warning
17:44:21.0552 3256 TOSHIBA Bluetooth Service - detected UnsignedFile.Multi.Generic (1)
17:44:21.0789 3256 tosporte (c14882c535e97b180aca9fc716c228fb) C:\Windows\system32\DRIVERS\tosporte.sys
17:44:21.0874 3256 tosporte - ok
17:44:22.0203 3256 tosrfbd (a2242f46131f3bee3d1da279b74111ba) C:\Windows\system32\DRIVERS\tosrfbd.sys
17:44:22.0283 3256 tosrfbd - ok
17:44:22.0571 3256 tosrfbnp (0716088a07a468fff2dbfca1de55c0b6) C:\Windows\system32\Drivers\tosrfbnp.sys
17:44:22.0645 3256 tosrfbnp - ok
17:44:22.0886 3256 Tosrfcom (98c10d5862c4c5e58a9e09beb07fb6c5) C:\Windows\system32\Drivers\tosrfcom.sys
17:44:22.0968 3256 Tosrfcom - ok
17:44:23.0220 3256 Tosrfhid (33c90b98b74d01d179e1963a5bf5edf9) C:\Windows\system32\DRIVERS\Tosrfhid.sys
17:44:23.0295 3256 Tosrfhid - ok
17:44:23.0456 3256 tosrfnds (95552d0b11c70846299dca2ff0082205) C:\Windows\system32\DRIVERS\tosrfnds.sys
17:44:23.0513 3256 tosrfnds - ok
17:44:23.0701 3256 TosRfSnd (a99d0670095414c7b3244dc3d0314acb) C:\Windows\system32\drivers\tosrfsnd.sys
17:44:23.0765 3256 TosRfSnd - ok
17:44:24.0033 3256 Tosrfusb (a69030b8f4c73c475e81a35f93c9c964) C:\Windows\system32\DRIVERS\tosrfusb.sys
17:44:24.0098 3256 Tosrfusb - ok
17:44:24.0357 3256 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:44:24.0460 3256 TrkWks - ok
17:44:24.0848 3256 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:44:24.0950 3256 TrustedInstaller - ok
17:44:25.0246 3256 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:44:25.0337 3256 tssecsrv - ok
17:44:25.0524 3256 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:44:25.0601 3256 TsUsbFlt - ok
17:44:25.0730 3256 tsusbhub - ok
17:44:26.0054 3256 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:44:26.0161 3256 tunnel - ok
17:44:26.0400 3256 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:44:26.0464 3256 uagp35 - ok
17:44:26.0958 3256 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:44:27.0059 3256 udfs - ok
17:44:27.0549 3256 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:44:27.0640 3256 UI0Detect - ok
17:44:27.0913 3256 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:44:27.0975 3256 uliagpkx - ok
17:44:28.0224 3256 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:44:28.0304 3256 umbus - ok
17:44:28.0479 3256 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:44:28.0555 3256 UmPass - ok
17:44:28.0897 3256 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
17:44:28.0971 3256 UmRdpService - ok
17:44:29.0463 3256 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:44:29.0564 3256 upnphost - ok
17:44:29.0753 3256 upperdev (7168819f30fe9622284ea19bde7f8ab4) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:44:29.0900 3256 upperdev - ok
17:44:30.0223 3256 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:44:30.0300 3256 usbaudio - ok
17:44:30.0565 3256 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:44:30.0625 3256 usbccgp - ok
17:44:30.0906 3256 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:44:30.0992 3256 usbcir - ok
17:44:31.0245 3256 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:44:31.0324 3256 usbehci - ok
17:44:31.0852 3256 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:44:31.0955 3256 usbhub - ok
17:44:32.0206 3256 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
17:44:32.0300 3256 usbohci - ok
17:44:32.0501 3256 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:44:32.0589 3256 usbprint - ok
17:44:32.0850 3256 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
17:44:32.0918 3256 usbser - ok
17:44:33.0163 3256 UsbserFilt (66c25cb20b2974e0c0cfdab49fb72a02) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
17:44:33.0293 3256 UsbserFilt - ok
17:44:33.0549 3256 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:44:33.0628 3256 USBSTOR - ok
17:44:33.0824 3256 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
17:44:33.0912 3256 usbuhci - ok
17:44:34.0266 3256 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
17:44:34.0355 3256 usbvideo - ok
17:44:34.0572 3256 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
17:44:34.0657 3256 usb_rndisx - ok
17:44:35.0101 3256 usnjsvc (9d19b042a4fd5c02195071ea2fe0c821) C:\Program Files (x86)\Windows Live\Messenger\usnsvc.exe
17:44:35.0161 3256 usnjsvc - ok
17:44:35.0378 3256 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:44:35.0496 3256 UxSms - ok
17:44:35.0689 3256 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:44:35.0770 3256 VaultSvc - ok
17:44:36.0041 3256 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys
17:44:36.0175 3256 VClone - ok
17:44:36.0465 3256 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:44:36.0522 3256 vdrvroot - ok
17:44:37.0258 3256 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:44:37.0377 3256 vds - ok
17:44:37.0635 3256 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:44:37.0708 3256 vga - ok
17:44:37.0945 3256 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:44:38.0065 3256 VgaSave - ok
17:44:38.0212 3256 VGPU - ok
17:44:38.0643 3256 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:44:38.0705 3256 vhdmp - ok
17:44:38.0902 3256 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:44:38.0959 3256 viaide - ok
17:44:39.0338 3256 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
17:44:39.0405 3256 vmbus - ok
17:44:39.0620 3256 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
17:44:39.0690 3256 VMBusHID - ok
17:44:40.0096 3256 VMUVC (ad5d9373bca5af8e2839bba292c16787) C:\Windows\system32\Drivers\VMUVC.sys
17:44:40.0132 3256 VMUVC ( UnsignedFile.Multi.Generic ) - warning
17:44:40.0132 3256 VMUVC - detected UnsignedFile.Multi.Generic (1)
17:44:40.0386 3256 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:44:40.0449 3256 volmgr - ok
17:44:40.0963 3256 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:44:41.0038 3256 volmgrx - ok
17:44:41.0533 3256 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:44:41.0599 3256 volsnap - ok
17:44:42.0020 3256 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys
17:44:42.0086 3256 vpcbus - ok
17:44:42.0384 3256 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys
17:44:42.0483 3256 vpcnfltr - ok
17:44:42.0862 3256 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys
17:44:42.0958 3256 vpcusb - ok
17:44:43.0246 3256 vpcuxd (63f4e10873beb4124028c6d1a66b0968) C:\Windows\system32\drivers\vpcuxd.sys
17:44:43.0319 3256 vpcuxd - ok
17:44:43.0932 3256 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys
17:44:43.0999 3256 vpcvmm - ok
17:44:44.0365 3256 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:44:44.0425 3256 vsmraid - ok
17:44:46.0382 3256 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:44:46.0506 3256 VSS - ok
17:44:47.0624 3256 vvftUVC (ddeddaeb01b66a7f009bb76893adc182) C:\Windows\system32\drivers\vvftUVC.sys
17:44:47.0662 3256 vvftUVC ( UnsignedFile.Multi.Generic ) - warning
17:44:47.0662 3256 vvftUVC - detected UnsignedFile.Multi.Generic (1)
17:44:47.0944 3256 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:44:48.0037 3256 vwifibus - ok
17:44:48.0346 3256 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:44:48.0421 3256 vwififlt - ok
17:44:48.0705 3256 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:44:48.0799 3256 vwifimp - ok
17:44:49.0303 3256 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:44:49.0416 3256 W32Time - ok
17:44:50.0135 3256 W3SVC (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
17:44:50.0226 3256 W3SVC - ok
17:44:50.0481 3256 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:44:50.0577 3256 WacomPen - ok
17:44:50.0951 3256 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:51.0073 3256 WANARP - ok
17:44:51.0306 3256 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:44:51.0408 3256 Wanarpv6 - ok
17:44:51.0638 3256 wanatw - ok
17:44:51.0840 3256 WAS (b32009db1972e7f2c227499289c4384a) C:\Windows\system32\inetsrv\iisw3adm.dll
17:44:51.0919 3256 WAS - ok
17:44:53.0142 3256 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:44:53.0224 3256 WatAdminSvc - ok
17:44:54.0761 3256 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:44:54.0869 3256 wbengine - ok
17:44:55.0888 3256 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:44:55.0987 3256 WbioSrvc - ok
17:44:56.0796 3256 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
17:44:56.0873 3256 WcesComm - ok
17:44:57.0481 3256 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:44:57.0567 3256 wcncsvc - ok
17:44:57.0954 3256 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:44:58.0066 3256 WcsPlugInService - ok
17:44:58.0432 3256 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:44:58.0500 3256 Wd - ok
17:44:59.0308 3256 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:44:59.0385 3256 Wdf01000 - ok
17:44:59.0678 3256 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:44:59.0772 3256 WdiServiceHost - ok
17:44:59.0957 3256 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:45:00.0038 3256 WdiSystemHost - ok
17:45:00.0531 3256 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:45:00.0622 3256 WebClient - ok
17:45:01.0065 3256 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:45:01.0187 3256 Wecsvc - ok
17:45:01.0568 3256 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:45:01.0678 3256 wercplsupport - ok
17:45:02.0042 3256 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:45:02.0168 3256 WerSvc - ok
17:45:02.0520 3256 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:45:02.0621 3256 WfpLwf - ok
17:45:02.0907 3256 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:45:02.0979 3256 WIMMount - ok
17:45:03.0591 3256 WinHttpAutoProxySvc - ok
17:45:04.0145 3256 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:45:04.0253 3256 Winmgmt - ok
17:45:06.0333 3256 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:45:06.0485 3256 WinRM - ok
17:45:08.0221 3256 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:45:08.0302 3256 WinUsb - ok
17:45:09.0347 3256 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:45:09.0435 3256 Wlansvc - ok
17:45:09.0976 3256 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe
17:45:10.0024 3256 WLSetupSvc ( UnsignedFile.Multi.Generic ) - warning
17:45:10.0024 3256 WLSetupSvc - detected UnsignedFile.Multi.Generic (1)
17:45:10.0269 3256 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:45:10.0358 3256 WmiAcpi - ok
17:45:11.0229 3256 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:45:11.0335 3256 wmiApSrv - ok
17:45:11.0652 3256 WMPNetworkSvc - ok
17:45:12.0003 3256 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:45:12.0084 3256 WPCSvc - ok
17:45:12.0463 3256 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:45:12.0559 3256 WPDBusEnum - ok
17:45:12.0861 3256 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:45:12.0987 3256 ws2ifsl - ok
17:45:13.0213 3256 WSearch - ok
17:45:13.0762 3256 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:45:13.0870 3256 WudfPf - ok
17:45:14.0263 3256 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:45:14.0374 3256 WUDFRd - ok
17:45:14.0698 3256 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:45:14.0799 3256 wudfsvc - ok
17:45:15.0255 3256 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:45:15.0353 3256 WwanSvc - ok
17:45:16.0347 3256 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
17:45:16.0542 3256 yukonw7 - ok
17:45:17.0653 3256 {329F96B6-DF1E-4328-BFDA-39EA953C1312} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
17:45:17.0731 3256 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
17:45:18.0794 3256 {95808DC4-FA4A-4C74-92FE-5B863F82066B} (98b55ba3e039e952fe57ae54580dd94d) C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl
17:45:18.0862 3256 {95808DC4-FA4A-4C74-92FE-5B863F82066B} - ok
17:45:19.0752 3256 MBR (0x1B8) (0792f22bcc85cfd3b28324561fffcabb) \Device\Harddisk0\DR0
17:45:22.0872 3256 \Device\Harddisk0\DR0 - ok
17:45:22.0902 3256 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
17:45:25.0675 3256 \Device\Harddisk1\DR1 - ok
17:45:25.0680 3256 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk3\DR3
17:45:25.0700 3256 \Device\Harddisk3\DR3 - ok
17:45:35.0507 3256 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk2\DR2
17:45:35.0549 3256 \Device\Harddisk2\DR2 - ok
17:45:35.0553 3256 Boot (0x1200) (4fd9d4e2ede5f8ca1890c416695681f2) \Device\Harddisk0\DR0\Partition0
17:45:35.0588 3256 \Device\Harddisk0\DR0\Partition0 - ok
17:45:35.0627 3256 Boot (0x1200) (d9abd9811693ac3783371919c50874f0) \Device\Harddisk1\DR1\Partition0
17:45:35.0671 3256 \Device\Harddisk1\DR1\Partition0 - ok
17:45:35.0686 3256 Boot (0x1200) (62cd6a80f23a21658200a49297b2f244) \Device\Harddisk1\DR1\Partition1
17:45:35.0690 3256 \Device\Harddisk1\DR1\Partition1 - ok
17:45:35.0714 3256 Boot (0x1200) (3bc24cfdf1fdcfc47234f0467ae34a9b) \Device\Harddisk1\DR1\Partition2
17:45:35.0729 3256 \Device\Harddisk1\DR1\Partition2 - ok
17:45:35.0772 3256 Boot (0x1200) (dfa6aa438412865e0603972ed974f409) \Device\Harddisk1\DR1\Partition3
17:45:35.0801 3256 \Device\Harddisk1\DR1\Partition3 - ok
17:45:35.0806 3256 Boot (0x1200) (289ca9c8ec1a46833008b583733c4223) \Device\Harddisk3\DR3\Partition0
17:45:35.0808 3256 \Device\Harddisk3\DR3\Partition0 - ok
17:45:35.0816 3256 Boot (0x1200) (57f56035e92596afef033f39aec70445) \Device\Harddisk3\DR3\Partition1
17:45:35.0819 3256 \Device\Harddisk3\DR3\Partition1 - ok
17:45:35.0826 3256 Boot (0x1200) (218db9d48f56aa2aa6920d064909ee09) \Device\Harddisk2\DR2\Partition0
17:45:35.0828 3256 \Device\Harddisk2\DR2\Partition0 - ok
17:45:35.0836 3256 Boot (0x1200) (6d94400cda0b54e72a55a12ba8f68799) \Device\Harddisk2\DR2\Partition1
17:45:35.0847 3256 \Device\Harddisk2\DR2\Partition1 - ok
17:45:35.0850 3256 ============================================================
17:45:35.0850 3256 Scan finished
17:45:35.0850 3256 ============================================================
17:45:35.0879 7764 Detected object count: 7
17:45:35.0879 7764 Actual detected object count: 7
17:46:04.0240 7764 seehcri ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:04.0240 7764 seehcri ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:04.0241 7764 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:04.0241 7764 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:04.0243 7764 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:46:04.0244 7764 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:46:04.0247 7764 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:04.0247 7764 TOSHIBA Bluetooth Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:04.0250 7764 VMUVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:04.0250 7764 VMUVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:04.0252 7764 vvftUVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:04.0252 7764 vvftUVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:04.0255 7764 WLSetupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:04.0255 7764 WLSetupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:08.0517 3156 Deinitialize success


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-06 17:21:07
-----------------------------
17:21:07.407 OS Version: Windows x64 5.2.3790 Service Pack 1
17:21:07.408 Number of processors: 4 586 0x170A
17:21:07.409 ComputerName: ALBERTO-PC UserName: Alberto
17:21:08.399 Initialze error C0000034 - driver not loaded
17:23:02.589 AVAST engine defs: 12080600
17:26:33.684 Service scanning
17:26:34.750 Service 20200412 C:\Windows\system32\drivers\47163540.sys **HIDDEN**
17:26:56.000 Modules scanning
17:26:56.007 Disk 0 trace - called modules:
17:26:56.011
17:26:58.487 AVAST engine scan C:\Windows
17:27:05.132 AVAST engine scan C:\Windows\system32
17:30:39.761 AVAST engine scan C:\Windows\system32\drivers
17:31:02.438 AVAST engine scan C:\Users\Alberto
17:46:54.988 The log file has been saved successfully to "C:\Users\Alberto\Desktop\aswMBR.txt"

ESET in progress

#4 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 07 August 2012 - 02:26 AM

C:\$Recycle.Bin\S-1-5-21-3986021580-1526023621-908797216-1000\$RDKRSY0.zip Android/Exploit.Lotoor.AK trojan deleted - quarantined
C:\$Recycle.Bin\S-1-5-21-3986021580-1526023621-908797216-1000\$R5KGK8H\psneuter Android/Exploit.Lotoor.AK trojan cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Program Files (x86)\Messenger Plus! Live\Scripts\Live Notifier\BotDKLive.dll probably a variant of Win32/Agent.KVFKBZN trojan cleaned by deleting - quarantined
C:\Program Files (x86)\Unlockroot\unlockroot.exe a variant of Win32/Packed.VProtect.C application cleaned by deleting - quarantined
C:\Users\Alberto\AppData\Local\Temp\D6A9.tmp a variant of Win32/Kryptik.AJIL trojan cleaned by deleting - quarantined
C:\Users\Alberto\AppData\Local\Temp\drvzhivldb probably a variant of Win32/PSW.Agent.IVDEPXY trojan cleaned by deleting - quarantined
C:\Users\Alberto\AppData\Local\Temp\nsy9D8A.tmp a variant of Win32/Somoto.A application cleaned by deleting - quarantined
C:\Users\Alberto\AppData\Local\Temp\8A0CB191-BAB0-7891-9297-BC0E4F7E589D\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Alberto\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\Alberto\AppData\Local\{3d2f6b32-10cd-b51b-f08d-c2b455548758}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Alberto\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\61defc8f-472d074f probably a variant of Java/Exploit.CVE-2012-0507.CD trojan deleted - quarantined
C:\Users\Alberto\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\577fd342-223ee1c2 Java/Exploit.Agent.NCN trojan cleaned by deleting - quarantined
C:\Users\Alberto\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\1fd1fc9a-64c6f50c a variant of Java/Exploit.CVE-2012-1723.C trojan deleted - quarantined
C:\Users\Alberto\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\48905a43-7f701c38 multiple threats deleted - quarantined
C:\Users\Alberto\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\359b612c-3126c868 Java/Exploit.CVE-2012-0507.BY trojan cleaned by deleting - quarantined
C:\Users\Alberto\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\7dd25a32-64e9c559 a variant of Java/Exploit.CVE-2012-0507.CA trojan deleted - quarantined
C:\Users\Alberto\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\47363e7b-2827f647 a variant of Java/JShrink.A application deleted - quarantined
C:\Users\Alberto\AppData\Roaming\Sun\Java\Deployment\cache\6.0\14\3d5d968e-69ac838a Java/Exploit.CVE-2012-1723.AB trojan deleted - quarantined
C:\Users\Alberto\Desktop\sgs2\Nueva carpeta\fuse\Exploits\psneuter Android/Exploit.Lotoor.AK trojan cleaned by deleting - quarantined
C:\Users\Alberto\Documents\Nueva carpeta (2)\blackmart\downloads\org.underdev.penetrate.36.apk Android/Penetho.A application deleted - quarantined
C:\Users\Alberto\Downloads\JPAI_RelFiMaOnceD9.iso a variant of Win32/Packed.VMProtect.AAD trojan deleted - quarantined
C:\Users\Alberto\Downloads\unlockroot23-eng.exe a variant of Win32/Packed.VProtect.C application cleaned by deleting - quarantined
C:\Users\Alberto\Downloads\Exploits\psneuter Android/Exploit.Lotoor.AK trojan cleaned by deleting - quarantined
C:\Windows\Installer\{3d2f6b32-10cd-b51b-f08d-c2b455548758}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\Windows\Installer\{3d2f6b32-10cd-b51b-f08d-c2b455548758}\U\80000000.@ Win64/Sirefef.AL trojan cleaned by deleting - quarantined
F:\Nueva carpetape\Descargas\Microsoft_Office_2010_Pro_Plus_DVD5.iso a variant of Win32/HackKMS.A application deleted - quarantined
F:\Nueva carpetape\Descargas\mini-KMS_Activator_v1.3_Office2010_VL_ENG.exe a variant of Win32/HackKMS.A application deleted - quarantined
F:\Nueva carpetape\Descargas\office 2010 64 bits_geo16_&_DarkUserX.rar a variant of Win32/HackKMS.A application deleted - quarantined
F:\Nueva carpetape\Descargas\los sims 3\DVD9_S3_RZ.iso probably a variant of Win32/Hupigon.CJKIBCX trojan deleted - quarantined
F:\Nueva carpetape\Descargas\Medicina\mini-KMS_Activator_v1.053.exe a variant of Win32/HackKMS.A application deleted - quarantined
F:\Nueva carpetape\Mis documentos\81YSZebW9pr.zip probably a variant of Win32/Agent.MRSIPSU trojan deleted - quarantined
F:\Nueva carpetape\Mis documentos\simaquarium.2.06.tank1&tank2&3.full.incl.keygen-tsrh.rar probably a variant of Win32/Agent.CBXEDUP trojan deleted - quarantined
F:\Nueva carpetape\Mis documentos\stylexpv2.01keygeneclipse.zip probably a variant of Win32/Agent.JXEBEKG trojan deleted - quarantined
G:\Noelia\PROGRAMAS\MsgPlusLive-483.exe a variant of Win32/Adware.CiDHelp application cleaned by deleting - quarantined
H:\Command & Conquer 3 Tiberium Wars Nocd Crack.zip probably a variant of Win32/Hupigon.JXVXLVI trojan deleted - quarantined
H:\WinXP_Sp3_uE_-_Bj_-_Spanish.iso multiple threats deleted - quarantined
H:\G\Desktop\N-FIX-v5.0.rar probably a variant of Win32/Agent.KQNXJLO trojan deleted - quarantined
H:\G\Desktop\u95.zip a variant of Win32/UltraReach.AC application deleted - quarantined
H:\private\Isa\tontadas\overnet0.52.exe probably a variant of Win32/Agent.EUFTLRS trojan cleaned by deleting - quarantined
X:\torrentino\LAS AVENTURAS DE TINTIN - EL SECRETO DEL UNICORNIO [Full Blu-Ray AVC 1080p DTS-HDMA ENG SPA]\BDMV\STREAM\03050.m2ts Win32/OpenCandy application cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 07 August 2012 - 05:45 AM

Download

systemlook

Launch it and copy this script and paste in the BOX

:filefind
services.exe
:folderfind
{3d2f6b32-10cd-b51b-f08d-c2b455548758}

Click on LOOK,post the generated log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 07 August 2012 - 08:18 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 13:25 on 07/08/2012 by Alberto
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 014A9CB92514E27C0107614DF764BC06
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{3d2f6b32-10cd-b51b-f08d-c2b455548758}"
C:\Users\Alberto\AppData\Local\{3d2f6b32-10cd-b51b-f08d-c2b455548758} d--hs-- [10:09 11/01/2012]
C:\Windows\Installer\{3d2f6b32-10cd-b51b-f08d-c2b455548758} d--hs-- [10:09 11/01/2012]

-= EOF =-

Malwarebytes Anti-Malware (Versión de Prueba) 1.62.0.1300
www.malwarebytes.org

Versión de la Base de Datos: v2012.08.07.04

Windows XP Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alberto :: ALBERTO-PC [administrador]

Protección: Habilitado

07/08/2012 13:31:03
mbam-log-2012-08-07 (13-31-03).txt

Tipos de Análisis: Análisis Completo (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|M:\|X:\|)
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 797175
Tiempo transcurrido: 1 hora(s), 44 minuto(s), 57 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 1
C:\Users\Alberto\AppData\Local\Temp\NOD8282.tmp (Trojan.Sirefef) -> Se eliminarán al reiniciar.

fin)

Reboot in progress

Malwarebytes Anti-Malware (Versión de Prueba) 1.62.0.1300
www.malwarebytes.org

Versión de la Base de Datos: v2012.08.07.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Alberto :: ALBERTO-PC [administrador]

Protección: Habilitado

07/08/2012 15:22:59
mbam-log-2012-08-07 (15-22-59).txt

Tipos de Análisis: Análisis Rápido
Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opciones de análisis desactivados: P2P
Objetos examinados: 241697
Tiempo transcurrido: 5 minuto(s), 9 segundo(s)

Procesos en Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Módulos de Memoria Detectados: 0
(No se han detectado elementos maliciosos)

Claves del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Valores del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Elementos de Datos del Registro Detectados: 0
(No se han detectado elementos maliciosos)

Carpetas Detectadas: 0
(No se han detectado elementos maliciosos)

Archivos Detectados: 0
(No se han detectado elementos maliciosos)

fin)

MiniToolBox by Farbar Version: 23-07-2012
Ran by Alberto (administrator) on 07-08-2012 at 15:30:21
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Conexión de área local (Connected)
Microsoft Virtual WiFi Miniport Adapter = Conexión de red inalámbrica 2 (Media disconnected)
Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter = Conexión de red inalámbrica (Media disconnected)


# ----------------------------------
# Configuraci¢n de IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Fin de la configuraci¢n de IPv4



Configuraci¢n IP de Windows

Nombre de host. . . . . . . . . : Alberto-PC
Sufijo DNS principal . . . . . :
Tipo de nodo. . . . . . . . . . : h¡brido
Enrutamiento IP habilitado. . . : no
Proxy WINS habilitado . . . . . : no

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica 2:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-15-AF-22-A7-A3
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de LAN inal mbrica Conexi¢n de red inal mbrica:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-15-AF-22-A7-A3
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de Ethernet Conexi¢n de  rea local:

Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-1B-FC-8F-DE-8C
DHCP habilitado . . . . . . . . . . . . . : s¡
Configuraci¢n autom tica habilitada . . . : s¡
V¡nculo: direcci¢n IPv6 local. . . : fe80::21eb:38e6:4a6a:6fa0%10(Preferido)
Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.1.128(Preferido)
M scara de subred . . . . . . . . . . . . : 255.255.255.0
Concesi¢n obtenida. . . . . . . . . . . . : martes, 07 de agosto de 2012 15:20:42
La concesi¢n expira . . . . . . . . . . . : viernes, 10 de agosto de 2012 15:20:41
Puerta de enlace predeterminada . . . . . : 192.168.1.1
Servidor DHCP . . . . . . . . . . . . . . : 192.168.1.1
IAID DHCPv6 . . . . . . . . . . . . . . . : 234888188
DUID de cliente DHCPv6. . . . . . . . . . : 00-01-00-01-12-72-D4-A1-00-1B-FC-8F-DE-8C
Servidores DNS. . . . . . . . . . . . . . : 8.8.8.8
8.8.4.4
NetBIOS sobre TCP/IP. . . . . . . . . . . : habilitado

Adaptador de t£nel isatap.{2469881C-B3DD-4C57-8457-8C6C48E12806}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel Conexi¢n de  rea local*:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel isatap.{2311278A-D4CA-42C7-B3B6-7107D90FC683}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #2
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡

Adaptador de t£nel isatap.{C09D3834-E2A7-4AE8-927D-08A15E6D6D78}:

Estado de los medios. . . . . . . . . . . : medios desconectados
Sufijo DNS espec¡fico para la conexi¢n. . :
Descripci¢n . . . . . . . . . . . . . . . : Adaptador ISATAP de Microsoft #3
Direcci¢n f¡sica. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP habilitado . . . . . . . . . . . . . : no
Configuraci¢n autom tica habilitada . . . : s¡
Servidor: google-public-dns-a.google.com
Address: 8.8.8.8

Nombre: google.com
Addresses: 2a00:1450:4003:801::1000
212.106.221.24
212.106.221.20
212.106.221.26
212.106.221.22


Haciendo ping a google.com [212.106.221.24] con 32 bytes de datos:
Respuesta desde 212.106.221.24: bytes=32 tiempo=46ms TTL=58
Respuesta desde 212.106.221.24: bytes=32 tiempo=47ms TTL=58

Estad¡sticas de ping para 212.106.221.24:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 46ms, M ximo = 47ms, Media = 46ms
Servidor: google-public-dns-a.google.com
Address: 8.8.8.8

Nombre: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Haciendo ping a yahoo.com [98.139.183.24] con 32 bytes de datos:
Respuesta desde 98.139.183.24: bytes=32 tiempo=312ms TTL=49
Respuesta desde 98.139.183.24: bytes=32 tiempo=337ms TTL=49

Estad¡sticas de ping para 98.139.183.24:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 312ms, M ximo = 337ms, Media = 324ms
Servidor: google-public-dns-a.google.com
Address: 8.8.8.8

Nombre: bleepingcomputer.com
Address: 208.43.87.2


Haciendo ping a bleepingcomputer.com [208.43.87.2] con 32 bytes de datos:
Respuesta desde 208.43.87.2: Host de destino inaccesible.
Respuesta desde 208.43.87.2: Host de destino inaccesible.

Estad¡sticas de ping para 208.43.87.2:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),

Haciendo ping a 127.0.0.1 con 32 bytes de datos:
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128
Respuesta desde 127.0.0.1: bytes=32 tiempo<1m TTL=128

Estad¡sticas de ping para 127.0.0.1:
Paquetes: enviados = 2, recibidos = 2, perdidos = 0
(0% perdidos),
Tiempos aproximados de ida y vuelta en milisegundos:
M¡nimo = 0ms, M ximo = 0ms, Media = 0ms
===========================================================================
ILista de interfaces
33...00 15 af 22 a7 a3 ......Microsoft Virtual WiFi Miniport Adapter #2
23...00 15 af 22 a7 a3 ......Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
10...00 1b fc 8f de 8c ......Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
35...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #2
36...00 00 00 00 00 00 00 e0 Adaptador ISATAP de Microsoft #3
===========================================================================

IPv4 Tabla de enrutamiento
===========================================================================
Rutas activas:
Destino de red M scara de red Puerta de enlace Interfaz M‚trica
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.128 20
127.0.0.0 255.0.0.0 En v¡nculo 127.0.0.1 306
127.0.0.1 255.255.255.255 En v¡nculo 127.0.0.1 306
127.255.255.255 255.255.255.255 En v¡nculo 127.0.0.1 306
192.168.1.0 255.255.255.0 En v¡nculo 192.168.1.128 276
192.168.1.128 255.255.255.255 En v¡nculo 192.168.1.128 276
192.168.1.255 255.255.255.255 En v¡nculo 192.168.1.128 276
224.0.0.0 240.0.0.0 En v¡nculo 127.0.0.1 306
224.0.0.0 240.0.0.0 En v¡nculo 192.168.1.128 276
255.255.255.255 255.255.255.255 En v¡nculo 127.0.0.1 306
255.255.255.255 255.255.255.255 En v¡nculo 192.168.1.128 276
===========================================================================
Rutas persistentes:
Ninguno

IPv6 Tabla de enrutamiento
===========================================================================
Rutas activas:
Cuando destino de red m‚trica Puerta de enlace
1 306 ::1/128 En v¡nculo
10 276 fe80::/64 En v¡nculo
10 276 fe80::21eb:38e6:4a6a:6fa0/128
En v¡nculo
1 306 ff00::/8 En v¡nculo
10 276 ff00::/8 En v¡nculo
===========================================================================
Rutas persistentes:
Ninguno
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/07/2012 10:18:36 AM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/07/2012 09:41:07 AM) (Source: Application Hang) (User: )
Description: El programa iexplore.exe, versión 9.0.8112.16447, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1120

Hora de inicio: 01cd73e406645833

Hora de finalización: 78

Ruta de acceso de la aplicación: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Identificador de informe:

Error: (08/06/2012 05:52:35 PM) (Source: SideBySide) (User: )
Description: Error al generar el contexto de activación para "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Error en el archivo de manifiesto o directiva "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" en la línea C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/05/2012 08:05:47 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: mpc-hc.exe, versión: 1.6.0.4014, marca de tiempo: 0x4f26fccf
Nombre del módulo con errores: evr.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b86c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000888c
Id. del proceso con errores: 0xa38
Hora de inicio de la aplicación con errores: 0xmpc-hc.exe0
Ruta de acceso de la aplicación con errores: mpc-hc.exe1
Ruta de acceso del módulo con errores: mpc-hc.exe2
Id. del informe: mpc-hc.exe3

Error: (08/05/2012 04:13:03 PM) (Source: Application Hang) (User: )
Description: El programa iexplore.exe, versión 9.0.8112.16447, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 5b0

Hora de inicio: 01cd72e32daff64a

Hora de finalización: 92

Ruta de acceso de la aplicación: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Identificador de informe:

Error: (08/04/2012 11:58:06 PM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: mpc-hc.exe, versión: 1.6.0.4014, marca de tiempo: 0x4f26fccf
Nombre del módulo con errores: evr.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b86c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x00008386
Id. del proceso con errores: 0x17e0
Hora de inicio de la aplicación con errores: 0xmpc-hc.exe0
Ruta de acceso de la aplicación con errores: mpc-hc.exe1
Ruta de acceso del módulo con errores: mpc-hc.exe2
Id. del informe: mpc-hc.exe3

Error: (08/03/2012 00:39:22 PM) (Source: Application Hang) (User: )
Description: El programa iexplore.exe, versión 9.0.8112.16447, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 2044

Hora de inicio: 01cd716421ce8869

Hora de finalización: 77

Ruta de acceso de la aplicación: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Identificador de informe:

Error: (08/03/2012 00:39:07 PM) (Source: Application Hang) (User: )
Description: El programa iexplore.exe, versión 9.0.8112.16447, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: 1c18

Hora de inicio: 01cd716421dbf61b

Hora de finalización: 75

Ruta de acceso de la aplicación: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Identificador de informe:

Error: (08/03/2012 00:37:39 PM) (Source: Application Hang) (User: )
Description: El programa iexplore.exe, versión 9.0.8112.16447, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador de proceso: bc4

Hora de inicio: 01cd6fd72b4a1c72

Hora de finalización: 20

Ruta de acceso de la aplicación: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Identificador de informe: 3cbd8019-dd57-11e1-be9d-0015af22a7a3

Error: (08/03/2012 06:54:20 AM) (Source: Application Error) (User: )
Description: Nombre de la aplicación con errores: mpc-hc.exe, versión: 1.6.0.4014, marca de tiempo: 0x4f26fccf
Nombre del módulo con errores: evr.dll, versión: 6.1.7601.17514, marca de tiempo: 0x4ce7b86c
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000888c
Id. del proceso con errores: 0x948
Hora de inicio de la aplicación con errores: 0xmpc-hc.exe0
Ruta de acceso de la aplicación con errores: mpc-hc.exe1
Ruta de acceso del módulo con errores: mpc-hc.exe2
Id. del informe: mpc-hc.exe3


System errors:
=============
Error: (08/07/2012 03:21:35 PM) (Source: Service Control Manager) (User: )
Description: El servicio Proveedor de Grupo Hogar depende del servicio Publicación de recurso de detección de función, el cual no pudo iniciarse debido al siguiente error:
%%-2147024891

Error: (08/07/2012 03:21:35 PM) (Source: Service Control Manager) (User: )
Description: El servicio Publicación de recurso de detección de función se cerró con el siguiente error:
%%-2147024891

Error: (08/07/2012 03:20:45 PM) (Source: Service Control Manager) (User: )
Description: El servicio Examinador de equipos se cerró con el siguiente error:
%%1060

Error: (08/07/2012 03:20:45 PM) (Source: Service Control Manager) (User: )
Description: El servicio Agente de directiva IPsec depende del siguiente servicio: BFE. Este servicio podría no estar instalado.

Error: (08/07/2012 03:20:44 PM) (Source: Service Control Manager) (User: )
Description: El servicio Microsoft Network Inspection System depende del siguiente servicio: BFE. Este servicio podría no estar instalado.

Error: (08/07/2012 03:20:43 PM) (Source: Service Control Manager) (User: )
Description: El servicio Publicación de recurso de detección de función se cerró con el siguiente error:
%%-2147024891

Error: (08/07/2012 03:20:42 PM) (Source: Service Control Manager) (User: )
Description: El servicio Módulos de creación de claves de IPsec para IKE y AuthIP depende del siguiente servicio: BFE. Este servicio podría no estar instalado.

Error: (08/07/2012 11:54:17 AM) (Source: Service Control Manager) (User: )
Description: El servicio Publicación de recurso de detección de función se cerró con el siguiente error:
%%-2147024891

Error: (08/07/2012 11:54:17 AM) (Source: Service Control Manager) (User: )
Description: El servicio Proveedor de Grupo Hogar depende del servicio Publicación de recurso de detección de función, el cual no pudo iniciarse debido al siguiente error:
%%-2147024891

Error: (08/07/2012 10:52:21 AM) (Source: Service Control Manager) (User: )
Description: El servicio Proveedor de Grupo Hogar depende del servicio Publicación de recurso de detección de función, el cual no pudo iniciarse debido al siguiente error:
%%-2147024891


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
12noon Display Changer (Version: 4.3.2.0)
AC3Filter 1.63b (Version: 1.63b)
Actualización de NVIDIA 1.7.11 (Version: 1.7.11)
Adobe AIR (Version: 3.3.0.3670)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Reader X (10.1.3) - Español (Version: 10.1.3)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Advanced RAR Password Recovery (remove only)
Android SDK Tools (Version: 1.16)
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.3.127)
Applian FLV and Media Player 3.1.1.12 (Version: 3.1.1.12)
ArcSoft TotalMedia 3.5
ArcSoft TotalMedia Theatre 5 (Version: 5.0.1.80)
Ares 2.1.2 (Version: 2.1.2-Build#3036)
µTorrent (Version: 3.1.3)
Audacity 1.2.6
Babylon toolbar on IE
Bluetooth Stack for Windows by Toshiba (Version: v5.10.14)
Boris Graffiti (Version: 5.20.200)
Centro de dispositivos de Windows Mobile (Version: 6.1.6965.0)
Cities XL 2011 (Version: 1.0.0)
Compresor WinRAR
Controlador de Pinnacle Video (Version: 12.1.0.030)
CoreAVC Professional Edition (remove only)
CyberLink PowerDVD 12 (Version: 12.0.1312.54)
dcmsvc 1.0
Drv (Version: 1.00.0000)
EA Installer (Version: 2.3.0.74)
eMule
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
EVEREST Home Edition v2.20 (Version: 2.20)
F1 2010 2.1
FIFA 11 (Version: 1.0.0.0)
FIFA MANAGER 10
FIFA MANAGER 11 (Version: 1.0.0.3)
FIFA MANAGER 12 (Version: 1.0.0.3)
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
FireArc Arcade (Version: 0.3.3)
Flip 3.4.2 (Version: 3.4.2)
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
FM Genie Scout 12 version 1.1 (Version: 1.1)
Football Manager 2012 Repack
fotos de los entrenadores de la Liga BBVA
Free eXPert PDF Reader (Version: 4.0.260.0)
Full Tilt Poker (Version: 4.37.5.WIN.FullTilt.COM)
GameSpy Arcade
GameXN GO
Google Chrome (Version: 21.0.1180.60)
Google Desktop (Version: 5.9.1005.12335)
Google Earth Plug-in (Version: 6.2.2.6613)
Google Talk Plugin (Version: 3.3.3.8675)
Google Update Helper (Version: 1.3.21.115)
Haali Media Splitter
Hard Disk Low Level Format Tool 2.36 build 1181
HP USB Disk Storage Format Tool
Instalable módulo criptográfico Ceres (Version: 13.0.0)
Instalable módulo criptográfico DNIe (Version: 6.0.2)
Intel A/V Codecs V2.0
IrfanView (remove only)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 26 (64-bit) (Version: 6.0.260)
Java™ 6 Update 29 (Version: 6.0.290)
JDownloader (Version: 0.89)
Knoll Light Factory EZ Studio
League of Legends (Version: 1.02.0000)
Logitech SetPoint 6.32 (Version: 6.32.20)
Magic Bullet Looks Studio
Malwarebytes Anti-Malware versión 1.62.0.1300 (Version: 1.62.0.1300)
Media Player Classic - Home Cinema 1.6.0.4014 (Version: 1.6.0.4014)
MediaInfo 0.7.57 (Version: 0.7.57)
Megavideo Video Downloader 3.19
Messenger Plus! Live (Version: 4.83.0.376)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile ESN Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended ESN Language Pack (Version: 4.0.30320)
Microsoft Antimalware Service ES-ES Language Pack (Version: 3.0.8402.2)
Microsoft Games for Windows - LIVE Redistributable (Version: 2.0.672.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel 2007 Help Actualización (KB963678)
Microsoft Office Excel MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook 2007 Help Actualización (KB963677)
Microsoft Office Outlook MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669)
Microsoft Office PowerPoint MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Basque) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Catalan) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Galician) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 Help Actualización (KB963665)
Microsoft Office Word MUI (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Client ES-ES Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 8.0.1 (x86 es-ES) (Version: 8.0.1)
MSVC80_x64 (Version: 1.0.1.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86 (Version: 1.0.1.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
Mystery Case Files - Madame Fate (Español)
MyTomTom 3.1.0.530 (Version: 3.1.0.530)
Nero 8 Lite 8.1.1.3 (Version: 8.1.1.3)
Nielsen
Nokia Connectivity Cable Driver (Version: 7.1.31.0)
Nokia Map Loader (Version: 3.0.28)
Nokia Maps Updater 1.0.12 (Version: 1.0.12)
Nokia Ovi Suite (Version: 2.2.0.245)
Nokia Ovi Suite Software Updater (Version: 02.05.002.42441)
Nokia PC Suite (Version: 7.1.40.1)
Nokia Software Updater (Version: 02.06.001.43673)
NVIDIA Controlador de 3D Vision 296.10 (Version: 296.10)
NVIDIA Controlador de gráficos 296.10 (Version: 296.10)
NVIDIA Controlador de la controladora 3D Vision 296.10 (Version: 296.10)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA Software del sistema PhysX 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9610)
NVIDIA Update Components (Version: 1.7.11)
Octoshape add-in for Adobe Flash Player
OpenAL
Opera 10.01 (Version: 10.01)
Opera 10.10 (Version: 10.10)
Opera 11.11 (Version: 11.11)
Opera 11.64 (Version: 11.64.1403)
Origin (Version: 8.5.0.4554)
Ovi Desktop Sync Engine (Version: 1.4.78.0)
OviMPlatform (Version: 2.6.195.0)
Pam Call Recorder 4.8 (Version: 4.8)
Pando Media Booster (Version: 2.3.5.2)
Panel de control de NVIDIA 296.10 (Version: 296.10)
Paquete de controladores de Windows - Nokia Modem (06/01/2009 7.01.0.4) (Version: 06/01/2009 7.01.0.4)
Paquete de controladores de Windows - Nokia Modem (10/05/2009 4.2) (Version: 10/05/2009 4.2)
Paquete de controladores de Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (Version: 4.0.30320)
Paquete de idioma de Microsoft .NET Framework 4 Extended ESN (Version: 4.0.30320)
PC Connectivity Solution (Version: 10.35.0.0)
PCSX2 ÀèÃ÷ÆÆÏþÇ°
PDF Editor 3
Phoenix Viewer 1.6.0.1600
Pinnacle Studio 14 (Version: 14.0.0.7255)
Pinnacle Studio Ultimate Collection Plugins (Version: 14.0.0.7255)
PlayStation®Network Downloader (Version: 2.02.00076)
PowerDVD (Version: 7.3.3319a.0)
PowerDVD Ultra (Version: 7.3.3319a.0)
proDAD Heroglyph 2.5 (Version: 2.6.32)
proDAD Mercalli 1.0
proDAD Vitascene 1.0
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.66.71.0)
Rapture3D 2.4.4 Game
RayV (Version: 2.0.0.56)
ReClock
Red Giant ToonIt Studio
Replay Media Catcher 4 (4.3.2) (Version: 4.3.2)
Replay Music (Version: 3.45)
Samsung Kies (Version: 2.0.0.11044_11)
Samsung Universal Print Driver (Version: 2.02.05.00:24)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.5.0)
save2pc 5.11
SCR3xxx Smart Card Reader (Version: 8.44)
Skype™ 5.9 (Version: 5.9.123)
SMRecorder 1.2.4 (Version: 1.2.4)
SocuSoft Web Video Player 1.30
Sony USB Driver
Speccy (Version: 1.16)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spotify (Version: 0.4.8)
Spotify (Version: 0.8.3.222.g317ab79d)
Steam (Version: 1.0.0.0)
Stream Torrent 1.0
StreamTransport version: 1.0.2.2171
StuffPlug 3 (Version: 3.5.590)
swMSM (Version: 12.0.0.1)
TeamViewer 5 (Version: 5.0.7904 )
TOM Live Player (Version: 1.0.0)
Trapcode 3DStroke Studio
Trapcode Particular Studio
Trapcode Shine Studio
UnLock Root 2.31 (Version: 2.31)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
URL Snooper v2.30.01
VAFPlayer (Version: 1.5.6)
Veetle TV (Version: 0.9.19)
Videotodo 2.2.1.0 (Version: 2.2.1.0)
VirtualCloneDrive
VistaBootPRO 3.3 (Version: 3.3.0)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)
VLC media player 1.0.3 (Version: 1.0.3)
Warner Bros. Digital Copy Manager (Version: 1.70)
Wave MP3 Editor - Evaluation (Version: 7.60.0000)
WBFS Manager 3.0 (Version: 3.0)
Winamp (Version: 5.56 )
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Driver Package - OPTO ELECTRONICS CO.,LTD (optousb) Ports (06/02/2008 2.0.5.5) (Version: 06/02/2008 2.0.5.5)
Windows Live installer (Version: 12.0.1471.1025)
Windows Live Messenger (Version: 8.5.1302.1018)
Windows Movie Maker 2.6 (Version: 2.6.4038.0)
Windows XP Mode (Version: 1.3.7600.16422)
WinPcap 4.1.2 (Version: 4.1.0.2001)
Wuala CBFS (Version: 3.1.85.0)
XBMC

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 8191.12 MB
Available physical RAM: 5765.39 MB
Total Pagefile: 16380.43 MB
Available Pagefile: 13713.25 MB
Total Virtual: 4095.88 MB
Available Virtual: 3914.96 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:307.32 GB) (Free:43.01 GB) NTFS
3 Drive d: (Samsung F1 750 Gb) (Fixed) (Total:698.63 GB) (Free:2.18 GB) NTFS
5 Drive f: (F1 1 tera) (Fixed) (Total:473.93 GB) (Free:18.84 GB) NTFS
6 Drive g: () (Fixed) (Total:292.97 GB) (Free:12.36 GB) NTFS
7 Drive h: (Almacen 1.5Tb) (Fixed) (Total:796.88 GB) (Free:14.05 GB) NTFS
8 Drive i: (La Mula) (Fixed) (Total:457.58 GB) (Free:3.68 GB) NTFS
9 Drive j: (Emergencias SO) (Fixed) (Total:200 GB) (Free:199.78 GB) NTFS
12 Drive x: (2 Terabytes) (Fixed) (Total:1663.02 GB) (Free:8.59 GB) NTFS

========================= Users: ========================================

Cuentas de usuario de \\ALBERTO-PC

Administrador Alberto ASPNET
Invitado UpdatusUser
Se ha completado el comando correctamente.


**** End of log ****

Farbar Service Scanner Version: 06-08-2012
Ran by Alberto (administrator) on 07-08-2012 at 15:40:24
Running from "C:\Users\Alberto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QS3J0MOQ"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2011-02-26 08:36] - [2010-11-20 15:26] - 0317952 ____A (Microsoft Corporation)

C:\Windows\System32\drivers\afd.sys
[2012-02-16 02:09] - [2011-12-28 05:59] - 0498688 ____A (Microsoft Corporation)

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-11 17:16] - [2012-03-30 13:35] - 1918320 ____A (Microsoft Corporation)

C:\Windows\System32\dnsrslvr.dll
[2011-04-12 19:05] - [2011-03-03 08:24] - 0183296 ____A (Microsoft Corporation)

C:\Windows\System32\mpssvc.dll
[2011-02-26 08:36] - [2010-11-20 15:26] - 0828416 ____A (Microsoft Corporation)

C:\Windows\System32\bfe.dll
[2011-02-26 08:36] - [2010-11-20 15:25] - 0705024 ____A (Microsoft Corporation)

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2011-02-26 08:35] - [2010-11-20 15:27] - 0170496 ____A (Microsoft Corporation)

C:\Windows\System32\vssvc.exe
[2011-02-26 08:36] - [2010-11-20 15:25] - 1600512 ____A (Microsoft Corporation)

C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll
[2009-07-14 01:47] - [2009-07-14 03:41] - 0242688 ____A (Microsoft Corporation)

C:\Windows\System32\wuaueng.dll
[2012-06-21 13:20] - [2012-06-03 00:19] - 2428952 ____A (Microsoft Corporation)

C:\Windows\System32\qmgr.dll
[2011-02-26 08:36] - [2010-11-20 15:27] - 0849920 ____A (Microsoft Corporation)

C:\Windows\System32\es.dll
[2009-07-14 02:00] - [2009-07-14 03:40] - 0402944 ____A (Microsoft Corporation)

C:\Windows\System32\cryptsvc.dll
[2012-06-13 14:01] - [2012-04-24 07:37] - 0184320 ____A (Microsoft Corporation)

C:\Program Files\Windows Defender\MpSvc.dll
[2009-07-14 01:54] - [2009-07-14 03:41] - 1011712 ____A (Microsoft Corporation)

C:\Windows\System32\ipnathlp.dll
[2009-07-14 02:10] - [2009-07-14 03:41] - 0359424 ____A (Microsoft Corporation)

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2011-02-26 08:36] - [2010-11-20 15:27] - 0512000 ____A (Microsoft Corporation)



**** End of log ****

Edited by al2005, 07 August 2012 - 08:42 AM.


#7 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 07 August 2012 - 08:52 AM

# AdwCleaner v1.800 - Logfile created 08/07/2012 at 15:41:45
# Updated 01/08/2012 by Xplode
# Operating system : Microsoft Windows Server 2003 Service Pack 1 (64 bits)
# User : Alberto - ALBERTO-PC
# Running from : C:\Users\Alberto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BVE80O4\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Alberto\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Alberto\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Alberto\AppData\Roaming\freeTVRadio
Folder Deleted : C:\Users\Alberto\AppData\Roaming\OfferBox
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\Program Files (x86)\Babylon
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\freeTVRadio
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml

***** [Registry] *****

Key Deleted : HKCU\Software\freeTVRadio
Key Deleted : HKCU\Software\Offerbox
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Offerbox
Key Deleted : HKLM\SOFTWARE\Viewpoint
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
[x64] Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
[x64] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[x64] Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1E5CEE40-211D-4FEF-B03F-6D784089A445}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{596117CB-19F1-47B4-AA3A-CFF13970450A}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{746B5408-3579-4CED-B76A-BEC915730F45}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7C36E7FF-9860-4437-A5FF-B1349A43835B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C20001AC-EA08-4185-A47F-423473FA96E6}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA417304-519C-4278-9155-9B6562942C39}
[x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
[x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Opera v11.64.1403.0

File : C:\Users\Alberto\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4410 octets] - [07/08/2012 15:41:45]

########## EOF - C:\AdwCleaner[S1].txt - [4538 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 07 August 2012 - 09:33 AM

Press Windows+R key and type

notepad and click ok
copy this script and paste in notepad
@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:services.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Restart the PC

Open your C drive

On top,click on Organize-folder and search options

Click on View tab and scroll down

Check mark Show hidden files
Uncheck Hide operating system files


Click ok,now go to

C:\Users\Alberto\AppData\Local\{3d2f6b32-10cd-b51b-f08d-c2b455548758}
C:\Windows\Installer\{3d2f6b32-10cd-b51b-f08d-c2b455548758}

delete the folders



Download

MpsSvc
BFE
wscsvc
defender
wuauserv
BITS
Sharedaccess

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log

Edited by narenxp, 07 August 2012 - 09:34 AM.


#9 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 07 August 2012 - 09:59 AM

Press Windows+R key and type

notepad and click ok
copy this script and paste in notepad

@echo off
cd c:\windows\system32
takeown /a /f services.exe
cacls services.exe /g administrators:f
ren services.exe services.exe.old
COPY /Y C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe C:\WINDOWS\system32
DEL %0

Click on FILE>> save as

filename:services.bat
Save as type:All types

Now right click on the services.bat file and select run as administrator and run it,click Y and press ENTER

Restart the PC

I'm not sure, but I think this step fails, right click run as administrator, then a black screen appears briefly, but I see nothing else and the file disappears

I will continue with other tasks

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 07 August 2012 - 10:13 AM

Do not restart the PC

Can you post the new SYSTEM LOOK log

#11 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 07 August 2012 - 10:26 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 17:19 on 07/08/2012 by Alberto
Administrator - Elevation successful

========== filefind ==========

Searching for "services.exe"
C:\Windows\System32\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe --a---- 328704 bytes [23:19 13/07/2009] [01:39 14/07/2009] 24ACB7E5BE595468E3B9AA488B9B4FCB

========== folderfind ==========

Searching for "{3d2f6b32-10cd-b51b-f08d-c2b455548758}"
No folders found.

-= EOF =-

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 07 August 2012 - 10:28 AM

That worked.Please continue with other instructions.

#13 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 07 August 2012 - 10:46 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Alberto (administrator) on 07-08-2012 at 17:45:47
Running from "C:\Users\Alberto\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GSQINYJ4"
Microsoft Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend: "%ProgramFiles(x86)%\Windows Defender\mpsvc.dll".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll
[2011-02-26 08:36] - [2010-11-20 15:26] - 0317952 ____A (Microsoft Corporation)

C:\Windows\System32\drivers\afd.sys
[2012-02-16 02:09] - [2011-12-28 05:59] - 0498688 ____A (Microsoft Corporation)

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-11 17:16] - [2012-03-30 13:35] - 1918320 ____A (Microsoft Corporation)

C:\Windows\System32\dnsrslvr.dll
[2011-04-12 19:05] - [2011-03-03 08:24] - 0183296 ____A (Microsoft Corporation)

C:\Windows\System32\mpssvc.dll
[2011-02-26 08:36] - [2010-11-20 15:26] - 0828416 ____A (Microsoft Corporation)

C:\Windows\System32\bfe.dll
[2011-02-26 08:36] - [2010-11-20 15:25] - 0705024 ____A (Microsoft Corporation)

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2011-02-26 08:35] - [2010-11-20 15:27] - 0170496 ____A (Microsoft Corporation)

C:\Windows\System32\vssvc.exe
[2011-02-26 08:36] - [2010-11-20 15:25] - 1600512 ____A (Microsoft Corporation)

C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll
[2009-07-14 01:47] - [2009-07-14 03:41] - 0242688 ____A (Microsoft Corporation)

C:\Windows\System32\wuaueng.dll
[2012-06-21 13:20] - [2012-06-03 00:19] - 2428952 ____A (Microsoft Corporation)

C:\Windows\System32\qmgr.dll
[2011-02-26 08:36] - [2010-11-20 15:27] - 0849920 ____A (Microsoft Corporation)

C:\Windows\System32\es.dll
[2009-07-14 02:00] - [2009-07-14 03:40] - 0402944 ____A (Microsoft Corporation)

C:\Windows\System32\cryptsvc.dll
[2012-06-13 14:01] - [2012-04-24 07:37] - 0184320 ____A (Microsoft Corporation)

C:\Program Files\Windows Defender\MpSvc.dll
[2009-07-14 01:54] - [2009-07-14 03:41] - 1011712 ____A (Microsoft Corporation)

C:\Windows\System32\ipnathlp.dll
[2009-07-14 02:10] - [2009-07-14 03:41] - 0359424 ____A (Microsoft Corporation)

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2011-02-26 08:36] - [2010-11-20 15:27] - 0512000 ____A (Microsoft Corporation)



**** End of log ****

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:37 AM

Posted 07 August 2012 - 12:48 PM

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log



You didnot do this

#15 al2005

al2005
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:08:37 AM

Posted 07 August 2012 - 01:15 PM

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the FSS log



You didnot do this

I did, but I will repeat again




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users