Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WIndows 7 Wireless turned off


  • Please log in to reply
31 replies to this topic

#1 GrecoISU

GrecoISU

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 30 August 2012 - 08:44 PM

I've picked up some piece of malware I believe that has turned off my wireless adapter. The physical switch is turned on and Fn+f2 does not work to get it turned on. I have scanned with: Malwarebytes, Avast Antivirus, Spybot, and was running Online Armor firewall a the time of infection. Spybot did find several and all were removed. I was downloading things I should not have, and I know better. It is a fairly recent install of windows. I have release and renewed IP and flushed the DNS. Ethernet LAN connection had worked previous, now it is doing exactly what the wireless is. Wireless drivers are up to date. Any help would be appreciated!

Edited by GrecoISU, 30 August 2012 - 08:44 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:00 PM

Posted 30 August 2012 - 08:45 PM

Do you have restore point when wireless worked?

#3 GrecoISU

GrecoISU
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 30 August 2012 - 08:51 PM

Nope. I thought I did and restored but apparently the restore point I was looking for was deleted. Thanks for the quick reply.

Edited by GrecoISU, 30 August 2012 - 08:53 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:00 PM

Posted 30 August 2012 - 08:54 PM

Restart the PC

Press F8 on bootup

Select REPAIR YOUR COMPUTER

Click on REPAIR

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt


Click on System restore and see if you have previous restore points and try a system restore

#5 GrecoISU

GrecoISU
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 30 August 2012 - 08:54 PM

I should note, it did briefly work when I installed the wireless utility from the manufacturers website. Once restarted, it didn't work again. It isn't disabled, just says its off.

There is no previous restore point available prior to wireless problems.

Edited by GrecoISU, 30 August 2012 - 08:57 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:00 PM

Posted 30 August 2012 - 09:03 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#7 GrecoISU

GrecoISU
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 30 August 2012 - 09:39 PM

I couldn't use Esets on my computer because I can't connect to the Internet download/update it. I tried to install it on a flash drive but was unsuccessful. Here are the other two logs.

TDS:


22:11:27.0501 3012 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:11:27.0548 3012 ============================================================
22:11:27.0548 3012 Current date / time: 2012/08/30 22:11:27.0548
22:11:27.0548 3012 SystemInfo:
22:11:27.0548 3012
22:11:27.0548 3012 OS Version: 6.1.7600 ServicePack: 0.0
22:11:27.0548 3012 Product type: Workstation
22:11:27.0548 3012 ComputerName: JOHN-LAPTOP
22:11:27.0548 3012 UserName: John
22:11:27.0548 3012 Windows directory: C:\Windows
22:11:27.0548 3012 System windows directory: C:\Windows
22:11:27.0548 3012 Running under WOW64
22:11:27.0548 3012 Processor architecture: Intel x64
22:11:27.0548 3012 Number of processors: 2
22:11:27.0548 3012 Page size: 0x1000
22:11:27.0548 3012 Boot type: Normal boot
22:11:27.0548 3012 ============================================================
22:11:28.0953 3012 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:11:28.0953 3012 Drive \Device\Harddisk1\DR1 - Size: 0x773FFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:11:28.0953 3012 ============================================================
22:11:28.0953 3012 \Device\Harddisk0\DR0:
22:11:28.0953 3012 MBR partitions:
22:11:28.0953 3012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1771000, BlocksNum 0x32000
22:11:28.0953 3012 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A3000, BlocksNum 0x38BE2800
22:11:28.0953 3012 \Device\Harddisk1\DR1:
22:11:28.0953 3012 MBR partitions:
22:11:28.0953 3012 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x81, BlocksNum 0x3B9D3F
22:11:28.0953 3012 ============================================================
22:11:29.0077 3012 C: <-> \Device\Harddisk0\DR0\Partition2
22:11:29.0077 3012 ============================================================
22:11:29.0077 3012 Initialize success
22:11:29.0077 3012 ============================================================
22:11:30.0637 3016 ============================================================
22:11:30.0637 3016 Scan started
22:11:30.0637 3016 Mode: Manual;
22:11:30.0637 3016 ============================================================
22:11:34.0871 3016 ================ Scan system memory ========================
22:11:34.0871 3016 System memory - ok
22:11:34.0871 3016 ================ Scan services =============================
22:11:36.0695 3016 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:11:36.0695 3016 1394ohci - ok
22:11:37.0101 3016 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
22:11:37.0101 3016 ACPI - ok
22:11:37.0179 3016 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
22:11:37.0179 3016 AcpiPmi - ok
22:11:38.0209 3016 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:11:38.0224 3016 AdobeFlashPlayerUpdateSvc - ok
22:11:38.0521 3016 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:11:38.0661 3016 adp94xx - ok
22:11:38.0770 3016 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:11:38.0770 3016 adpahci - ok
22:11:38.0957 3016 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:11:39.0004 3016 adpu320 - ok
22:11:39.0082 3016 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:11:39.0176 3016 AeLookupSvc - ok
22:11:39.0659 3016 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
22:11:39.0659 3016 AFD - ok
22:11:39.0784 3016 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
22:11:39.0800 3016 agp440 - ok
22:11:39.0893 3016 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:11:39.0909 3016 ALG - ok
22:11:39.0971 3016 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
22:11:39.0987 3016 aliide - ok
22:11:40.0065 3016 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
22:11:40.0065 3016 amdide - ok
22:11:40.0205 3016 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:11:40.0221 3016 AmdK8 - ok
22:11:40.0330 3016 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:11:40.0330 3016 AmdPPM - ok
22:11:40.0486 3016 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:11:40.0486 3016 amdsata - ok
22:11:40.0627 3016 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:11:40.0642 3016 amdsbs - ok
22:11:40.0658 3016 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:11:40.0658 3016 amdxata - ok
22:11:40.0970 3016 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
22:11:40.0970 3016 AppID - ok
22:11:41.0048 3016 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:11:41.0048 3016 AppIDSvc - ok
22:11:41.0219 3016 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
22:11:41.0235 3016 Appinfo - ok
22:11:41.0641 3016 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:11:41.0641 3016 Apple Mobile Device - ok
22:11:41.0734 3016 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:11:41.0734 3016 arc - ok
22:11:41.0859 3016 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:11:41.0859 3016 arcsas - ok
22:11:42.0015 3016 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:11:42.0015 3016 aswFsBlk - ok
22:11:42.0109 3016 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:11:42.0124 3016 aswMonFlt - ok
22:11:42.0296 3016 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:11:42.0296 3016 aswRdr - ok
22:11:42.0483 3016 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:11:42.0499 3016 aswSnx - ok
22:11:42.0639 3016 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:11:42.0639 3016 aswSP - ok
22:11:42.0670 3016 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:11:42.0670 3016 aswTdi - ok
22:11:42.0795 3016 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:11:42.0795 3016 AsyncMac - ok
22:11:42.0826 3016 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
22:11:42.0826 3016 atapi - ok
22:11:43.0466 3016 [ 481CC0E01A941BA4DD0D949C1D47B417 ] athr C:\Windows\system32\DRIVERS\athrx.sys
22:11:43.0965 3016 athr - ok
22:11:44.0215 3016 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:11:44.0246 3016 AudioEndpointBuilder - ok
22:11:44.0324 3016 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:11:44.0324 3016 AudioSrv - ok
22:11:44.0542 3016 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:11:44.0542 3016 avast! Antivirus - ok
22:11:44.0651 3016 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:11:44.0651 3016 AxInstSV - ok
22:11:44.0917 3016 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:11:44.0948 3016 b06bdrv - ok
22:11:45.0260 3016 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:11:45.0291 3016 b57nd60a - ok
22:11:45.0400 3016 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:11:45.0400 3016 BDESVC - ok
22:11:45.0587 3016 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:11:45.0587 3016 Beep - ok
22:11:45.0899 3016 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
22:11:45.0915 3016 BFE - ok
22:11:46.0009 3016 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
22:11:46.0040 3016 BITS - ok
22:11:46.0133 3016 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:11:46.0133 3016 blbdrive - ok
22:11:46.0336 3016 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:11:46.0336 3016 Bonjour Service - ok
22:11:46.0508 3016 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:11:46.0523 3016 bowser - ok
22:11:46.0586 3016 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:11:46.0586 3016 BrFiltLo - ok
22:11:46.0664 3016 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:11:46.0679 3016 BrFiltUp - ok
22:11:46.0711 3016 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
22:11:46.0711 3016 Browser - ok
22:11:46.0757 3016 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:11:46.0757 3016 Brserid - ok
22:11:46.0820 3016 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:11:46.0820 3016 BrSerWdm - ok
22:11:46.0867 3016 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:11:46.0867 3016 BrUsbMdm - ok
22:11:46.0882 3016 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:11:46.0898 3016 BrUsbSer - ok
22:11:46.0913 3016 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:11:46.0913 3016 BTHMODEM - ok
22:11:47.0023 3016 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:11:47.0038 3016 bthserv - ok
22:11:47.0085 3016 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:11:47.0101 3016 cdfs - ok
22:11:47.0179 3016 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:11:47.0194 3016 cdrom - ok
22:11:47.0319 3016 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
22:11:47.0319 3016 CertPropSvc - ok
22:11:47.0413 3016 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:11:47.0413 3016 circlass - ok
22:11:47.0537 3016 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:11:47.0537 3016 CLFS - ok
22:11:47.0818 3016 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:11:47.0818 3016 clr_optimization_v2.0.50727_32 - ok
22:11:48.0052 3016 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:11:48.0052 3016 clr_optimization_v2.0.50727_64 - ok
22:11:48.0239 3016 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:11:48.0317 3016 clr_optimization_v4.0.30319_32 - ok
22:11:48.0676 3016 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:11:48.0676 3016 clr_optimization_v4.0.30319_64 - ok
22:11:48.0848 3016 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:11:48.0863 3016 CmBatt - ok
22:11:48.0863 3016 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
22:11:48.0863 3016 cmdide - ok
22:11:48.0973 3016 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
22:11:48.0973 3016 CNG - ok
22:11:49.0051 3016 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:11:49.0051 3016 Compbatt - ok
22:11:49.0097 3016 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:11:49.0097 3016 CompositeBus - ok
22:11:49.0113 3016 COMSysApp - ok
22:11:49.0144 3016 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:11:49.0160 3016 crcdisk - ok
22:11:49.0207 3016 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:11:49.0207 3016 CryptSvc - ok
22:11:49.0347 3016 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:11:49.0378 3016 DcomLaunch - ok
22:11:49.0472 3016 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:11:49.0487 3016 defragsvc - ok
22:11:49.0612 3016 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:11:49.0612 3016 DfsC - ok
22:11:49.0721 3016 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
22:11:49.0721 3016 Dhcp - ok
22:11:49.0753 3016 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:11:49.0768 3016 discache - ok
22:11:49.0799 3016 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:11:49.0815 3016 Disk - ok
22:11:49.0846 3016 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:11:49.0846 3016 Dnscache - ok
22:11:49.0987 3016 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
22:11:50.0002 3016 dot3svc - ok
22:11:50.0033 3016 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
22:11:50.0033 3016 DPS - ok
22:11:50.0158 3016 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:11:50.0158 3016 drmkaud - ok
22:11:50.0330 3016 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:11:50.0330 3016 DXGKrnl - ok
22:11:50.0392 3016 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:11:50.0408 3016 EapHost - ok
22:11:50.0860 3016 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:11:50.0969 3016 ebdrv - ok
22:11:51.0001 3016 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
22:11:51.0001 3016 EFS - ok
22:11:51.0328 3016 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:11:51.0437 3016 ehRecvr - ok
22:11:51.0500 3016 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:11:51.0500 3016 ehSched - ok
22:11:51.0781 3016 [ 343ADA10D948DB29251F2D9C809AF204 ] EIO64 C:\Windows\system32\DRIVERS\EIO64.sys
22:11:51.0781 3016 EIO64 - ok
22:11:51.0921 3016 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
22:11:51.0921 3016 ElbyCDIO - ok
22:11:52.0015 3016 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:11:52.0093 3016 elxstor - ok
22:11:52.0233 3016 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
22:11:52.0233 3016 epmntdrv - ok
22:11:52.0264 3016 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
22:11:52.0264 3016 ErrDev - ok
22:11:52.0498 3016 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
22:11:52.0498 3016 EuGdiDrv - ok
22:11:52.0607 3016 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:11:52.0639 3016 EventSystem - ok
22:11:52.0685 3016 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:11:52.0701 3016 exfat - ok
22:11:52.0748 3016 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:11:52.0748 3016 fastfat - ok
22:11:52.0935 3016 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
22:11:52.0966 3016 Fax - ok
22:11:53.0044 3016 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:11:53.0044 3016 fdc - ok
22:11:53.0169 3016 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:11:53.0185 3016 fdPHost - ok
22:11:53.0231 3016 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:11:53.0247 3016 FDResPub - ok
22:11:53.0263 3016 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:11:53.0263 3016 FileInfo - ok
22:11:53.0309 3016 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:11:53.0325 3016 Filetrace - ok
22:11:53.0356 3016 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:11:53.0356 3016 flpydisk - ok
22:11:53.0590 3016 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:11:53.0590 3016 FltMgr - ok
22:11:53.0731 3016 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
22:11:53.0762 3016 FontCache - ok
22:11:53.0980 3016 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:11:53.0996 3016 FontCache3.0.0.0 - ok
22:11:54.0011 3016 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:11:54.0027 3016 FsDepends - ok
22:11:54.0089 3016 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:11:54.0089 3016 Fs_Rec - ok
22:11:54.0277 3016 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:11:54.0277 3016 fvevol - ok
22:11:54.0292 3016 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:11:54.0308 3016 gagp30kx - ok
22:11:54.0386 3016 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:11:54.0386 3016 GEARAspiWDM - ok
22:11:54.0511 3016 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
22:11:54.0542 3016 gpsvc - ok
22:11:54.0651 3016 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:11:54.0651 3016 hcw85cir - ok
22:11:54.0791 3016 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:11:54.0807 3016 HdAudAddService - ok
22:11:54.0885 3016 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:11:54.0901 3016 HDAudBus - ok
22:11:54.0932 3016 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:11:54.0932 3016 HidBatt - ok
22:11:54.0994 3016 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:11:55.0010 3016 HidBth - ok
22:11:55.0057 3016 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:11:55.0057 3016 HidIr - ok
22:11:55.0103 3016 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:11:55.0119 3016 hidserv - ok
22:11:55.0259 3016 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:11:55.0259 3016 HidUsb - ok
22:11:55.0384 3016 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:11:55.0384 3016 hkmsvc - ok
22:11:55.0447 3016 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:11:55.0447 3016 HomeGroupListener - ok
22:11:55.0618 3016 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:11:55.0634 3016 HomeGroupProvider - ok
22:11:55.0712 3016 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
22:11:55.0712 3016 HpSAMD - ok
22:11:55.0852 3016 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:11:55.0883 3016 HTTP - ok
22:11:55.0930 3016 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:11:55.0930 3016 hwpolicy - ok
22:11:56.0086 3016 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:11:56.0086 3016 i8042prt - ok
22:11:56.0305 3016 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:11:56.0320 3016 iaStorV - ok
22:11:56.0554 3016 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:11:56.0632 3016 idsvc - ok
22:11:56.0679 3016 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:11:56.0679 3016 iirsp - ok
22:11:56.0819 3016 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
22:11:56.0866 3016 IKEEXT - ok
22:11:56.0929 3016 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
22:11:56.0929 3016 intelide - ok
22:11:57.0022 3016 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:11:57.0022 3016 intelppm - ok
22:11:57.0131 3016 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:11:57.0131 3016 IPBusEnum - ok
22:11:57.0163 3016 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:11:57.0163 3016 IpFilterDriver - ok
22:11:57.0241 3016 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:11:57.0319 3016 iphlpsvc - ok
22:11:57.0350 3016 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:11:57.0365 3016 IPMIDRV - ok
22:11:57.0381 3016 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:11:57.0381 3016 IPNAT - ok
22:11:57.0568 3016 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:11:57.0568 3016 iPod Service - ok
22:11:57.0709 3016 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:11:57.0709 3016 IRENUM - ok
22:11:57.0787 3016 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
22:11:57.0787 3016 isapnp - ok
22:11:57.0818 3016 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:11:57.0833 3016 iScsiPrt - ok
22:11:57.0911 3016 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:11:57.0911 3016 kbdclass - ok
22:11:57.0974 3016 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:11:57.0974 3016 kbdhid - ok
22:11:58.0021 3016 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
22:11:58.0021 3016 KeyIso - ok
22:11:58.0114 3016 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:11:58.0114 3016 KSecDD - ok
22:11:58.0130 3016 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:11:58.0130 3016 KSecPkg - ok
22:11:58.0286 3016 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:11:58.0286 3016 ksthunk - ok
22:11:58.0411 3016 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:11:58.0426 3016 KtmRm - ok
22:11:58.0535 3016 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:11:58.0551 3016 LanmanServer - ok
22:11:58.0629 3016 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:11:58.0645 3016 LanmanWorkstation - ok
22:11:58.0754 3016 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:11:58.0769 3016 lltdio - ok
22:11:58.0816 3016 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:11:58.0847 3016 lltdsvc - ok
22:11:58.0894 3016 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:11:58.0894 3016 lmhosts - ok
22:11:59.0035 3016 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:11:59.0050 3016 LSI_FC - ok
22:11:59.0113 3016 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:11:59.0128 3016 LSI_SAS - ok
22:11:59.0159 3016 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:11:59.0159 3016 LSI_SAS2 - ok
22:11:59.0253 3016 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:11:59.0269 3016 LSI_SCSI - ok
22:11:59.0331 3016 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:11:59.0331 3016 luafv - ok
22:11:59.0362 3016 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:11:59.0378 3016 Mcx2Svc - ok
22:11:59.0440 3016 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:11:59.0440 3016 megasas - ok
22:11:59.0456 3016 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:11:59.0471 3016 MegaSR - ok
22:11:59.0705 3016 Microsoft SharePoint Workspace Audit Service - ok
22:11:59.0815 3016 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:11:59.0815 3016 MMCSS - ok
22:11:59.0861 3016 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:11:59.0861 3016 Modem - ok
22:11:59.0939 3016 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:11:59.0939 3016 monitor - ok
22:12:00.0049 3016 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:12:00.0049 3016 mouclass - ok
22:12:00.0127 3016 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:12:00.0142 3016 mouhid - ok
22:12:00.0142 3016 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:12:00.0142 3016 mountmgr - ok
22:12:00.0407 3016 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:12:00.0407 3016 MozillaMaintenance - ok
22:12:00.0470 3016 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
22:12:00.0470 3016 mpio - ok
22:12:00.0563 3016 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:12:00.0579 3016 mpsdrv - ok
22:12:00.0844 3016 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:12:00.0891 3016 MpsSvc - ok
22:12:00.0969 3016 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:12:00.0969 3016 MRxDAV - ok
22:12:01.0047 3016 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:12:01.0063 3016 mrxsmb - ok
22:12:01.0172 3016 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:12:01.0234 3016 mrxsmb10 - ok
22:12:01.0265 3016 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:12:01.0281 3016 mrxsmb20 - ok
22:12:01.0297 3016 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
22:12:01.0297 3016 msahci - ok
22:12:01.0359 3016 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
22:12:01.0359 3016 msdsm - ok
22:12:01.0421 3016 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:12:01.0421 3016 MSDTC - ok
22:12:01.0531 3016 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:12:01.0531 3016 Msfs - ok
22:12:01.0655 3016 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:12:01.0671 3016 mshidkmdf - ok
22:12:01.0733 3016 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
22:12:01.0733 3016 msisadrv - ok
22:12:01.0811 3016 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:12:01.0827 3016 MSiSCSI - ok
22:12:01.0827 3016 msiserver - ok
22:12:01.0905 3016 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:12:01.0905 3016 MSKSSRV - ok
22:12:01.0999 3016 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:12:02.0014 3016 MSPCLOCK - ok
22:12:02.0030 3016 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:12:02.0045 3016 MSPQM - ok
22:12:02.0123 3016 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:12:02.0123 3016 MsRPC - ok
22:12:02.0170 3016 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:12:02.0170 3016 mssmbios - ok
22:12:02.0326 3016 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:12:02.0326 3016 MSTEE - ok
22:12:02.0342 3016 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:12:02.0357 3016 MTConfig - ok
22:12:02.0482 3016 [ A523D9F6AEB152C4480D754DF7FA9F7F ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
22:12:02.0482 3016 MTsensor - ok
22:12:02.0591 3016 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:12:02.0607 3016 Mup - ok
22:12:02.0716 3016 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
22:12:02.0747 3016 napagent - ok
22:12:02.0888 3016 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:12:02.0919 3016 NativeWifiP - ok
22:12:03.0075 3016 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
22:12:03.0075 3016 NDIS - ok
22:12:03.0169 3016 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:12:03.0169 3016 NdisCap - ok
22:12:03.0278 3016 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:12:03.0293 3016 NdisTapi - ok
22:12:03.0356 3016 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:12:03.0356 3016 Ndisuio - ok
22:12:03.0387 3016 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:12:03.0387 3016 NdisWan - ok
22:12:03.0403 3016 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:12:03.0403 3016 NDProxy - ok
22:12:03.0465 3016 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:12:03.0465 3016 NetBIOS - ok
22:12:03.0512 3016 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:12:03.0512 3016 NetBT - ok
22:12:03.0543 3016 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
22:12:03.0559 3016 Netlogon - ok
22:12:03.0652 3016 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:12:03.0668 3016 Netman - ok
22:12:03.0762 3016 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:12:03.0793 3016 netprofm - ok
22:12:03.0855 3016 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:12:03.0871 3016 NetTcpPortSharing - ok
22:12:03.0886 3016 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:12:03.0886 3016 nfrd960 - ok
22:12:03.0996 3016 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:12:04.0011 3016 NlaSvc - ok
22:12:04.0042 3016 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:12:04.0058 3016 Npfs - ok
22:12:04.0089 3016 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:12:04.0105 3016 nsi - ok
22:12:04.0136 3016 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:12:04.0136 3016 nsiproxy - ok
22:12:04.0354 3016 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:12:04.0464 3016 Ntfs - ok
22:12:04.0510 3016 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:12:04.0510 3016 Null - ok
22:12:05.0821 3016 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:12:05.0883 3016 nvlddmkm - ok
22:12:06.0320 3016 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:12:06.0336 3016 nvraid - ok
22:12:06.0398 3016 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:12:06.0398 3016 nvstor - ok
22:12:06.0570 3016 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:12:06.0585 3016 nvsvc - ok
22:12:06.0648 3016 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
22:12:06.0648 3016 nv_agp - ok
22:12:06.0757 3016 [ FAEF7B156E073F0450C5087F57696F0B ] OAcat C:\Program Files (x86)\Online Armor\OAcat.exe
22:12:06.0757 3016 OAcat - ok
22:12:07.0849 3016 [ 9C78F13766AB2629E11FB0DFB162EE33 ] OADevice C:\Windows\SysWow64\Drivers\OADriver.sys
22:12:07.0849 3016 OADevice - ok
22:12:07.0896 3016 [ 6CDB036083EF969210D2F747C8AB5771 ] oahlpXX C:\Windows\syswow64\drivers\oahlp64.sys
22:12:07.0896 3016 oahlpXX - ok
22:12:07.0958 3016 [ C2B6A1CCEE9669119A7FC9DAB2008B68 ] OAmon C:\Windows\SysWOW64\Drivers\OAmon.sys
22:12:07.0958 3016 OAmon - ok
22:12:08.0067 3016 [ F99C170CF63DE515C51BB11E76EA23EC ] OAnet C:\Windows\system32\DRIVERS\oanet.sys
22:12:08.0083 3016 OAnet - ok
22:12:08.0192 3016 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:12:08.0192 3016 ohci1394 - ok
22:12:08.0364 3016 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:12:08.0364 3016 ose - ok
22:12:09.0050 3016 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:12:09.0144 3016 osppsvc - ok
22:12:09.0237 3016 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:12:09.0253 3016 p2pimsvc - ok
22:12:09.0378 3016 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:12:09.0440 3016 p2psvc - ok
22:12:09.0487 3016 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:12:09.0502 3016 Parport - ok
22:12:09.0580 3016 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:12:09.0580 3016 partmgr - ok
22:12:09.0674 3016 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:12:09.0674 3016 PcaSvc - ok
22:12:09.0846 3016 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
22:12:09.0846 3016 pci - ok
22:12:09.0986 3016 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
22:12:09.0986 3016 pciide - ok
22:12:10.0095 3016 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:12:10.0126 3016 pcmcia - ok
22:12:10.0142 3016 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:12:10.0142 3016 pcw - ok
22:12:10.0189 3016 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:12:10.0189 3016 PEAUTH - ok
22:12:10.0267 3016 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:12:10.0298 3016 PerfHost - ok
22:12:10.0548 3016 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
22:12:10.0594 3016 pla - ok
22:12:10.0782 3016 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:12:10.0813 3016 PlugPlay - ok
22:12:10.0860 3016 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:12:10.0860 3016 PNRPAutoReg - ok
22:12:10.0922 3016 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:12:10.0938 3016 PNRPsvc - ok
22:12:10.0969 3016 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:12:10.0984 3016 PolicyAgent - ok
22:12:11.0031 3016 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:12:11.0031 3016 Power - ok
22:12:11.0109 3016 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:12:11.0125 3016 PptpMiniport - ok
22:12:11.0140 3016 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:12:11.0156 3016 Processor - ok
22:12:11.0250 3016 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
22:12:11.0250 3016 ProfSvc - ok
22:12:11.0281 3016 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:12:11.0296 3016 ProtectedStorage - ok
22:12:11.0390 3016 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:12:11.0390 3016 Psched - ok
22:12:11.0499 3016 [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
22:12:11.0499 3016 PxHlpa64 - ok
22:12:11.0640 3016 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:12:11.0733 3016 ql2300 - ok
22:12:11.0796 3016 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:12:11.0796 3016 ql40xx - ok
22:12:11.0874 3016 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:12:11.0889 3016 QWAVE - ok
22:12:11.0967 3016 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:12:11.0983 3016 QWAVEdrv - ok
22:12:12.0076 3016 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:12:12.0092 3016 RasAcd - ok
22:12:12.0201 3016 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:12:12.0217 3016 RasAgileVpn - ok
22:12:12.0310 3016 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:12:12.0326 3016 RasAuto - ok
22:12:12.0451 3016 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:12:12.0451 3016 Rasl2tp - ok
22:12:12.0498 3016 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
22:12:12.0513 3016 RasMan - ok
22:12:12.0544 3016 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:12:12.0544 3016 RasPppoe - ok
22:12:12.0607 3016 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:12:12.0622 3016 RasSstp - ok
22:12:12.0654 3016 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:12:12.0654 3016 rdbss - ok
22:12:12.0669 3016 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:12:12.0685 3016 rdpbus - ok
22:12:12.0716 3016 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:12:12.0716 3016 RDPCDD - ok
22:12:12.0794 3016 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:12:12.0794 3016 RDPENCDD - ok
22:12:12.0825 3016 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:12:12.0825 3016 RDPREFMP - ok
22:12:12.0888 3016 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:12:12.0888 3016 RDPWD - ok
22:12:12.0997 3016 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:12:13.0028 3016 rdyboost - ok
22:12:13.0090 3016 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:12:13.0106 3016 RemoteAccess - ok
22:12:13.0137 3016 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:12:13.0137 3016 RemoteRegistry - ok
22:12:13.0200 3016 [ 2A43F9E6DBDE12BC0C104785C3B3F5DF ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
22:12:13.0215 3016 rismxdp - ok
22:12:13.0293 3016 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:12:13.0293 3016 RpcEptMapper - ok
22:12:13.0324 3016 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:12:13.0324 3016 RpcLocator - ok
22:12:13.0418 3016 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
22:12:13.0418 3016 RpcSs - ok
22:12:13.0527 3016 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:12:13.0527 3016 rspndr - ok
22:12:13.0621 3016 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:12:13.0621 3016 RTL8167 - ok
22:12:13.0652 3016 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
22:12:13.0652 3016 SamSs - ok
22:12:13.0699 3016 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
22:12:13.0699 3016 sbp2port - ok
22:12:13.0761 3016 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:12:13.0777 3016 SCardSvr - ok
22:12:13.0808 3016 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:12:13.0808 3016 scfilter - ok
22:12:13.0964 3016 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
22:12:14.0011 3016 Schedule - ok
22:12:14.0042 3016 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:12:14.0042 3016 SCPolicySvc - ok
22:12:14.0136 3016 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:12:14.0136 3016 sdbus - ok
22:12:14.0182 3016 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:12:14.0182 3016 SDRSVC - ok
22:12:14.0276 3016 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:12:14.0276 3016 secdrv - ok
22:12:14.0292 3016 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
22:12:14.0307 3016 seclogon - ok
22:12:14.0338 3016 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:12:14.0338 3016 SENS - ok
22:12:14.0416 3016 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:12:14.0432 3016 SensrSvc - ok
22:12:14.0479 3016 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:12:14.0479 3016 Serenum - ok
22:12:14.0541 3016 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:12:14.0541 3016 Serial - ok
22:12:14.0557 3016 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:12:14.0557 3016 sermouse - ok
22:12:14.0713 3016 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
22:12:14.0713 3016 SessionEnv - ok
22:12:14.0760 3016 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:12:14.0760 3016 sffdisk - ok
22:12:14.0775 3016 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:12:14.0775 3016 sffp_mmc - ok
22:12:14.0806 3016 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:12:14.0806 3016 sffp_sd - ok
22:12:14.0884 3016 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:12:14.0900 3016 sfloppy - ok
22:12:14.0994 3016 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:12:15.0072 3016 SharedAccess - ok
22:12:15.0181 3016 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:12:15.0212 3016 ShellHWDetection - ok
22:12:15.0384 3016 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
22:12:15.0384 3016 SiSGbeLH - ok
22:12:15.0415 3016 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:12:15.0415 3016 SiSRaid2 - ok
22:12:15.0430 3016 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:12:15.0446 3016 SiSRaid4 - ok
22:12:15.0493 3016 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:12:15.0508 3016 Smb - ok
22:12:15.0618 3016 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:12:15.0618 3016 SNMPTRAP - ok
22:12:15.0649 3016 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:12:15.0649 3016 spldr - ok
22:12:15.0805 3016 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
22:12:15.0820 3016 Spooler - ok
22:12:16.0257 3016 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
22:12:16.0273 3016 sppsvc - ok
22:12:16.0366 3016 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:12:16.0382 3016 sppuinotify - ok
22:12:16.0507 3016 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:12:16.0554 3016 srv - ok
22:12:16.0616 3016 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:12:16.0632 3016 srv2 - ok
22:12:16.0694 3016 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:12:16.0694 3016 srvnet - ok
22:12:16.0803 3016 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:12:16.0803 3016 SSDPSRV - ok
22:12:16.0819 3016 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:12:16.0819 3016 SstpSvc - ok
22:12:16.0881 3016 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:12:16.0881 3016 stexstor - ok
22:12:16.0990 3016 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
22:12:17.0022 3016 stisvc - ok
22:12:17.0458 3016 [ 578A7D52C4F7CA65E109B4E7C7AC5CB3 ] SvcOnlineArmor C:\Program Files (x86)\Online Armor\oasrv.exe
22:12:17.0490 3016 SvcOnlineArmor - ok
22:12:17.0521 3016 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:12:17.0521 3016 swenum - ok
22:12:17.0755 3016 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:12:17.0770 3016 SwitchBoard - ok
22:12:17.0864 3016 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:12:17.0880 3016 swprv - ok
22:12:18.0098 3016 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
22:12:18.0160 3016 SysMain - ok
22:12:18.0207 3016 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:12:18.0223 3016 TabletInputService - ok
22:12:18.0316 3016 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
22:12:18.0363 3016 TapiSrv - ok
22:12:18.0441 3016 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:12:18.0441 3016 TBS - ok
22:12:18.0597 3016 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:12:18.0597 3016 Tcpip - ok
22:12:18.0847 3016 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:12:18.0862 3016 TCPIP6 - ok
22:12:18.0909 3016 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:12:18.0909 3016 tcpipreg - ok
22:12:18.0972 3016 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:12:18.0972 3016 TDPIPE - ok
22:12:19.0018 3016 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:12:19.0018 3016 TDTCP - ok
22:12:19.0081 3016 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:12:19.0081 3016 tdx - ok
22:12:19.0096 3016 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:12:19.0096 3016 TermDD - ok
22:12:19.0284 3016 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
22:12:19.0330 3016 TermService - ok
22:12:19.0393 3016 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:12:19.0393 3016 Themes - ok
22:12:19.0486 3016 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:12:19.0486 3016 THREADORDER - ok
22:12:19.0533 3016 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:12:19.0533 3016 TrkWks - ok
22:12:19.0596 3016 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:12:19.0596 3016 TrustedInstaller - ok
22:12:19.0689 3016 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:12:19.0689 3016 tssecsrv - ok
22:12:19.0783 3016 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:12:19.0783 3016 tunnel - ok
22:12:19.0814 3016 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:12:19.0830 3016 uagp35 - ok
22:12:19.0876 3016 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:12:19.0908 3016 udfs - ok
22:12:19.0970 3016 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:12:19.0986 3016 UI0Detect - ok
22:12:20.0032 3016 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
22:12:20.0032 3016 uliagpkx - ok
22:12:20.0110 3016 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:12:20.0126 3016 umbus - ok
22:12:20.0173 3016 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:12:20.0173 3016 UmPass - ok
22:12:20.0313 3016 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:12:20.0329 3016 upnphost - ok
22:12:20.0500 3016 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:12:20.0500 3016 USBAAPL64 - ok
22:12:20.0532 3016 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:12:20.0532 3016 usbaudio - ok
22:12:20.0578 3016 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:12:20.0578 3016 usbccgp - ok
22:12:20.0672 3016 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
22:12:20.0672 3016 usbcir - ok
22:12:20.0703 3016 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:12:20.0703 3016 usbehci - ok
22:12:20.0781 3016 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:12:20.0781 3016 usbhub - ok
22:12:20.0828 3016 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:12:20.0844 3016 usbohci - ok
22:12:20.0890 3016 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:12:20.0890 3016 usbprint - ok
22:12:20.0937 3016 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:12:20.0937 3016 USBSTOR - ok
22:12:20.0968 3016 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:12:20.0968 3016 usbuhci - ok
22:12:21.0062 3016 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:12:21.0078 3016 usbvideo - ok
22:12:21.0124 3016 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:12:21.0124 3016 UxSms - ok
22:12:21.0171 3016 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
22:12:21.0171 3016 VaultSvc - ok
22:12:21.0202 3016 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
22:12:21.0202 3016 VClone - ok
22:12:21.0265 3016 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
22:12:21.0280 3016 vdrvroot - ok
22:12:21.0358 3016 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
22:12:21.0405 3016 vds - ok
22:12:21.0468 3016 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:12:21.0483 3016 vga - ok
22:12:21.0561 3016 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:12:21.0561 3016 VgaSave - ok
22:12:21.0592 3016 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
22:12:21.0592 3016 vhdmp - ok
22:12:21.0624 3016 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
22:12:21.0639 3016 viaide - ok
22:12:21.0686 3016 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
22:12:21.0686 3016 volmgr - ok
22:12:21.0733 3016 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:12:21.0733 3016 volmgrx - ok
22:12:21.0764 3016 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
22:12:21.0764 3016 volsnap - ok
22:12:21.0811 3016 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:12:21.0811 3016 vsmraid - ok
22:12:21.0998 3016 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
22:12:22.0014 3016 VSS - ok
22:12:22.0029 3016 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:12:22.0045 3016 vwifibus - ok
22:12:22.0092 3016 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:12:22.0107 3016 vwififlt - ok
22:12:22.0232 3016 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:12:22.0232 3016 vwifimp - ok
22:12:22.0326 3016 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:12:22.0357 3016 W32Time - ok
22:12:22.0482 3016 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:12:22.0482 3016 WacomPen - ok
22:12:22.0622 3016 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:12:22.0622 3016 WANARP - ok
22:12:22.0669 3016 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:12:22.0684 3016 Wanarpv6 - ok
22:12:22.0934 3016 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:12:22.0996 3016 WatAdminSvc - ok
22:12:23.0184 3016 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
22:12:23.0246 3016 wbengine - ok
22:12:23.0277 3016 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:12:23.0277 3016 WbioSrvc - ok
22:12:23.0386 3016 [ 8DD42F233EC1317E5F7B0FC61E3D9BC2 ] WBVGAservice C:\Program Files (x86)\ASUS\Turbo Gear Enhanced VGA Driver\WBVGAservice.exe
22:12:23.0386 3016 WBVGAservice - ok
22:12:23.0496 3016 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:12:23.0542 3016 wcncsvc - ok
22:12:23.0589 3016 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:12:23.0589 3016 WcsPlugInService - ok
22:12:23.0620 3016 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:12:23.0620 3016 Wd - ok
22:12:23.0714 3016 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:12:23.0714 3016 Wdf01000 - ok
22:12:23.0761 3016 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:12:23.0776 3016 WdiServiceHost - ok
22:12:23.0792 3016 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:12:23.0792 3016 WdiSystemHost - ok
22:12:23.0839 3016 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
22:12:23.0854 3016 WebClient - ok
22:12:23.0917 3016 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:12:23.0917 3016 Wecsvc - ok
22:12:23.0979 3016 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:12:23.0979 3016 wercplsupport - ok
22:12:24.0104 3016 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:12:24.0120 3016 WerSvc - ok
22:12:24.0182 3016 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:12:24.0182 3016 WfpLwf - ok
22:12:24.0229 3016 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:12:24.0244 3016 WIMMount - ok
22:12:24.0276 3016 WinDefend - ok
22:12:24.0307 3016 WinHttpAutoProxySvc - ok
22:12:24.0494 3016 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:12:24.0510 3016 Winmgmt - ok
22:12:24.0697 3016 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
22:12:24.0759 3016 WinRM - ok
22:12:24.0962 3016 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:12:24.0978 3016 WinUsb - ok
22:12:25.0087 3016 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:12:25.0118 3016 Wlansvc - ok
22:12:25.0165 3016 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:12:25.0165 3016 WmiAcpi - ok
22:12:25.0243 3016 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:12:25.0258 3016 wmiApSrv - ok
22:12:25.0321 3016 WMPNetworkSvc - ok
22:12:25.0368 3016 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:12:25.0383 3016 WPCSvc - ok
22:12:25.0399 3016 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:12:25.0414 3016 WPDBusEnum - ok
22:12:25.0446 3016 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:12:25.0461 3016 ws2ifsl - ok
22:12:25.0492 3016 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
22:12:25.0492 3016 wscsvc - ok
22:12:25.0508 3016 WSearch - ok
22:12:25.0758 3016 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:12:25.0836 3016 wuauserv - ok
22:12:25.0898 3016 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:12:25.0898 3016 WudfPf - ok
22:12:25.0976 3016 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:12:25.0992 3016 WUDFRd - ok
22:12:26.0038 3016 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:12:26.0038 3016 wudfsvc - ok
22:12:26.0085 3016 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:12:26.0085 3016 WwanSvc - ok
22:12:26.0241 3016 ================ Scan global ===============================
22:12:26.0288 3016 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:12:26.0382 3016 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
22:12:26.0397 3016 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
22:12:26.0428 3016 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:12:26.0491 3016 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:12:26.0491 3016 [Global] - ok
22:12:26.0491 3016 ================ Scan MBR ==================================
22:12:26.0553 3016 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:12:30.0765 3016 \Device\Harddisk0\DR0 - ok
22:12:30.0781 3016 [ 23B571400A29918F5392F6E85EEB756E ] \Device\Harddisk1\DR1
22:12:30.0812 3016 \Device\Harddisk1\DR1 - ok
22:12:30.0812 3016 ================ Scan VBR ==================================
22:12:30.0859 3016 [ 09FDBFFED96F6FC2F4F1BBB108102A1B ] \Device\Harddisk0\DR0\Partition1
22:12:30.0859 3016 \Device\Harddisk0\DR0\Partition1 - ok
22:12:30.0874 3016 [ A400E677A36FE817C9D2CD25BCABFB6D ] \Device\Harddisk0\DR0\Partition2
22:12:30.0874 3016 \Device\Harddisk0\DR0\Partition2 - ok
22:12:30.0874 3016 [ E36F0BC93B8A17A0E2BBA865DA4E84F3 ] \Device\Harddisk1\DR1\Partition1
22:12:30.0874 3016 \Device\Harddisk1\DR1\Partition1 - ok
22:12:30.0874 3016 ============================================================
22:12:30.0874 3016 Scan finished
22:12:30.0874 3016 ============================================================
22:12:31.0171 3536 Detected object count: 0
22:12:31.0171 3536 Actual detected object count: 0
22:14:05.0560 1864 Deinitialize success


ASW:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-30 22:14:42
-----------------------------
22:14:42.502 OS Version: Windows x64 6.1.7600
22:14:42.502 Number of processors: 2 586 0x170A
22:14:42.502 ComputerName: JOHN-LAPTOP UserName: John
22:15:01.715 Initialize success
22:15:01.855 AVAST engine defs: 12082901
22:15:27.377 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:15:27.377 Disk 0 Vendor: ST9500325AS 0002SDM1 Size: 476940MB BusType: 11
22:15:27.392 Disk 0 MBR read successfully
22:15:27.392 Disk 0 MBR scan
22:15:27.392 Disk 0 Windows 7 default MBR code
22:15:27.392 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 12001 MB offset 63
22:15:27.423 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 24580096
22:15:27.439 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 464837 MB offset 24784896
22:15:27.486 Disk 0 scanning C:\Windows\system32\drivers
22:15:58.920 Service scanning
22:16:07.952 Service epmntdrv C:\Windows\C:\Windows\system32\epmntdrv.sys **LOCKED** 123
22:16:25.019 Modules scanning
22:16:25.019 Disk 0 trace - called modules:
22:16:25.034 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
22:16:25.050 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80067d2730]
22:16:25.050 3 CLASSPNP.SYS[fffff880018c243f] -> nt!IofCallDriver -> [0xfffffa8006281520]
22:16:25.065 5 ACPI.sys[fffff88000ec6781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa800627d680]
22:16:26.937 AVAST engine scan C:\Windows
22:16:59.089 AVAST engine scan C:\Windows\system32
22:22:11.371 AVAST engine scan C:\Windows\system32\drivers
22:22:27.112 AVAST engine scan C:\Users\John
22:29:41.325 AVAST engine scan C:\ProgramData
22:30:46.627 Scan finished successfully
22:31:04.334 Disk 0 MBR has been saved successfully to "C:\Users\John\Desktop\MBR.dat"
22:31:04.349 The log file has been saved successfully to "C:\Users\John\Desktop\aswMBR.txt"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:00 PM

Posted 30 August 2012 - 09:41 PM

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#9 GrecoISU

GrecoISU
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 30 August 2012 - 09:56 PM

FFS:

Farbar Service Scanner Version: 06-08-2012
Ran by John (administrator) on 30-08-2012 at 22:48:31
Running from "G:\"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Google IP is accessible.
Attempt to access Google.com returned error: Other errors
Yahoo IP is accessible.
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-08-18 09:19] - [2011-12-27 23:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-08-18 09:14] - [2012-03-30 07:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-13 20:09] - [2009-07-13 21:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-13 19:36] - [2009-07-13 21:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-08-18 09:21] - [2012-04-24 01:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MiniToolBox:


MiniToolBox by Farbar Version: 23-07-2012
Ran by John (administrator) on 30-08-2012 at 22:54:29
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
Qualcomm Atheros AR928X Wireless Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : John-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR928X Wireless Network Adapter
Physical Address. . . . . . . . . : 00-22-43-99-44-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ma.rr.com
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : E0-CB-4E-90-5E-B9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7D6A2B10-2547-4598-B683-6DA679476499}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.ma.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 22 43 99 44 5b ......Qualcomm Atheros AR928X Wireless Network Adapter
18...e0 cb 4e 90 5e b9 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/30/2012 10:31:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 10:31:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 10:31:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 10:11:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 06:19:19 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c).

Error: (08/30/2012 06:19:19 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c, This service cannot be started in Safe Mode
.


Operation:
Instantiating VSS server

Error: (08/30/2012 06:19:19 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]


Operation:
Instantiating VSS server

Error: (08/30/2012 04:58:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.87, time stamp: 0x4fc6d5ba
Faulting module name: OLEAUT32.dll, version: 6.1.7600.16872, time stamp: 0x4e5873c1
Exception code: 0xc0000005
Fault offset: 0x0001604c
Faulting process id: 0x59c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (08/30/2012 04:52:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.87, time stamp: 0x4fc6d5ba
Faulting module name: OLEAUT32.dll, version: 6.1.7600.16872, time stamp: 0x4e5873c1
Exception code: 0xc0000005
Fault offset: 0x0001604c
Faulting process id: 0x650
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (08/30/2012 04:48:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.87, time stamp: 0x4fc6d5ba
Faulting module name: OLEAUT32.dll, version: 6.1.7600.16872, time stamp: 0x4e5873c1
Exception code: 0xc0000005
Fault offset: 0x0001604c
Faulting process id: 0xac4
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3


System errors:
=============
Error: (08/30/2012 10:14:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems.

Error: (08/30/2012 07:05:53 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for sv-SE. Returned CBS error code 0x80073701.

Error: (08/30/2012 07:05:53 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for sv-SE

Error: (08/30/2012 07:05:41 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for es-ES. Returned CBS error code 0x80073701.

Error: (08/30/2012 07:05:41 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for es-ES

Error: (08/30/2012 07:05:29 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for ro-RO. Returned CBS error code 0x80073701.

Error: (08/30/2012 07:05:29 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for ro-RO

Error: (08/30/2012 07:05:18 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for pt-PT. Returned CBS error code 0x80073701.

Error: (08/30/2012 07:05:18 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for pt-PT

Error: (08/30/2012 07:05:03 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for pl-PL. Returned CBS error code 0x80073701.


Microsoft Office Sessions:
=========================
Error: (08/30/2012 10:31:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 10:31:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 10:31:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 10:11:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 06:19:19 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c

Error: (08/30/2012 06:19:19 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x8007043c, This service cannot be started in Safe Mode


Operation:
Instantiating VSS server

Error: (08/30/2012 06:19:19 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, This service cannot be started in Safe Mode


Operation:
Instantiating VSS server

Error: (08/30/2012 04:58:59 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.874fc6d5baOLEAUT32.dll6.1.7600.168724e5873c1c00000050001604c59c01cd86f23c0d9baaG:\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\OLEAUT32.dll84d6b2f2-f2e5-11e1-82c3-c58927670a7f

Error: (08/30/2012 04:52:00 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.874fc6d5baOLEAUT32.dll6.1.7600.168724e5873c1c00000050001604c65001cd86f142a99015C:\Users\John\Desktop\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\OLEAUT32.dll8afe03f0-f2e4-11e1-82c3-c58927670a7f

Error: (08/30/2012 04:48:50 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.874fc6d5baOLEAUT32.dll6.1.7600.168724e5873c1c00000050001604cac401cd86f0cfec2bffG:\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\OLEAUT32.dll19acd264-f2e4-11e1-afdf-00224399445b


=========================== Installed Programs ============================

Adobe Acrobat X Pro - English, Franšais, Deutsch (Version: 10.1.1)
Adobe AIR (Version: 3.1.0.4880)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Help Manager (Version: 4.0.244)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Turbo Gear Enhanced VGA Driver (Version: 0.0.0.21)
avast! Free Antivirus (Version: 7.0.1466.0)
BitTorrent (Version: 7.7.0)
bl (Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
davehope.co.uk Product Key Finder
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
EASEUS Partition Master 8.0.1 Home Edition
Google Chrome (Version: 21.0.1180.83)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Magic ISO Maker v5.5 (build 0281)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
Online Armor 5.5 (Version: 5.5)
PDF Settings CS6 (Version: 11.0)
ph (Version: 1.0.0)
Spotify (Version: 0.8.4.124.ga3559d86)
Turbo Gear Extreme (Version: 1.00.24)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VirtualCloneDrive
WinRAR 4.20 (64-bit) (Version: 4.20.0)
World of Warcraft (Version: 5.0.4.16016)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 6143.04 MB
Available physical RAM: 4368.86 MB
Total Pagefile: 12284.21 MB
Available Pagefile: 10511.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.13 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:453.94 GB) (Free:319.55 GB) NTFS
4 Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
5 Drive g: (PENDRIVE) (Removable) (Total:1.86 GB) (Free:0.45 GB) FAT32

========================= Users: ========================================

User accounts for \\JOHN-LAPTOP

Administrator Guest John


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:00 PM

Posted 30 August 2012 - 10:05 PM

Uninstall Avast

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,run a full scan ,skip update

Click on SHOW results.Select all infections and remove it


Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)


Install wireless driver again and see if you connect

#11 GrecoISU

GrecoISU
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 31 August 2012 - 06:43 PM

Still nothing, thanks for the help so far. Heres the Malwaarebytes log:


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.03.05

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
John :: JOHN-LAPTOP [administrator]

8/31/2012 3:45:05 PM
mbam-log-2012-08-31 (15-45-05).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 511202
Time elapsed: 1 hour(s), 21 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:00 PM

Posted 31 August 2012 - 06:50 PM

Run minitoolbox and post the new log

Can you connect in safemode with networking

#13 GrecoISU

GrecoISU
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 31 August 2012 - 06:57 PM

No go on Safemode with networking.

MiniToolBox by Farbar Version: 23-07-2012
Ran by John (administrator) on 31-08-2012 at 19:53:13
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Qualcomm Atheros AR928X Wireless Network Adapter = Wireless Network Connection (Media disconnected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : John-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 22-22-43-99-44-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
Physical Address. . . . . . . . . : E0-CB-4E-90-5E-B9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR928X Wireless Network Adapter
Physical Address. . . . . . . . . : 00-22-43-99-44-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4E488C9F-C746-4DC5-AB39-70B908FC5B9B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EAD94561-E5EC-4CAA-8B05-CADDDDA9EE4F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D18BCB4B-0BDE-4C5F-9E48-05A7C4261517}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
32...22 22 43 99 44 5b ......Microsoft Virtual WiFi Miniport Adapter
28...e0 cb 4e 90 5e b9 ......Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
22...00 22 43 99 44 5b ......Qualcomm Atheros AR928X Wireless Network Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/30/2012 10:31:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 10:31:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 10:31:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 10:11:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (08/30/2012 06:19:19 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c).

Error: (08/30/2012 06:19:19 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c, This service cannot be started in Safe Mode
.


Operation:
Instantiating VSS server

Error: (08/30/2012 06:19:19 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]


Operation:
Instantiating VSS server

Error: (08/30/2012 04:58:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.87, time stamp: 0x4fc6d5ba
Faulting module name: OLEAUT32.dll, version: 6.1.7600.16872, time stamp: 0x4e5873c1
Exception code: 0xc0000005
Fault offset: 0x0001604c
Faulting process id: 0x59c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (08/30/2012 04:52:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.87, time stamp: 0x4fc6d5ba
Faulting module name: OLEAUT32.dll, version: 6.1.7600.16872, time stamp: 0x4e5873c1
Exception code: 0xc0000005
Fault offset: 0x0001604c
Faulting process id: 0x650
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (08/30/2012 04:48:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.87, time stamp: 0x4fc6d5ba
Faulting module name: OLEAUT32.dll, version: 6.1.7600.16872, time stamp: 0x4e5873c1
Exception code: 0xc0000005
Fault offset: 0x0001604c
Faulting process id: 0xac4
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3


System errors:
=============
Error: (08/31/2012 07:22:05 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for sv-SE. Returned CBS error code 0x80073701.

Error: (08/31/2012 07:22:05 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for sv-SE

Error: (08/31/2012 07:21:48 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for es-ES. Returned CBS error code 0x80073701.

Error: (08/31/2012 07:21:48 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for es-ES

Error: (08/31/2012 07:21:19 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for ro-RO. Returned CBS error code 0x80073701.

Error: (08/31/2012 07:21:19 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for ro-RO

Error: (08/31/2012 07:20:55 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for pt-PT. Returned CBS error code 0x80073701.

Error: (08/31/2012 07:20:55 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for pt-PT

Error: (08/31/2012 07:20:28 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS failed to remove the language pack for pl-PL. Returned CBS error code 0x80073701.

Error: (08/31/2012 07:20:28 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT AUTHORITY)
Description: CBS error 0x80073701 '' reported while operating on UI Language Pack for pl-PL


Microsoft Office Sessions:
=========================
Error: (08/30/2012 10:31:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 10:31:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 10:31:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 10:11:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestG:\esetsmartinstaller_enu.exe

Error: (08/30/2012 06:19:19 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c

Error: (08/30/2012 06:19:19 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x8007043c, This service cannot be started in Safe Mode


Operation:
Instantiating VSS server

Error: (08/30/2012 06:19:19 PM) (Source: VSS)(User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, This service cannot be started in Safe Mode


Operation:
Instantiating VSS server

Error: (08/30/2012 04:58:59 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.874fc6d5baOLEAUT32.dll6.1.7600.168724e5873c1c00000050001604c59c01cd86f23c0d9baaG:\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\OLEAUT32.dll84d6b2f2-f2e5-11e1-82c3-c58927670a7f

Error: (08/30/2012 04:52:00 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.874fc6d5baOLEAUT32.dll6.1.7600.168724e5873c1c00000050001604c65001cd86f142a99015C:\Users\John\Desktop\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\OLEAUT32.dll8afe03f0-f2e4-11e1-82c3-c58927670a7f

Error: (08/30/2012 04:48:50 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.874fc6d5baOLEAUT32.dll6.1.7600.168724e5873c1c00000050001604cac401cd86f0cfec2bffG:\Malwarebytes' Anti-Malware\mbam.exeC:\Windows\syswow64\OLEAUT32.dll19acd264-f2e4-11e1-afdf-00224399445b


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 6143.04 MB
Available physical RAM: 4662.5 MB
Total Pagefile: 12284.21 MB
Available Pagefile: 10756.18 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.84 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:453.94 GB) (Free:314.37 GB) NTFS
4 Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
5 Drive g: (PENDRIVE) (Removable) (Total:1.86 GB) (Free:0.44 GB) FAT32

========================= Users: ========================================

User accounts for \\JOHN-LAPTOP

Administrator Guest John


**** End of log ****

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:00 PM

Posted 31 August 2012 - 07:15 PM

I've picked up some piece of malware I believe that has turned off my wireless adapter. The physical switch is turned on and Fn+f2 does not work to get it turned on. I have scanned with: Malwarebytes, Avast Antivirus, Spybot, and was running Online Armor firewall a the time of infection.

Do you have any of these logs that took off your connection.

Edited by narenxp, 31 August 2012 - 07:15 PM.


#15 GrecoISU

GrecoISU
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:06:00 PM

Posted 31 August 2012 - 07:16 PM

I've picked up some piece of malware I believe that has turned off my wireless adapter. The physical switch is turned on and Fn+f2 does not work to get it turned on. I have scanned with: Malwarebytes, Avast Antivirus, Spybot, and was running Online Armor firewall a the time of infection.

Do you have any of these logs that took off your connection.


I'm not really sure what you are asking. Sorry!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users