Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

missing server Windows security center, windows firewall and windows update in services.msc


  • Please log in to reply
23 replies to this topic

#1 Oaksmanor

Oaksmanor

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 02 September 2012 - 09:07 AM

i am not good at english, hope i can make myself clear.

hello, everyone. this is all my fault. i download a movie call "Brave" via torrent from internet. after download i can't open the video file, the readme file tell me that i need to install a decoder software in the same folder. i use the microsoft security essential to scan this "decoder", all good. so i install it after scaning.

then, bad thing happened. the microsoft security essential realtime protection shut down. windows fire wall shut down. windows update shut down. the most important, all of those three could not be restart and i can't find each of them in the services.msc

i search on google for a solution. it take a long time.

finally, i found something on the google. the solution is use "sc" command to recreate the service on services.msc. then i download a reg file called "wscsvc.reg" from that site, and import it to the system.

http://pressf1.pcworld.co.nz/showthread.php?116524-Win7-Security-Centre-service-missing-after-malware-infection

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc]
"DisplayName"="@%SystemRoot%\\System32\\wscsvc.dll,-200"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,4c,00,6f,00,63,00,61,00,6c,00,53,00,65,00,72,00,76,00,69,00,63,\
00,65,00,4e,00,65,00,74,00,77,00,6f,00,72,00,6b,00,52,00,65,00,73,00,74,00,\
72,00,69,00,63,00,74,00,65,00,64,00,00,00
"Start"=dword:00000002
"Type"=dword:00000020
"Description"="@%SystemRoot%\\System32\\wscsvc.dll,-201"
"DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,57,00,69,00,6e,00,\
4d,00,67,00,6d,00,74,00,00,00,00,00
"ObjectName"="NT AUTHORITY\\LocalService"
"ServiceSidType"=dword:00000001
"RequiredPrivileges"=hex(7):53,00,65,00,43,00,68,00,61,00,6e,00,67,00,65,00,4e,\
00,6f,00,74,00,69,00,66,00,79,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,\
67,00,65,00,00,00,53,00,65,00,49,00,6d,00,70,00,65,00,72,00,73,00,6f,00,6e,\
00,61,00,74,00,65,00,50,00,72,00,69,00,76,00,69,00,6c,00,65,00,67,00,65,00,\
00,00,00,00
"DelayedAutoStart"=dword:00000001
"FailureActions"=hex:80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,\
00,01,00,00,00,c0,d4,01,00,01,00,00,00,e0,93,04,00,00,00,00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Parameters]
"ServiceDllUnloadOnStop"=dword:00000001
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
77,00,73,00,63,00,73,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc\Security]
"Security"=hex:01,00,14,80,c8,00,00,00,d4,00,00,00,14,00,00,00,30,00,00,00,02,\
00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\
00,00,02,00,98,00,06,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\
05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\
20,02,00,00,00,00,14,00,9d,01,02,00,01,01,00,00,00,00,00,05,04,00,00,00,00,\
00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,06,00,00,00,00,00,14,00,00,01,\
00,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,00,28,00,15,00,00,00,01,06,00,\
00,00,00,00,05,50,00,00,00,49,59,9d,77,91,56,e5,55,dc,f4,e2,0e,a7,8b,eb,ca,\
7b,42,13,56,01,01,00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,\
00,00,00

after that, i can see the security center in the services.msc. but it still can't active automaticly. i change some property of security center. after start my computer, microsoft security essential realtime protection active and turn green. But i still can't make windows update and windows fire wall functional.



PLEASE! i need your help...




Security Check result:



Results of screen317's Security Check version 0.99.49
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java™ 6 Update 33
Java version out of Date!
Adobe Flash Player 11.3.300.271 Flash Player out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox (15.0)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````








Farbar Service Scanner (FSS) result:



Farbar Service Scanner Version: 06-08-2012
Ran by Solomon (administrator) on 02-09-2012 at 20:00:41
Running from "C:\Users\Solomon\Downloads"
Microsoft Windows 7 旗舰版 Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
WAN connected
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


*Moderator Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Queen-Evie*

Edited by Queen-Evie, 02 September 2012 - 09:53 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:44 AM

Posted 02 September 2012 - 09:11 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 04 September 2012 - 05:24 PM

First of all, dear narenxp, thanks for your reply :thumbsup:





next will be the scan result of TDSSkiller


19:55:43.0762 3856 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:55:44.0835 3856 ============================================================
19:55:44.0835 3856 Current date / time: 2012/09/03 19:55:44.0835
19:55:44.0835 3856 SystemInfo:
19:55:44.0835 3856
19:55:44.0835 3856 OS Version: 6.1.7601 ServicePack: 1.0
19:55:44.0835 3856 Product type: Workstation
19:55:44.0835 3856 ComputerName: SOLOMON-PC
19:55:44.0835 3856 UserName: Solomon
19:55:44.0835 3856 Windows directory: C:\Windows
19:55:44.0835 3856 System windows directory: C:\Windows
19:55:44.0835 3856 Running under WOW64
19:55:44.0835 3856 Processor architecture: Intel x64
19:55:44.0835 3856 Number of processors: 2
19:55:44.0835 3856 Page size: 0x1000
19:55:44.0835 3856 Boot type: Normal boot
19:55:44.0835 3856 ============================================================
19:55:47.0772 3856 Drive \Device\Harddisk0\DR0 - Size: 0x24093D6000 (144.14 Gb), SectorSize: 0x200, Cylinders: 0x4980, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:55:47.0960 3856 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB5800 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:55:47.0960 3856 ============================================================
19:55:47.0960 3856 \Device\Harddisk0\DR0:
19:55:47.0968 3856 MBR partitions:
19:55:47.0968 3856 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x6FA8678
19:55:47.0991 3856 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96B9D65, BlocksNum 0x5410A38
19:55:48.0014 3856 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xEACA7DF, BlocksNum 0x357C1A1
19:55:48.0014 3856 \Device\Harddisk1\DR1:
19:55:48.0030 3856 MBR partitions:
19:55:48.0030 3856 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:55:48.0030 3856 ============================================================
19:55:48.0054 3856 C: <-> \Device\Harddisk0\DR0\Partition1
19:55:48.0078 3856 D: <-> \Device\Harddisk0\DR0\Partition2
19:55:48.0133 3856 E: <-> \Device\Harddisk0\DR0\Partition3
19:55:48.0179 3856 I: <-> \Device\Harddisk1\DR1\Partition1
19:55:48.0179 3856 ============================================================
19:55:48.0187 3856 Initialize success
19:55:48.0187 3856 ============================================================
19:56:32.0515 5872 ============================================================
19:56:32.0515 5872 Scan started
19:56:32.0515 5872 Mode: Manual; TDLFS;
19:56:32.0515 5872 ============================================================
19:56:32.0906 5872 ================ Scan system memory ========================
19:56:32.0906 5872 Scan interrupted by user!
19:56:32.0906 5872 ================ Scan services =============================
19:56:32.0906 5872 Scan interrupted by user!
19:56:32.0906 5872 ================ Scan global ===============================
19:56:32.0906 5872 Scan interrupted by user!
19:56:32.0906 5872 ================ Scan MBR ==================================
19:56:32.0906 5872 Scan interrupted by user!
19:56:32.0906 5872 ================ Scan VBR ==================================
19:56:32.0906 5872 Scan interrupted by user!
19:56:32.0906 5872 ============================================================
19:56:32.0906 5872 Scan finished
19:56:32.0906 5872 ============================================================
19:56:32.0922 5448 Detected object count: 0
19:56:32.0922 5448 Actual detected object count: 0
19:56:36.0792 4896 ============================================================
19:56:36.0792 4896 Scan started
19:56:36.0792 4896 Mode: Manual; TDLFS;
19:56:36.0792 4896 ============================================================
19:56:36.0917 4896 ================ Scan system memory ========================
19:56:36.0917 4896 System memory - ok
19:56:36.0917 4896 ================ Scan services =============================
19:56:37.0073 4896 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:56:37.0073 4896 1394ohci - ok
19:56:37.0120 4896 [ 33612AD9C8FC0063808578988316D17D ] 360AntiHacker C:\Windows\system32\Drivers\360AntiHacker64.sys
19:56:37.0120 4896 360AntiHacker - ok
19:56:37.0167 4896 [ A97C4999EC3EC0CC851D78F174E8B66F ] 360Box64 C:\Windows\system32\DRIVERS\360Box64.sys
19:56:37.0167 4896 360Box64 - ok
19:56:37.0229 4896 [ 21392DEABA50A818EC8027A0B59E2611 ] 360FsFlt C:\Windows\system32\DRIVERS\360FsFlt.sys
19:56:37.0229 4896 360FsFlt - ok
19:56:37.0276 4896 [ 81AC25E1C5CA37ECB16F5D6912432458 ] 360netmon C:\Windows\system32\DRIVERS\360netmon.sys
19:56:37.0276 4896 360netmon - ok
19:56:37.0323 4896 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:56:37.0339 4896 ACPI - ok
19:56:37.0386 4896 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:56:37.0386 4896 AcpiPmi - ok
19:56:37.0479 4896 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:37.0479 4896 AdobeARMservice - ok
19:56:37.0526 4896 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:56:37.0526 4896 adp94xx - ok
19:56:37.0573 4896 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:56:37.0573 4896 adpahci - ok
19:56:37.0604 4896 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:56:37.0604 4896 adpu320 - ok
19:56:37.0636 4896 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:37.0636 4896 AeLookupSvc - ok
19:56:37.0698 4896 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:56:37.0698 4896 AFD - ok
19:56:37.0745 4896 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:37.0745 4896 agp440 - ok
19:56:37.0854 4896 [ 853AD8BD8CA940D0F5AC2679A6ED439B ] ALCXWDM C:\Windows\system32\drivers\RTKVAC64.SYS
19:56:37.0964 4896 ALCXWDM - ok
19:56:38.0011 4896 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:56:38.0011 4896 ALG - ok
19:56:38.0042 4896 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:38.0042 4896 aliide - ok
19:56:38.0136 4896 [ A6182AABAA18EC24F267BA2156B0951E ] AlipaySecSvc C:\Program Files (x86)\alipay\alieditplus\AlipaySecSvc.exe
19:56:38.0151 4896 AlipaySecSvc - ok
19:56:38.0214 4896 [ 573B655A56E4B0BF79829D094EF1F03F ] AliveSvc C:\Program Files (x86)\Common Files\alipay\AliveService\AliveService.exe
19:56:38.0214 4896 AliveSvc - ok
19:56:38.0261 4896 [ B5E2434FC851698C1F119CF1C3935A50 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:56:38.0261 4896 AMD External Events Utility - ok
19:56:38.0323 4896 AMD FUEL Service - ok
19:56:38.0370 4896 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:56:38.0370 4896 amdide - ok
19:56:38.0401 4896 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
19:56:38.0401 4896 amdiox64 - ok
19:56:38.0448 4896 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:56:38.0448 4896 AmdK8 - ok
19:56:38.0714 4896 [ 9E3B4946F7E1BCA0B763E19D81EDBF2C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:56:38.0948 4896 amdkmdag - ok
19:56:38.0995 4896 [ B9E1C7B7F1865F99B16FF2E1BB94EDB6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:56:38.0995 4896 amdkmdap - ok
19:56:39.0026 4896 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:56:39.0042 4896 AmdPPM - ok
19:56:39.0089 4896 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:56:39.0104 4896 amdsata - ok
19:56:39.0120 4896 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:56:39.0136 4896 amdsbs - ok
19:56:39.0151 4896 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:56:39.0167 4896 amdxata - ok
19:56:39.0214 4896 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:56:39.0214 4896 AppID - ok
19:56:39.0245 4896 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:56:39.0245 4896 AppIDSvc - ok
19:56:39.0276 4896 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:39.0276 4896 Appinfo - ok
19:56:39.0386 4896 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:56:39.0386 4896 Apple Mobile Device - ok
19:56:39.0432 4896 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:56:39.0432 4896 AppMgmt - ok
19:56:39.0479 4896 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:56:39.0479 4896 arc - ok
19:56:39.0511 4896 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:56:39.0511 4896 arcsas - ok
19:56:39.0557 4896 arifqoav - ok
19:56:39.0573 4896 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:39.0573 4896 AsyncMac - ok
19:56:39.0604 4896 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:39.0604 4896 atapi - ok
19:56:39.0698 4896 ATICDSDr - ok
19:56:39.0745 4896 [ 230CF51113CD4B830B3BFD09B0D4C066 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:56:39.0745 4896 AtiHDAudioService - ok
19:56:39.0979 4896 [ 9E3B4946F7E1BCA0B763E19D81EDBF2C ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:56:40.0057 4896 atikmdag - ok
19:56:40.0104 4896 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:40.0120 4896 AudioEndpointBuilder - ok
19:56:40.0151 4896 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:56:40.0151 4896 AudioSrv - ok
19:56:40.0198 4896 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:56:40.0214 4896 AxInstSV - ok
19:56:40.0276 4896 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:56:40.0276 4896 b06bdrv - ok
19:56:40.0323 4896 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:40.0339 4896 b57nd60a - ok
19:56:40.0386 4896 [ 5D01FBEDD13D8D31396701A6FD0042A3 ] BAPIDRV C:\Windows\System32\Drivers\BAPIDRV64.SYS
19:56:40.0401 4896 BAPIDRV - ok
19:56:40.0432 4896 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:56:40.0432 4896 BDESVC - ok
19:56:40.0448 4896 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:40.0448 4896 Beep - ok
19:56:40.0479 4896 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:40.0479 4896 blbdrive - ok
19:56:40.0573 4896 [ 0F46D2845BD7DDACA52340ECC2B65DA3 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:56:40.0604 4896 Bluetooth Device Monitor - ok
19:56:40.0651 4896 [ 3341DE556EC28252D603277609EEF8BF ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
19:56:40.0698 4896 Bluetooth Media Service - ok
19:56:40.0745 4896 [ 5D5C3EC9BE1107DEDF0FEB55B7F3BD77 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:56:40.0792 4896 Bluetooth OBEX Service - ok
19:56:40.0854 4896 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:40.0854 4896 Bonjour Service - ok
19:56:40.0886 4896 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:40.0901 4896 bowser - ok
19:56:40.0917 4896 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:56:40.0917 4896 BrFiltLo - ok
19:56:40.0948 4896 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:56:40.0948 4896 BrFiltUp - ok
19:56:40.0979 4896 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:56:40.0979 4896 Browser - ok
19:56:41.0011 4896 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:56:41.0011 4896 Brserid - ok
19:56:41.0042 4896 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:41.0042 4896 BrSerWdm - ok
19:56:41.0057 4896 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:41.0057 4896 BrUsbMdm - ok
19:56:41.0073 4896 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:41.0073 4896 BrUsbSer - ok
19:56:41.0136 4896 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:56:41.0136 4896 BthEnum - ok
19:56:41.0151 4896 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:56:41.0151 4896 BTHMODEM - ok
19:56:41.0198 4896 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:56:41.0198 4896 BthPan - ok
19:56:41.0245 4896 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:56:41.0245 4896 BTHPORT - ok
19:56:41.0276 4896 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:56:41.0292 4896 bthserv - ok
19:56:41.0339 4896 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:56:41.0339 4896 BTHUSB - ok
19:56:41.0370 4896 [ AB0A33001FE7EBB209D9D52CED11BE1A ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
19:56:41.0370 4896 btmaux - ok
19:56:41.0401 4896 [ 5BA4C6F82A5CA3307C0579D9F7B36E28 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
19:56:41.0401 4896 btmhsf - ok
19:56:41.0432 4896 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:41.0432 4896 cdfs - ok
19:56:41.0495 4896 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:41.0495 4896 cdrom - ok
19:56:41.0542 4896 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:41.0542 4896 CertPropSvc - ok
19:56:41.0557 4896 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:56:41.0557 4896 circlass - ok
19:56:41.0589 4896 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:56:41.0604 4896 CLFS - ok
19:56:41.0667 4896 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:41.0682 4896 clr_optimization_v2.0.50727_32 - ok
19:56:41.0729 4896 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:41.0729 4896 clr_optimization_v2.0.50727_64 - ok
19:56:41.0792 4896 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:41.0823 4896 clr_optimization_v4.0.30319_32 - ok
19:56:41.0870 4896 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:41.0932 4896 clr_optimization_v4.0.30319_64 - ok
19:56:41.0964 4896 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:41.0964 4896 CmBatt - ok
19:56:41.0995 4896 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:56:41.0995 4896 cmdide - ok
19:56:42.0057 4896 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:56:42.0057 4896 CNG - ok
19:56:42.0073 4896 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:56:42.0073 4896 Compbatt - ok
19:56:42.0120 4896 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:56:42.0120 4896 CompositeBus - ok
19:56:42.0136 4896 COMSysApp - ok
19:56:42.0151 4896 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:56:42.0151 4896 crcdisk - ok
19:56:42.0198 4896 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:42.0232 4896 CryptSvc - ok
19:56:42.0279 4896 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:56:42.0295 4896 CSC - ok
19:56:42.0342 4896 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:56:42.0373 4896 CscService - ok
19:56:42.0435 4896 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:42.0529 4896 DcomLaunch - ok
19:56:42.0576 4896 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:56:42.0576 4896 defragsvc - ok
19:56:42.0623 4896 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:42.0623 4896 DfsC - ok
19:56:42.0685 4896 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:56:42.0685 4896 Dhcp - ok
19:56:42.0732 4896 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:56:42.0732 4896 discache - ok
19:56:42.0763 4896 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:56:42.0763 4896 Disk - ok
19:56:42.0795 4896 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:42.0795 4896 Dnscache - ok
19:56:42.0857 4896 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:42.0857 4896 dot3svc - ok
19:56:42.0888 4896 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:56:42.0904 4896 DPS - ok
19:56:42.0935 4896 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:42.0935 4896 drmkaud - ok
19:56:42.0982 4896 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:43.0045 4896 DXGKrnl - ok
19:56:43.0076 4896 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:43.0092 4896 EapHost - ok
19:56:43.0185 4896 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:56:43.0264 4896 ebdrv - ok
19:56:43.0296 4896 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:56:43.0296 4896 EFS - ok
19:56:43.0343 4896 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:43.0483 4896 ehRecvr - ok
19:56:43.0499 4896 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:56:43.0546 4896 ehSched - ok
19:56:43.0593 4896 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
19:56:43.0593 4896 ElbyCDIO - ok
19:56:43.0655 4896 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:56:43.0655 4896 elxstor - ok
19:56:43.0718 4896 [ F42E7118EBA7A8CB5CAD0BE4013A31B4 ] EncryptedDisk C:\Users\Solomon\AppData\Roaming\Kingsoft\klive\bin\encrypteddisk-x64.sys
19:56:43.0733 4896 EncryptedDisk - ok
19:56:43.0764 4896 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:56:43.0764 4896 ErrDev - ok
19:56:43.0811 4896 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:56:43.0811 4896 EventSystem - ok
19:56:43.0843 4896 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:43.0843 4896 exfat - ok
19:56:43.0874 4896 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:43.0874 4896 fastfat - ok
19:56:43.0936 4896 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:56:43.0952 4896 Fax - ok
19:56:43.0968 4896 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:43.0968 4896 fdc - ok
19:56:43.0983 4896 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:43.0983 4896 fdPHost - ok
19:56:43.0999 4896 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:43.0999 4896 FDResPub - ok
19:56:44.0014 4896 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:44.0014 4896 FileInfo - ok
19:56:44.0030 4896 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:44.0046 4896 Filetrace - ok
19:56:44.0108 4896 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:56:44.0124 4896 FLEXnet Licensing Service - ok
19:56:44.0155 4896 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:44.0155 4896 flpydisk - ok
19:56:44.0202 4896 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:44.0218 4896 FltMgr - ok
19:56:44.0280 4896 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:56:44.0311 4896 FontCache - ok
19:56:44.0358 4896 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:44.0358 4896 FontCache3.0.0.0 - ok
19:56:44.0389 4896 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:56:44.0389 4896 FsDepends - ok
19:56:44.0421 4896 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:44.0421 4896 Fs_Rec - ok
19:56:44.0468 4896 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:56:44.0468 4896 fvevol - ok
19:56:44.0499 4896 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:56:44.0499 4896 gagp30kx - ok
19:56:44.0561 4896 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:56:44.0561 4896 GEARAspiWDM - ok
19:56:44.0624 4896 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:44.0639 4896 gpsvc - ok
19:56:44.0733 4896 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:44.0733 4896 gupdate - ok
19:56:44.0749 4896 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:44.0749 4896 gupdatem - ok
19:56:44.0796 4896 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:56:44.0811 4896 gusvc - ok
19:56:44.0843 4896 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:56:44.0858 4896 hcw85cir - ok
19:56:44.0921 4896 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:44.0921 4896 HdAudAddService - ok
19:56:44.0968 4896 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:44.0968 4896 HDAudBus - ok
19:56:44.0983 4896 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:56:44.0983 4896 HidBatt - ok
19:56:45.0014 4896 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:56:45.0014 4896 HidBth - ok
19:56:45.0030 4896 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:56:45.0030 4896 HidIr - ok
19:56:45.0061 4896 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:56:45.0061 4896 hidserv - ok
19:56:45.0108 4896 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:45.0108 4896 HidUsb - ok
19:56:45.0139 4896 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:45.0139 4896 hkmsvc - ok
19:56:45.0171 4896 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:45.0171 4896 HomeGroupListener - ok
19:56:45.0218 4896 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:45.0218 4896 HomeGroupProvider - ok
19:56:45.0251 4896 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:56:45.0251 4896 HpSAMD - ok
19:56:45.0282 4896 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:56:45.0298 4896 HTCAND64 - ok
19:56:45.0376 4896 [ 5C8BC8A28798FD010E7ABC4E0D588CAA ] HTCMonitorService C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
19:56:45.0376 4896 HTCMonitorService - ok
19:56:45.0407 4896 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
19:56:45.0407 4896 htcnprot - ok
19:56:45.0454 4896 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:45.0485 4896 HTTP - ok
19:56:45.0516 4896 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:56:45.0516 4896 hwpolicy - ok
19:56:45.0579 4896 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:56:45.0579 4896 i8042prt - ok
19:56:45.0641 4896 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:56:45.0641 4896 iaStorV - ok
19:56:45.0688 4896 [ 806422F30DF9CE8307457485779C77B7 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:56:45.0688 4896 iBtFltCoex - ok
19:56:45.0766 4896 [ 51ACB3700A4F32FA5F459120962EBB5C ] ICBC Daemon Service C:\Program Files (x86)\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN64\IcbcDaemon_64.exe
19:56:45.0798 4896 ICBC Daemon Service - ok
19:56:45.0845 4896 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:45.0907 4896 idsvc - ok
19:56:45.0938 4896 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:56:45.0938 4896 iirsp - ok
19:56:46.0016 4896 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:46.0032 4896 IKEEXT - ok
19:56:46.0079 4896 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:46.0079 4896 intelide - ok
19:56:46.0095 4896 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:46.0110 4896 intelppm - ok
19:56:46.0141 4896 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:46.0141 4896 IPBusEnum - ok
19:56:46.0188 4896 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:46.0188 4896 IpFilterDriver - ok
19:56:46.0204 4896 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:56:46.0204 4896 IPMIDRV - ok
19:56:46.0235 4896 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:56:46.0235 4896 IPNAT - ok
19:56:46.0313 4896 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:56:46.0345 4896 iPod Service - ok
19:56:46.0360 4896 irbhgoup - ok
19:56:46.0391 4896 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:46.0391 4896 IRENUM - ok
19:56:46.0423 4896 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:56:46.0423 4896 isapnp - ok
19:56:46.0438 4896 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:56:46.0438 4896 iScsiPrt - ok
19:56:46.0501 4896 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:46.0501 4896 kbdclass - ok
19:56:46.0532 4896 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:46.0548 4896 kbdhid - ok
19:56:46.0563 4896 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:56:46.0563 4896 KeyIso - ok
19:56:46.0595 4896 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:46.0595 4896 KSecDD - ok
19:56:46.0610 4896 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:56:46.0626 4896 KSecPkg - ok
19:56:46.0657 4896 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:56:46.0657 4896 ksthunk - ok
19:56:46.0688 4896 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:46.0704 4896 KtmRm - ok
19:56:46.0751 4896 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:56:46.0766 4896 LanmanServer - ok
19:56:46.0798 4896 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:46.0813 4896 LanmanWorkstation - ok
19:56:46.0845 4896 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:46.0876 4896 lltdio - ok
19:56:46.0923 4896 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:46.0923 4896 lltdsvc - ok
19:56:46.0954 4896 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:46.0954 4896 lmhosts - ok
19:56:46.0985 4896 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:56:46.0985 4896 LSI_FC - ok
19:56:47.0001 4896 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:56:47.0001 4896 LSI_SAS - ok
19:56:47.0016 4896 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:56:47.0032 4896 LSI_SAS2 - ok
19:56:47.0032 4896 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:56:47.0032 4896 LSI_SCSI - ok
19:56:47.0063 4896 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:47.0063 4896 luafv - ok
19:56:47.0110 4896 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:47.0110 4896 Mcx2Svc - ok
19:56:47.0141 4896 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:56:47.0141 4896 megasas - ok
19:56:47.0157 4896 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:56:47.0173 4896 MegaSR - ok
19:56:47.0235 4896 [ C760EE745F4036939433B2D90C5540CF ] METrsptSvr C:\Program Files (x86)\Common Files\Thunder Network\ServiceDlls\AppleAssistant\METrsptSvr.dll
19:56:47.0235 4896 METrsptSvr - ok
19:56:47.0266 4896 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:56:47.0282 4896 MMCSS - ok
19:56:47.0298 4896 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:56:47.0298 4896 Modem - ok
19:56:47.0329 4896 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:47.0329 4896 monitor - ok
19:56:47.0360 4896 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:47.0360 4896 mouclass - ok
19:56:47.0391 4896 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:47.0391 4896 mouhid - ok
19:56:47.0423 4896 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:56:47.0423 4896 mountmgr - ok
19:56:47.0485 4896 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:47.0501 4896 MozillaMaintenance - ok
19:56:47.0548 4896 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:56:47.0548 4896 MpFilter - ok
19:56:47.0579 4896 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:56:47.0595 4896 mpio - ok
19:56:47.0610 4896 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:47.0610 4896 mpsdrv - ok
19:56:47.0657 4896 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:47.0673 4896 MRxDAV - ok
19:56:47.0688 4896 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:47.0704 4896 mrxsmb - ok
19:56:47.0720 4896 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:47.0735 4896 mrxsmb10 - ok
19:56:47.0751 4896 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:47.0751 4896 mrxsmb20 - ok
19:56:47.0798 4896 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:56:47.0798 4896 msahci - ok
19:56:47.0829 4896 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:56:47.0829 4896 msdsm - ok
19:56:47.0845 4896 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:56:47.0860 4896 MSDTC - ok
19:56:47.0891 4896 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:47.0907 4896 Msfs - ok
19:56:47.0907 4896 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:56:47.0907 4896 mshidkmdf - ok
19:56:47.0923 4896 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:56:47.0923 4896 msisadrv - ok
19:56:47.0970 4896 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:47.0970 4896 MSiSCSI - ok
19:56:47.0985 4896 msiserver - ok
19:56:48.0016 4896 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:48.0016 4896 MSKSSRV - ok
19:56:48.0063 4896 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:56:48.0063 4896 MsMpSvc - ok
19:56:48.0079 4896 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:48.0079 4896 MSPCLOCK - ok
19:56:48.0079 4896 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:48.0079 4896 MSPQM - ok
19:56:48.0126 4896 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:48.0157 4896 MsRPC - ok
19:56:48.0188 4896 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:56:48.0204 4896 mssmbios - ok
19:56:48.0235 4896 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:48.0235 4896 MSTEE - ok
19:56:48.0251 4896 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:56:48.0251 4896 MTConfig - ok
19:56:48.0266 4896 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:48.0266 4896 Mup - ok
19:56:48.0329 4896 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:56:48.0329 4896 napagent - ok
19:56:48.0391 4896 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:48.0391 4896 NativeWifiP - ok
19:56:48.0454 4896 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:48.0516 4896 NDIS - ok
19:56:48.0548 4896 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:48.0548 4896 NdisCap - ok
19:56:48.0610 4896 [ 7D570382A76BC329C33ED66051AD452F ] Ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
19:56:48.0610 4896 Ndisrd - ok
19:56:48.0610 4896 [ 7D570382A76BC329C33ED66051AD452F ] NdisrdMP C:\Windows\system32\DRIVERS\ndisrd.sys
19:56:48.0610 4896 NdisrdMP - ok
19:56:48.0641 4896 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:48.0657 4896 NdisTapi - ok
19:56:48.0704 4896 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:48.0704 4896 Ndisuio - ok
19:56:48.0735 4896 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:48.0735 4896 NdisWan - ok
19:56:48.0782 4896 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:48.0782 4896 NDProxy - ok
19:56:48.0798 4896 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:48.0813 4896 NetBIOS - ok
19:56:48.0845 4896 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:56:48.0860 4896 NetBT - ok
19:56:48.0860 4896 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:56:48.0860 4896 Netlogon - ok
19:56:48.0907 4896 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:56:48.0923 4896 Netman - ok
19:56:48.0923 4896 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:56:48.0938 4896 netprofm - ok
19:56:49.0016 4896 [ 53D7442AA919C91D055DBD44635F32B1 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
19:56:49.0048 4896 netr28ux - ok
19:56:49.0095 4896 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:49.0095 4896 NetTcpPortSharing - ok
19:56:49.0141 4896 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:56:49.0141 4896 nfrd960 - ok
19:56:49.0173 4896 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:56:49.0173 4896 NisDrv - ok
19:56:49.0220 4896 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
19:56:49.0220 4896 NisSrv - ok
19:56:49.0266 4896 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:49.0282 4896 NlaSvc - ok
19:56:49.0345 4896 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
19:56:49.0345 4896 nmwcd - ok
19:56:49.0391 4896 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
19:56:49.0391 4896 nmwcdc - ok
19:56:49.0438 4896 [ 697CA586209E022D15DD0C838B235D6A ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
19:56:49.0438 4896 nmwcdnsucx64 - ok
19:56:49.0470 4896 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
19:56:49.0470 4896 nmwcdnsux64 - ok
19:56:49.0501 4896 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:49.0501 4896 Npfs - ok
19:56:49.0548 4896 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:56:49.0548 4896 nsi - ok
19:56:49.0563 4896 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:49.0563 4896 nsiproxy - ok
19:56:49.0641 4896 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:49.0673 4896 Ntfs - ok
19:56:49.0688 4896 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:56:49.0688 4896 Null - ok
19:56:49.0735 4896 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:56:49.0735 4896 nvraid - ok
19:56:49.0766 4896 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:56:49.0766 4896 nvstor - ok
19:56:49.0798 4896 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:56:49.0798 4896 nv_agp - ok
19:56:49.0829 4896 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:56:49.0829 4896 ohci1394 - ok
19:56:49.0923 4896 [ 76804565401FB879AA3C8D3564F5537B ] OnKey Service _ICBC C:\Windows\SysWOW64\D4Ser_ICBC.exe
19:56:49.0923 4896 OnKey Service _ICBC - ok
19:56:49.0954 4896 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:56:49.0954 4896 p2pimsvc - ok
19:56:50.0001 4896 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:50.0001 4896 p2psvc - ok
19:56:50.0048 4896 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:56:50.0048 4896 Parport - ok
19:56:50.0079 4896 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:50.0079 4896 partmgr - ok
19:56:50.0141 4896 [ 6B01917D60EBB4F3E6AF5837EB8BED3E ] PassGuard C:\Windows\system32\drivers\PassGuard_x64.sys
19:56:50.0141 4896 PassGuard - ok
19:56:50.0173 4896 [ 9987ABA0E5DD0D46C95076B157B38C06 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
19:56:50.0173 4896 PassThru Service - ok
19:56:50.0204 4896 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:50.0220 4896 PcaSvc - ok
19:56:50.0268 4896 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:56:50.0268 4896 pccsmcfd - ok
19:56:50.0300 4896 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:56:50.0300 4896 pci - ok
19:56:50.0331 4896 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:56:50.0346 4896 pciide - ok
19:56:50.0378 4896 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:56:50.0378 4896 pcmcia - ok
19:56:50.0393 4896 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:56:50.0393 4896 pcw - ok
19:56:50.0425 4896 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:50.0440 4896 PEAUTH - ok
19:56:50.0518 4896 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:56:50.0550 4896 PeerDistSvc - ok
19:56:50.0596 4896 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:56:50.0596 4896 PerfHost - ok
19:56:50.0659 4896 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:56:50.0706 4896 pla - ok
19:56:50.0753 4896 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:50.0753 4896 PlugPlay - ok
19:56:50.0784 4896 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:56:50.0784 4896 PNRPAutoReg - ok
19:56:50.0800 4896 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:56:50.0815 4896 PNRPsvc - ok
19:56:50.0846 4896 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
19:56:50.0846 4896 Point64 - ok
19:56:50.0878 4896 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:50.0878 4896 PolicyAgent - ok
19:56:50.0925 4896 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:56:50.0925 4896 Power - ok
19:56:50.0971 4896 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:50.0971 4896 PptpMiniport - ok
19:56:50.0987 4896 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:56:50.0987 4896 Processor - ok
19:56:51.0018 4896 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:51.0034 4896 ProfSvc - ok
19:56:51.0050 4896 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:51.0050 4896 ProtectedStorage - ok
19:56:51.0081 4896 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:56:51.0081 4896 Psched - ok
19:56:51.0159 4896 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:56:51.0190 4896 ql2300 - ok
19:56:51.0221 4896 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:56:51.0221 4896 ql40xx - ok
19:56:51.0253 4896 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:56:51.0253 4896 QWAVE - ok
19:56:51.0284 4896 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:51.0284 4896 QWAVEdrv - ok
19:56:51.0300 4896 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:51.0300 4896 RasAcd - ok
19:56:51.0331 4896 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:51.0331 4896 RasAgileVpn - ok
19:56:51.0346 4896 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:56:51.0346 4896 RasAuto - ok
19:56:51.0378 4896 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:51.0378 4896 Rasl2tp - ok
19:56:51.0409 4896 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:56:51.0425 4896 RasMan - ok
19:56:51.0440 4896 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:51.0456 4896 RasPppoe - ok
19:56:51.0471 4896 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:51.0471 4896 RasSstp - ok
19:56:51.0487 4896 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:51.0503 4896 rdbss - ok
19:56:51.0534 4896 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:51.0534 4896 rdpbus - ok
19:56:51.0550 4896 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:51.0550 4896 RDPCDD - ok
19:56:51.0581 4896 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:56:51.0596 4896 RDPDR - ok
19:56:51.0612 4896 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:51.0612 4896 RDPENCDD - ok
19:56:51.0628 4896 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:56:51.0628 4896 RDPREFMP - ok
19:56:51.0706 4896 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:56:51.0721 4896 RdpVideoMiniport - ok
19:56:51.0800 4896 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:51.0800 4896 RDPWD - ok
19:56:51.0862 4896 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:56:51.0878 4896 rdyboost - ok
19:56:51.0909 4896 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:51.0909 4896 RemoteAccess - ok
19:56:51.0940 4896 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:51.0940 4896 RemoteRegistry - ok
19:56:51.0987 4896 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:56:51.0987 4896 RFCOMM - ok
19:56:52.0018 4896 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:56:52.0018 4896 RpcEptMapper - ok
19:56:52.0050 4896 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:56:52.0050 4896 RpcLocator - ok
19:56:52.0096 4896 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:56:52.0096 4896 RpcSs - ok
19:56:52.0128 4896 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:52.0143 4896 rspndr - ok
19:56:52.0175 4896 [ 97B6D72C82B2632B3D1AD60DDAC38D46 ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
19:56:52.0175 4896 RTL8023x64 - ok
19:56:52.0221 4896 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:56:52.0221 4896 s3cap - ok
19:56:52.0237 4896 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:56:52.0237 4896 SamSs - ok
19:56:52.0253 4896 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:56:52.0253 4896 sbp2port - ok
19:56:52.0284 4896 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:52.0284 4896 SCardSvr - ok
19:56:52.0331 4896 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:56:52.0331 4896 scfilter - ok
19:56:52.0378 4896 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:56:52.0409 4896 Schedule - ok
19:56:52.0456 4896 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:52.0456 4896 SCPolicySvc - ok
19:56:52.0487 4896 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:52.0487 4896 SDRSVC - ok
19:56:52.0518 4896 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:56:52.0518 4896 secdrv - ok
19:56:52.0550 4896 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:56:52.0550 4896 seclogon - ok
19:56:52.0581 4896 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:56:52.0581 4896 SENS - ok
19:56:52.0612 4896 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:56:52.0612 4896 SensrSvc - ok
19:56:52.0628 4896 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:56:52.0643 4896 Serenum - ok
19:56:52.0643 4896 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:56:52.0643 4896 Serial - ok
19:56:52.0690 4896 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:56:52.0690 4896 sermouse - ok
19:56:52.0784 4896 [ C15B813F2FDB44F87F23312472C6E790 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
19:56:52.0815 4896 ServiceLayer - ok
19:56:52.0846 4896 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:52.0862 4896 SessionEnv - ok
19:56:52.0893 4896 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:56:52.0893 4896 sffdisk - ok
19:56:52.0909 4896 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:56:52.0909 4896 sffp_mmc - ok
19:56:52.0925 4896 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:56:52.0925 4896 sffp_sd - ok
19:56:52.0940 4896 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:56:52.0956 4896 sfloppy - ok
19:56:52.0987 4896 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:52.0987 4896 SharedAccess - ok
19:56:53.0034 4896 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:53.0034 4896 ShellHWDetection - ok
19:56:53.0065 4896 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:56:53.0065 4896 SiSRaid2 - ok
19:56:53.0081 4896 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:56:53.0081 4896 SiSRaid4 - ok
19:56:53.0159 4896 [ 579BA0A911FF5EA70CB604CD3B744B0A ] SkypeUpdate D:\program files\skype\Updater\Updater.exe
19:56:53.0159 4896 SkypeUpdate - ok
19:56:53.0190 4896 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:53.0190 4896 Smb - ok
19:56:53.0237 4896 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:53.0237 4896 SNMPTRAP - ok
19:56:53.0253 4896 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:53.0253 4896 spldr - ok
19:56:53.0315 4896 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:56:53.0331 4896 Spooler - ok
19:56:53.0456 4896 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:56:53.0534 4896 sppsvc - ok
19:56:53.0565 4896 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:56:53.0565 4896 sppuinotify - ok
19:56:53.0628 4896 [ DFC4E2081324E505CA479E473A78D893 ] sptd C:\Windows\System32\Drivers\sptd.sys
19:56:53.0643 4896 sptd - ok
19:56:53.0675 4896 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:53.0675 4896 srv - ok
19:56:53.0706 4896 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:53.0721 4896 srv2 - ok
19:56:53.0753 4896 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:53.0753 4896 srvnet - ok
19:56:53.0800 4896 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:53.0800 4896 SSDPSRV - ok
19:56:53.0815 4896 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:53.0815 4896 SstpSvc - ok
19:56:53.0846 4896 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:56:53.0846 4896 stexstor - ok
19:56:53.0893 4896 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:53.0909 4896 stisvc - ok
19:56:53.0940 4896 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:56:53.0940 4896 storflt - ok
19:56:53.0971 4896 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:56:53.0971 4896 storvsc - ok
19:56:54.0003 4896 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:56:54.0003 4896 swenum - ok
19:56:54.0034 4896 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:56:54.0050 4896 swprv - ok
19:56:54.0050 4896 Synth3dVsc - ok
19:56:54.0128 4896 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:56:54.0198 4896 SysMain - ok
19:56:54.0237 4896 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:54.0253 4896 TabletInputService - ok
19:56:54.0277 4896 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:54.0301 4896 TapiSrv - ok
19:56:54.0340 4896 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:56:54.0347 4896 TBS - ok
19:56:54.0394 4896 TcHardWare - ok
19:56:54.0449 4896 tcphoc - ok
19:56:54.0519 4896 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:54.0566 4896 Tcpip - ok
19:56:54.0707 4896 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:54.0762 4896 TCPIP6 - ok
19:56:54.0808 4896 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:54.0808 4896 tcpipreg - ok
19:56:54.0847 4896 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:54.0847 4896 TDPIPE - ok
19:56:54.0879 4896 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:54.0887 4896 TDTCP - ok
19:56:54.0926 4896 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:54.0926 4896 tdx - ok
19:56:54.0957 4896 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:56:54.0957 4896 TermDD - ok
19:56:55.0012 4896 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:56:55.0043 4896 TermService - ok
19:56:55.0058 4896 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:56:55.0066 4896 Themes - ok
19:56:55.0097 4896 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:55.0097 4896 THREADORDER - ok
19:56:55.0121 4896 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:56:55.0129 4896 TrkWks - ok
19:56:55.0191 4896 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:55.0191 4896 TrustedInstaller - ok
19:56:55.0230 4896 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:55.0230 4896 tssecsrv - ok
19:56:55.0277 4896 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:56:55.0277 4896 TsUsbFlt - ok
19:56:55.0293 4896 tsusbhub - ok
19:56:55.0324 4896 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:55.0332 4896 tunnel - ok
19:56:55.0347 4896 twqqglsr - ok
19:56:55.0371 4896 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:56:55.0371 4896 uagp35 - ok
19:56:55.0418 4896 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:55.0418 4896 udfs - ok
19:56:55.0457 4896 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:55.0457 4896 UI0Detect - ok
19:56:55.0496 4896 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:56:55.0496 4896 uliagpkx - ok
19:56:55.0527 4896 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:56:55.0527 4896 umbus - ok
19:56:55.0551 4896 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:56:55.0551 4896 UmPass - ok
19:56:55.0590 4896 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:56:55.0597 4896 UmRdpService - ok
19:56:55.0652 4896 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:56:55.0660 4896 upnphost - ok
19:56:55.0715 4896 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:56:55.0715 4896 upperdev - ok
19:56:55.0746 4896 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:56:55.0746 4896 USBAAPL64 - ok
19:56:55.0777 4896 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:55.0777 4896 usbccgp - ok
19:56:55.0824 4896 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:56:55.0824 4896 usbcir - ok
19:56:55.0847 4896 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:56:55.0847 4896 usbehci - ok
19:56:55.0887 4896 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:56:55.0894 4896 usbhub - ok
19:56:55.0902 4896 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:56:55.0910 4896 usbohci - ok
19:56:55.0933 4896 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:55.0933 4896 usbprint - ok
19:56:55.0972 4896 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
19:56:55.0972 4896 usbser - ok
19:56:56.0012 4896 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
19:56:56.0019 4896 UsbserFilt - ok
19:56:56.0035 4896 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:56.0043 4896 USBSTOR - ok
19:56:56.0058 4896 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:56.0058 4896 usbuhci - ok
19:56:56.0082 4896 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:56:56.0090 4896 UxSms - ok
19:56:56.0097 4896 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:56:56.0097 4896 VaultSvc - ok
19:56:56.0152 4896 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
19:56:56.0152 4896 VClone - ok
19:56:56.0183 4896 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:56:56.0183 4896 vdrvroot - ok
19:56:56.0222 4896 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:56:56.0238 4896 vds - ok
19:56:56.0277 4896 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:56.0285 4896 vga - ok
19:56:56.0308 4896 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:56.0308 4896 VgaSave - ok
19:56:56.0332 4896 VGPU - ok
19:56:56.0355 4896 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:56:56.0355 4896 vhdmp - ok
19:56:56.0394 4896 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:56:56.0394 4896 viaide - ok
19:56:56.0410 4896 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:56:56.0410 4896 vmbus - ok
19:56:56.0433 4896 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:56:56.0433 4896 VMBusHID - ok
19:56:56.0449 4896 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:56:56.0457 4896 volmgr - ok
19:56:56.0496 4896 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:56.0496 4896 volmgrx - ok
19:56:56.0527 4896 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:56:56.0527 4896 volsnap - ok
19:56:56.0574 4896 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys
19:56:56.0574 4896 vpcbus - ok
19:56:56.0621 4896 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys
19:56:56.0621 4896 vpcnfltr - ok
19:56:56.0668 4896 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys
19:56:56.0668 4896 vpcusb - ok
19:56:56.0683 4896 [ 63F4E10873BEB4124028C6D1A66B0968 ] vpcuxd C:\Windows\system32\DRIVERS\vpcuxd.sys
19:56:56.0699 4896 vpcuxd - ok
19:56:56.0746 4896 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys
19:56:56.0762 4896 vpcvmm - ok
19:56:56.0808 4896 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:56:56.0808 4896 vsmraid - ok
19:56:56.0871 4896 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:56:56.0918 4896 VSS - ok
19:56:56.0965 4896 [ E6CB71665C410D6CC3D44E796835CE32 ] vvftav C:\Windows\system32\drivers\vvftav.sys
19:56:56.0965 4896 vvftav - ok
19:56:56.0980 4896 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:56:56.0980 4896 vwifibus - ok
19:56:56.0996 4896 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:56:56.0996 4896 vwififlt - ok
19:56:57.0027 4896 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:56:57.0027 4896 vwifimp - ok
19:56:57.0058 4896 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:56:57.0074 4896 W32Time - ok
19:56:57.0105 4896 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:56:57.0105 4896 WacomPen - ok
19:56:57.0137 4896 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:56:57.0152 4896 WANARP - ok
19:56:57.0168 4896 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:57.0168 4896 Wanarpv6 - ok
19:56:57.0230 4896 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:56:57.0262 4896 WatAdminSvc - ok
19:56:57.0326 4896 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:56:57.0373 4896 wbengine - ok
19:56:57.0420 4896 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:56:57.0420 4896 WbioSrvc - ok
19:56:57.0467 4896 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:57.0467 4896 wcncsvc - ok
19:56:57.0498 4896 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:57.0498 4896 WcsPlugInService - ok
19:56:57.0529 4896 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:56:57.0529 4896 Wd - ok
19:56:57.0560 4896 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:57.0576 4896 Wdf01000 - ok
19:56:57.0592 4896 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:57.0607 4896 WdiServiceHost - ok
19:56:57.0607 4896 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:57.0607 4896 WdiSystemHost - ok
19:56:57.0654 4896 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:56:57.0654 4896 WebClient - ok
19:56:57.0685 4896 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:57.0685 4896 Wecsvc - ok
19:56:57.0701 4896 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:57.0701 4896 wercplsupport - ok
19:56:57.0748 4896 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:57.0748 4896 WerSvc - ok
19:56:57.0779 4896 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:57.0779 4896 WfpLwf - ok
19:56:57.0810 4896 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:56:57.0810 4896 WIMMount - ok
19:56:57.0826 4896 WinHttpAutoProxySvc - ok
19:56:57.0873 4896 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:57.0873 4896 Winmgmt - ok
19:56:57.0951 4896 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:57.0998 4896 WinRM - ok
19:56:58.0060 4896 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:58.0060 4896 WinUsb - ok
19:56:58.0107 4896 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:58.0138 4896 Wlansvc - ok
19:56:58.0279 4896 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:58.0326 4896 wlidsvc - ok
19:56:58.0357 4896 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:56:58.0357 4896 WmiAcpi - ok
19:56:58.0404 4896 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:58.0451 4896 wmiApSrv - ok
19:56:58.0498 4896 WMPNetworkSvc - ok
19:56:58.0513 4896 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:58.0513 4896 WPCSvc - ok
19:56:58.0560 4896 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:58.0560 4896 WPDBusEnum - ok
19:56:58.0592 4896 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:58.0592 4896 ws2ifsl - ok
19:56:58.0638 4896 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:56:58.0638 4896 wscsvc - ok
19:56:58.0654 4896 WSearch - ok
19:56:58.0748 4896 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:58.0810 4896 wuauserv - ok
19:56:58.0826 4896 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:56:58.0826 4896 WudfPf - ok
19:56:58.0873 4896 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:58.0873 4896 WUDFRd - ok
19:56:58.0904 4896 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:58.0920 4896 wudfsvc - ok
19:56:58.0951 4896 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:56:58.0951 4896 WwanSvc - ok
19:56:59.0029 4896 [ 11DA6ACBBA70A57BA0421CB6F3789306 ] XLServicePlatform C:\Program Files (x86)\Common Files\Thunder Network\ServicePlatform\XLSP.dll
19:56:59.0029 4896 XLServicePlatform - ok
19:56:59.0170 4896 [ 3258E387644B0F298C2CC070C4D133AD ] ZhuDongFangYu C:\Program Files (x86)\360\360Safe\deepscan\zhudongfangyu.exe
19:56:59.0185 4896 ZhuDongFangYu - ok
19:56:59.0248 4896 [ C48A0F1DF0DBA60010748DEC8CC886B4 ] ZSMC0305 C:\Windows\system32\Drivers\usbVM305.sys
19:56:59.0295 4896 ZSMC0305 - ok
19:56:59.0326 4896 ================ Scan global ===============================
19:56:59.0342 4896 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:56:59.0373 4896 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:56:59.0388 4896 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:56:59.0420 4896 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:56:59.0467 4896 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:56:59.0467 4896 [Global] - ok
19:56:59.0482 4896 ================ Scan MBR ==================================
19:56:59.0498 4896 [ 04EFDDD28195BA6884C7BF141846C1B4 ] \Device\Harddisk0\DR0
19:56:59.0646 4896 \Device\Harddisk0\DR0 - ok
19:56:59.0685 4896 [ 817792032805883B7055DAF92CDBA858 ] \Device\Harddisk1\DR1
19:57:00.0193 4896 \Device\Harddisk1\DR1 - ok
19:57:00.0193 4896 ================ Scan VBR ==================================
19:57:00.0201 4896 [ 7CBC1327F750EBEC2EA13D4A909E995D ] \Device\Harddisk0\DR0\Partition1
19:57:00.0209 4896 \Device\Harddisk0\DR0\Partition1 - ok
19:57:00.0217 4896 [ 422C9DE3C5515805296ADF37E2CF94F4 ] \Device\Harddisk0\DR0\Partition2
19:57:00.0240 4896 \Device\Harddisk0\DR0\Partition2 - ok
19:57:00.0279 4896 [ 0CB98ADB6CBB48D5C3AB0AF6353814EA ] \Device\Harddisk0\DR0\Partition3
19:57:00.0279 4896 \Device\Harddisk0\DR0\Partition3 - ok
19:57:00.0287 4896 [ A2719A212729CAF1F514BAA35AD4015E ] \Device\Harddisk1\DR1\Partition1
19:57:00.0287 4896 \Device\Harddisk1\DR1\Partition1 - ok
19:57:00.0287 4896 ============================================================
19:57:00.0287 4896 Scan finished
19:57:00.0287 4896 ============================================================
19:57:00.0304 6028 Detected object count: 0
19:57:00.0304 6028 Actual detected object count: 0









scan result of aswMBR



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-03 20:00:05
-----------------------------
20:00:05.482 OS Version: Windows x64 6.1.7601 Service Pack 1
20:00:05.482 Number of processors: 2 586 0x6B02
20:00:05.482 ComputerName: SOLOMON-PC UserName: Solomon
20:00:22.544 Initialize success
20:11:04.004 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:11:04.004 Disk 0 Vendor: ST3160812AS 3.AAE Size: 147603MB BusType: 3
20:11:04.019 Disk 0 MBR read successfully
20:11:04.019 Disk 0 MBR scan
20:11:04.035 Disk 0 unknown MBR code
20:11:04.035 Disk 0 Partition 1 00 83 Linux 20000 MB offset 2048
20:11:04.051 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 57168 MB offset 40965750
20:11:04.066 Disk 0 Partition 3 00 82 Linux swap 6 MB offset 302279040
20:11:04.082 Disk 0 Partition - 00 0F Extended LBA 70425 MB offset 158047587
20:11:04.097 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 43041 MB offset 158047589
20:11:04.097 Disk 0 Partition - 00 05 Extended 27384 MB offset 246196125
20:11:04.113 Disk 0 Partition 5 00 07 HPFS/NTFS NTFS 27384 MB offset 246196191
20:11:04.144 Disk 0 scanning C:\Windows\system32\drivers
20:11:15.435 Service scanning
20:11:33.573 Modules scanning
20:11:33.573 Disk 0 trace - called modules:
20:11:33.589 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80021d02c0]<<sptd.sys ataport.SYS viaide.sys PCIIDEX.SYS hal.dll atapi.sys
20:11:33.589 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800280a060]
20:11:33.604 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa80022b5520]
20:11:33.604 5 ACPI.sys[fffff8800100b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80022b7060]
20:11:33.620 \Driver\atapi[0xfffffa80022a2c60] -> IRP_MJ_CREATE -> 0xfffffa80021d02c0
20:11:33.620 Scan finished successfully
20:11:57.672 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
20:11:57.679 The log file has been saved successfully to "C:\aswMBR.txt"









detail of file "MBR.dat"


隿愋? |幚庁? |? ? h他? 骄€~ | ?兣怦?圴 U艶艶  鷲愽聙u瞼闥| 1 € 鷲愽聙t雎pt瞼陏| 1缼貛屑 麪d|<t埪R?€'t緢}??|碅华U?ZRr=侞U猽7冡t21缐D@圖塂? f?\|f塡f?`|f塡 荄 p碆?r? p雟??s
雎€勑 緭}閭 f镀坉@f塂堆菱堣堲@塂堵黎f?f|f 纔Nf|f1襢?堁1襢鱰;D}7埮0懒?翀衂埰? p幟1鄹?r屆`? 庅1隹 €幤?a&Z|編}?緷}? 劲}? ?膻GRUB Geom Hard Disk Read Error
? ??? u裘وو? ! 凗  ?q€??vqx嗿 ?傼€i05 ??c漦 虡U?






still waiting the result of ESET online scanner ...

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:44 AM

Posted 04 September 2012 - 05:41 PM

Will wait for ESET log

Edited by narenxp, 04 September 2012 - 05:44 PM.


#5 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 05 September 2012 - 07:50 AM

result of ESET online scanner ...

C:\Users\Solomon\Downloads\Temple Run Brave v1.0.apk.exe Win32/InstallMate.D application cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:44 AM

Posted 05 September 2012 - 08:05 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 07 September 2012 - 11:18 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Solomon (administrator) on 07-09-2012 at 23:41:14
Microsoft Windows 7 旗舰版 Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP 配置

已成功刷新 DNS 解析缓存。

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = 本地连接 (Connected)


#========================
# IPv4 配置
#========================
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# IPv4 配置结束



Windows IP 配置

主机名 . . . . . . . . . . . . . : Solomon-PC
主 DNS 后缀 . . . . . . . . . . . :
节点类型 . . . . . . . . . . . . : 混合
IP 路由已启用 . . . . . . . . . . : 否
WINS 代理已启用 . . . . . . . . . : 否

以太网适配器 本地连接:

连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
物理地址. . . . . . . . . . . . . : 00-19-21-40-3A-A6
DHCP 已启用 . . . . . . . . . . . : 是
自动配置已启用. . . . . . . . . . : 是
本地链接 IPv6 地址. . . . . . . . : fe80::c845:f8de:1a7c:223a%10(首选)
IPv4 地址 . . . . . . . . . . . . : 192.168.1.103(首选)
子网掩码 . . . . . . . . . . . . : 255.255.255.0
获得租约的时间 . . . . . . . . . : 2012年9月7日 22:57:45
租约过期的时间 . . . . . . . . . : 2012年9月8日 0:57:45
默认网关. . . . . . . . . . . . . : 192.168.1.1
DHCP 服务器 . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234887457
DHCPv6 客户端 DUID . . . . . . . : 00-01-00-01-16-68-03-03-00-19-21-40-3A-A6
DNS 服务器 . . . . . . . . . . . : 192.168.1.1
TCPIP 上的 NetBIOS . . . . . . . : 已启用

隧道适配器 isatap.{7138CCA0-03B8-4677-839F-6C319FB15B2D}:

媒体状态 . . . . . . . . . . . . : 媒体已断开
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是

隧道适配器 Teredo Tunneling Pseudo-Interface:

媒体状态 . . . . . . . . . . . . : 媒体已断开
连接特定的 DNS 后缀 . . . . . . . :
描述. . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
物理地址. . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP 已启用 . . . . . . . . . . . : 否
自动配置已启用. . . . . . . . . . : 是
服务器: bogon
Address: 192.168.1.1

名称: google.com
Addresses: 2404:6800:4005:c00::66
74.125.128.113
74.125.128.138
74.125.128.139
74.125.128.100
74.125.128.101
74.125.128.102


正在 Ping google.com [74.125.128.102] 具有 32 字节的数据:
来自 74.125.128.102 的回复: 字节=32 时间=150ms TTL=45
来自 74.125.128.102 的回复: 字节=32 时间=177ms TTL=45

74.125.128.102 的 Ping 统计信息:
数据包: 已发送 = 2,已接收 = 2,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
最短 = 150ms,最长 = 177ms,平均 = 163ms
服务器: bogon
Address: 192.168.1.1

名称: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


正在 Ping yahoo.com [98.138.253.109] 具有 32 字节的数据:
来自 98.138.253.109 的回复: 字节=32 时间=755ms TTL=40
来自 98.138.253.109 的回复: 字节=32 时间=1079ms TTL=40

98.138.253.109 的 Ping 统计信息:
数据包: 已发送 = 2,已接收 = 2,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
最短 = 755ms,最长 = 1079ms,平均 = 917ms
服务器: bogon
Address: 192.168.1.1

名称: bleepingcomputer.com
Address: 208.43.87.2


正在 Ping bleepingcomputer.com [208.43.87.2] 具有 32 字节的数据:
来自 208.43.87.2 的回复: 无法访问目标主机。
来自 208.43.87.2 的回复: 无法访问目标主机。

208.43.87.2 的 Ping 统计信息:
数据包: 已发送 = 2,已接收 = 2,丢失 = 0 (0% 丢失),

正在 Ping 127.0.0.1 具有 32 字节的数据:
来自 127.0.0.1 的回复: 字节=32 时间<1ms TTL=128
来自 127.0.0.1 的回复: 字节=32 时间<1ms TTL=128

127.0.0.1 的 Ping 统计信息:
数据包: 已发送 = 2,已接收 = 2,丢失 = 0 (0% 丢失),
往返行程的估计时间(以毫秒为单位):
最短 = 0ms,最长 = 0ms,平均 = 0ms
===========================================================================
接口列表
10...00 19 21 40 3a a6 ......Realtek RTL8139/810x Family Fast Ethernet NIC
1...........................Software Loopback Interface 1
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
21...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 路由表
===========================================================================
活动路由:
网络目标 网络掩码 网关 接口 跃点数
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 20
127.0.0.0 255.0.0.0 在链路上 127.0.0.1 306
127.0.0.1 255.255.255.255 在链路上 127.0.0.1 306
127.255.255.255 255.255.255.255 在链路上 127.0.0.1 306
192.168.1.0 255.255.255.0 在链路上 192.168.1.103 276
192.168.1.103 255.255.255.255 在链路上 192.168.1.103 276
192.168.1.255 255.255.255.255 在链路上 192.168.1.103 276
224.0.0.0 240.0.0.0 在链路上 127.0.0.1 306
224.0.0.0 240.0.0.0 在链路上 192.168.1.103 276
255.255.255.255 255.255.255.255 在链路上 127.0.0.1 306
255.255.255.255 255.255.255.255 在链路上 192.168.1.103 276
===========================================================================
永久路由:


IPv6 路由表
===========================================================================
活动路由:
如果跃点数网络目标 网关
1 306 ::1/128 在链路上
10 276 fe80::/64 在链路上
10 276 fe80::c845:f8de:1a7c:223a/128
在链路上
1 306 ff00::/8 在链路上
10 276 ff00::/8 在链路上
===========================================================================
永久路由:

========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 10 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.7.dll [100368] (Thunder Networking Technologies,LTD)
Catalog9 02 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.7.dll [100368] (Thunder Networking Technologies,LTD)
Catalog9 03 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.7.dll [100368] (Thunder Networking Technologies,LTD)
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 C:\Program Files (x86)\Common Files\Thunder Network\NetMon\net_monitor2.0.2.7.dll [100368] (Thunder Networking Technologies,LTD)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 10 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/07/2012 11:21:03 PM) (Source: RasClient) (User: )
Description: CoId={24EB6EBC-383A-48BB-BDC5-064992F5D25C}: 用户 Solomon-PC\Solomon 已进行名为 My Default VPN 的拨号连接,该连接已失败。失败后返回的错误代码为 800。

Error: (09/07/2012 10:17:06 PM) (Source: Google Update) (User: Solomon-PC)Solomon-PC
Description: Network Request Error.
Error: 0x80072ee2. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2

Error: (09/07/2012 08:54:10 PM) (Source: Google Update) (User: Solomon-PC)Solomon-PC
Description: Network Request Error.
Error: 0x80072ee2. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2

Error: (09/06/2012 11:26:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47516

Error: (09/06/2012 11:26:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47516

Error: (09/06/2012 11:26:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/06/2012 11:26:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31891

Error: (09/06/2012 11:26:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31891

Error: (09/06/2012 11:26:16 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/06/2012 11:26:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15703


System errors:
=============
Error: (09/07/2012 11:21:19 PM) (Source: Service Control Manager) (User: )
Description: 与 HomeGroup Provider 服务相依的 Function Discovery Resource Publication 服务因下列错误而无法启动:
%%-2147024891

Error: (09/07/2012 11:21:19 PM) (Source: Service Control Manager) (User: )
Description: Function Discovery Resource Publication 服务因下列错误而停止:
%%-2147024891

Error: (09/07/2012 11:18:53 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: 生成以下严重警告: 10。内部错误状态为 10。

Error: (09/07/2012 11:18:53 PM) (Source: RasSstp) (User: )
Description: CoId={24EB6EBC-383A-48BB-BDC5-064992F5D25C}: 无法将初始的安全套接字隧道协议请求成功发送到服务器。这可能是因为网络连接问题或证书(信任)问题。下面提供了详细的错误消息。请更正此问题,然后重试。

给函数提供的标志无效

Error: (09/07/2012 11:13:53 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 试图更新签名时遇到错误。

新建签名版本:

上一个签名版本: 1.135.323.0

更新源: %NT AUTHORITY59

更新阶段: 4.0.1526.00

源路径: 4.0.1526.01

签名类型: %NT AUTHORITY602

更新类型: %NT AUTHORITY604

用户: NT AUTHORITY\SYSTEM

当前引擎版本: %NT AUTHORITY605

上一个引擎版本: %NT AUTHORITY606

错误代码: %NT AUTHORITY607

错误描述: %NT AUTHORITY608

Error: (09/07/2012 11:13:52 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 试图更新签名时遇到错误。

新建签名版本:

上一个签名版本: 1.135.323.0

更新源: %NT AUTHORITY59

更新阶段: 4.0.1526.00

源路径: 4.0.1526.01

签名类型: %NT AUTHORITY602

更新类型: %NT AUTHORITY604

用户: NT AUTHORITY\SYSTEM

当前引擎版本: %NT AUTHORITY605

上一个引擎版本: %NT AUTHORITY606

错误代码: %NT AUTHORITY607

错误描述: %NT AUTHORITY608

Error: (09/07/2012 10:58:26 PM) (Source: Service Control Manager) (User: )
Description: 与 HomeGroup Provider 服务相依的 Function Discovery Resource Publication 服务因下列错误而无法启动:
%%-2147024891

Error: (09/07/2012 10:58:26 PM) (Source: Service Control Manager) (User: )
Description: Function Discovery Resource Publication 服务因下列错误而停止:
%%-2147024891

Error: (09/07/2012 10:57:57 PM) (Source: Service Control Manager) (User: )
Description: IPsec Policy Agent 服务依赖下列服务: BFE。这个服务可能不会安装。

Error: (09/07/2012 10:57:55 PM) (Source: Service Control Manager) (User: )
Description: IKE and AuthIP IPsec Keying Modules 服务依赖下列服务: BFE。这个服务可能不会安装。


Microsoft Office Sessions:
=========================
Error: (09/07/2012 11:21:03 PM) (Source: RasClient)(User: )
Description: {24EB6EBC-383A-48BB-BDC5-064992F5D25C}Solomon-PC\SolomonMy Default VPN800

Error: (09/07/2012 10:17:06 PM) (Source: Google Update)(User: Solomon-PC)Solomon-PC
Description: Network Request Error.
Error: 0x80072ee2. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2

Error: (09/07/2012 08:54:10 PM) (Source: Google Update)(User: Solomon-PC)Solomon-PC
Description: Network Request Error.
Error: 0x80072ee2. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee2

Error: (09/06/2012 11:26:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47516

Error: (09/06/2012 11:26:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47516

Error: (09/06/2012 11:26:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/06/2012 11:26:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31891

Error: (09/06/2012 11:26:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31891

Error: (09/06/2012 11:26:16 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/06/2012 11:26:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15703


=========================== Installed Programs ============================

360安全卫士 (Version: 8.7.0.2001)
360手机助手 (Version: 1.7.0.1715)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) - Chinese Simplified (Version: 10.1.4)
AliveService 1.0.4.0 (Version: 1.0.4.0)
AMD APP SDK Runtime (Version: 10.0.851.4)
AMD Catalyst Install Manager (Version: 3.0.859.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2011.1205.2215.39827)
AMD Media Foundation Decoders (Version: 1.0.61205.2219)
AMD VISION Engine Control Center (Version: 2011.1205.2215.39827)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Bitcoin (Version: 0.5.2)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2007.0613.1506.25058)
Catalyst Control Center Graphics Full Existing (Version: 2007.0613.1506.25058)
Catalyst Control Center Graphics Full New (Version: 2007.0613.1506.25058)
Catalyst Control Center Graphics Light (Version: 2007.0613.1506.25058)
Catalyst Control Center Graphics Previews Common (Version: 2007.0613.1506.25058)
Catalyst Control Center Graphics Previews Common (Version: 2011.1205.2215.39827)
Catalyst Control Center InstallProxy (Version: 2011.1205.2215.39827)
Catalyst Control Center Localization All (Version: 2011.1205.2215.39827)
ccc-utility64 (Version: 2007.0613.1506.25058)
ccc-utility64 (Version: 2011.1205.2215.39827)
CCC Help Chinese Standard (Version: 2011.1205.2214.39827)
CCC Help Chinese Traditional (Version: 2011.1205.2214.39827)
CCC Help Czech (Version: 2011.1205.2214.39827)
CCC Help Danish (Version: 2011.1205.2214.39827)
CCC Help Dutch (Version: 2011.1205.2214.39827)
CCC Help English (Version: 2007.0613.1505.25058)
CCC Help English (Version: 2011.1205.2214.39827)
CCC Help Finnish (Version: 2011.1205.2214.39827)
CCC Help French (Version: 2011.1205.2214.39827)
CCC Help German (Version: 2011.1205.2214.39827)
CCC Help Greek (Version: 2011.1205.2214.39827)
CCC Help Hungarian (Version: 2011.1205.2214.39827)
CCC Help Italian (Version: 2011.1205.2214.39827)
CCC Help Japanese (Version: 2011.1205.2214.39827)
CCC Help Korean (Version: 2011.1205.2214.39827)
CCC Help Norwegian (Version: 2011.1205.2214.39827)
CCC Help Polish (Version: 2011.1205.2214.39827)
CCC Help Portuguese (Version: 2011.1205.2214.39827)
CCC Help Russian (Version: 2011.1205.2214.39827)
CCC Help Spanish (Version: 2011.1205.2214.39827)
CCC Help Swedish (Version: 2011.1205.2214.39827)
CCC Help Thai (Version: 2011.1205.2214.39827)
CCC Help Turkish (Version: 2011.1205.2214.39827)
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
Facebook Messenger 2.1.4623.0 (Version: 2.1.4623.0)
ffdshow v1.1.3892 [2011-06-20] (Version: 1.1.3892.0)
Google Chrome (Version: 21.0.1180.89)
Google Update Helper (Version: 1.3.21.115)
Google 地球 (Version: 6.2.2.6613)
Homeworld2
HTC Driver Installer (Version: 3.0.0.023)
HTC Sync Manager (Version: 1.0.39.1)
icbc_netbank_client_controls (Version: 2010.11.17.0)
ICQ7.7 (Version: 7.7)
InfraRecorder 0.52 (x64 edition) (Version: 0.52.00.00)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.2.1.0608)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
KMPlayer播放器
Lingoes 2.8.1 (Version: 2.8.1)
Malwarebytes Anti-Malware 版本 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware Service ZH-CN Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Client ZH-CN Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1)
Mozilla Firefox 15.0 (x86 zh-CN) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nokia Connectivity Cable Driver (Version: 7.1.78.0)
Nokia Suite (Version: 3.4.49.0)
PC Connectivity Solution (Version: 12.0.17.0)
Picasa 3 (Version: 3.8)
POD-Bot 2.5
PuTTY version 0.62 (Version: 0.62)
QQ游戏 (Version: 2.5.201.50)
QuickTime (Version: 7.72.80.56)
QvodPlayer 5.0.80 (Version: 5.0.80)
RaySource 2.2.0.1 (Version: 2.2.0.1)
Realtek AC'97 Audio
Red Alert 2
Rosetta Stone Version 3 (Version: 3.4.7.0)
SafeTransaction 4.3.0.0 (Version: 4.3.0.0)
Skins (Version: 2007.0613.1506.25058)
Skype™ 5.9 (Version: 5.9.115)
Stereoscopic Player (Version: 1.8.0)
Tendyron 193D4 for Industrial and Commercial Bank of China (Version: 2057)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
USB PC Camera VC305
VirtualCloneDrive
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live 软件包 (Version: 15.4.3502.0922)
Windows Live 软件包 (Version: 15.4.3538.0513)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Mode (Version: 1.3.7600.16425)
Windows 驱动程序包 - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
WPS Office 个人版 (8.1.0.3238) (Version: 8.1.0.3238)
Xvid Video Codec (Version: 1.3.2)
半条命(Half-life) V1.1.0.9 (Version: V1.1.0.9)
飞速土豆 1.61.0.15 (Version: 1.61.0.15)
工行网银助手 (Version: 1.0.8.0)
谷歌拼音输入法 2.7
极品飞车9-最高通缉 卸载程序 (Version: 1.00)
金山快盘 (Version: 1.21.0.1517)
魔兽争霸III:冰封王座 V1.24E (Version: 1.24.4.6387)
诺基亚套件 (Version: 3.4.49.0)
豌豆荚2
迅雷7
迅雷看看播放器
迅雷看看高清播放组件
银联在线支付安全控件非IE版 (Version: 1.1.5)
鹰击长空 猪猪整合版 (Version: v1.02)
优酷客户端 (Version: 3.2.0.7041)
战争行为(Act of War)V1.05游侠中文完美破解版
支付宝安全控件 3.0.2.0 (Version: 3.0.2.0)
支付宝安全控件 3.2.1.0 (Version: 3.2.1.0)
支付宝数字证书组件 2.0.0.2 (Version: 2.0.0.2)
中国工商银行防钓鱼软件 (Version: 2.2.0)
中国银行网上银行安全控件 1.5

========================= Memory info: ===================================

Percentage of memory in use: 83%
Total physical RAM: 2047.37 MB
Available physical RAM: 343.96 MB
Total Pagefile: 4094.73 MB
Available Pagefile: 1889.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.66 MB

========================= Partitions: =====================================

1 Drive c: (System) (Fixed) (Total:55.83 GB) (Free:2.91 GB) NTFS
2 Drive d: (Tools) (Fixed) (Total:42.03 GB) (Free:10.89 GB) NTFS
3 Drive e: (Entertainment) (Fixed) (Total:26.74 GB) (Free:1.75 GB) NTFS
6 Drive i: (我的移动存储设备) (Fixed) (Total:931.51 GB) (Free:7.35 GB) NTFS

========================= Users: ========================================

\\SOLOMON-PC 的用户帐户

Administrator Guest Solomon
命令成功完成。


**** End of log ****









Farbar Service Scanner Version: 06-08-2012
Ran by Solomon (administrator) on 07-09-2012 at 23:48:10
Running from "C:\Users\Solomon\Downloads"
Microsoft Windows 7 旗舰版 Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 07 September 2012 - 11:34 AM

# AdwCleaner v2.000 - Logfile created 09/08/2012 at 00:33:03
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Solomon - SOLOMON-PC
# Boot Mode : Normal
# Running from : C:\Users\Solomon\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (zh-CN)

Profile name : default
File : C:\Users\Solomon\AppData\Roaming\Mozilla\Firefox\Profiles\l8haqgpt.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Solomon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1241 octets] - [08/09/2012 00:33:03]

########## EOF - C:\AdwCleaner[R1].txt - [1301 octets] ##########

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:44 AM

Posted 07 September 2012 - 12:44 PM

Malwarebytes log?

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#10 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 07 September 2012 - 08:53 PM

when i use windows update, system give me a ERROR Code 80246008: Windows Update encountered an unknown error.
i found http://windows.microsoft.com/en-US/windows7/Windows-Update-error-80246008
but there is no Background Intelligent Transfer Service in my services.msc
i search Code 80246008 - BITS missing in http://windows.microsoft.com
got http://windows.microsoft.com/en-US/windows/answers?tId=bfad6adb-cfd7-468e-94c3-2b37835f8055
i download MicrosoftFixit.wu.LB.158270497347223030.1.1.Run doesn't solve the problem.

#11 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 07 September 2012 - 08:57 PM

Malwarebytes log?


Malwarebytes Anti-Malware (试用版) 1.62.0.1300
www.malwarebytes.org

数据库版本: v2012.09.06.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 浏览器 9.0.8112.16421
Solomon :: SOLOMON-PC [管理员]

防护: 已启用

2012/9/6 21:42:14
mbam-log-2012-09-06 (21-42-14).txt

扫描类型: 完整扫描 (C:\|D:\|)
启用扫描选项: 内存 | 启动项 | 注册表 | 文件系统 | 启发式/附加 | 启发式/Shuriken 引擎 | PUP | PUM
禁用扫描选项: P2P
扫描项目: 542699
扫描用时 23 小时, 39 分钟, 51 秒

被感染内存进程数目: 0
(未发现有害项目)

被感染内存模块数目: 1
C:\Program Files (x86)\360\360Safe\safemon\BootLeakFixer.tpi (Trojan.Agent) -> 在重新启动时删除。

被感染注册表项数目: 6
HKCR\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> 隔离和删除成功。
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> 隔离和删除成功。
HKCR\MenuButtonIE.ButtonIE (Adware.ClickPotato) -> 隔离和删除成功。
HKCR\MenuButtonIE.ButtonIE.1 (Adware.ClickPotato) -> 隔离和删除成功。
HKCR\thunder (Trojan.Agent) -> 在重新启动时删除。
HKCR\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> 隔离和删除成功。

被感染注册表值数目: 1
HKCU\Software\Microsoft|adver_id (Malware.Trace) -> 数据: 0 -> 隔离和删除成功。

被感染注册表数据项数目: 0
(未发现有害项目)

被感染文件夹数目: 0
(未发现有害项目)

被感染文件数目: 28
C:\Program Files (x86)\360\360Safe\safemon\BootLeakFixer.tpi (Trojan.Agent) -> 在重新启动时删除。
C:\Program Files (x86)\360\360Safe\360leakfixer.exe (Trojan.Agent) -> 在重新启动时删除。
C:\Program Files (x86)\360\360Safe\leakrepair.dll (Trojan.Agent) -> 在重新启动时删除。
C:\Program Files (x86)\360\360Safe\ipc\PatchCheck.dll (Trojan.Agent) -> 在重新启动时删除。
C:\Program Files (x86)\360\360Safe\links\links.dll (Trojan.Agent) -> 在重新启动时删除。
C:\Program Files (x86)\360\360Safe\modules\360vulsetup.exe (Trojan.Agent) -> 在重新启动时删除。
C:\Program Files (x86)\360\360Safe\safemon\WDPayPro.exe (Trojan.Downloader) -> 在重新启动时删除。
C:\Program Files (x86)\360\360Safe\Utils\FileSmasher.exe (Adware.Agent) -> 在重新启动时删除。
C:\Windows\System32\drivers\ComputerZ.sys (Trojan.Agent) -> 隔离和删除成功。
C:\Windows\System32\drivers\ComputerZ_x64.sys (Trojan.Agent) -> 隔离和删除成功。
C:\Windows\System32\drivers\PowerSaveZ.sys (Trojan.Agent) -> 隔离和删除成功。
C:\Windows\System32\drivers\PowerSaveZ_x64.sys (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ.sys (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ0.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ1.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ2.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ4.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ4_x64.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ5.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZService.exe (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ_HardwareDll.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ_PowerSaveDll.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\ComputerZ_x64.sys (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\InstallStat.dll (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\PowerSaveZ.sys (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\PowerSaveZ_x64.sys (Trojan.Agent) -> 隔离和删除成功。
D:\Program Files\Ludashi\update.exe (Trojan.Agent) -> 隔离和删除成功。
C:\Users\Solomon\uidsave.dat (Malware.Trace) -> 隔离和删除成功。

(结束)

2012/09/08 08:50:14 +0800 SOLOMON-PC Solomon MESSAGE Starting protection
2012/09/08 08:50:18 +0800 SOLOMON-PC Solomon MESSAGE Protection started successfully
2012/09/08 08:50:21 +0800 SOLOMON-PC Solomon MESSAGE Starting IP protection
2012/09/08 08:50:21 +0800 SOLOMON-PC Solomon ERROR IP protection failed: FwpmEngineOpen0 failed with error code 1753
2012/09/08 08:52:49 +0800 SOLOMON-PC Solomon DETECTION C:\Program Files (x86)\360\360Safe\360leakfixer.exe Trojan.Agent ALLOW
2012/09/08 08:52:50 +0800 SOLOMON-PC Solomon DETECTION C:\Program Files (x86)\360\360Safe\360leakfixer.exe Trojan.Agent ALLOW
2012/09/08 08:52:56 +0800 SOLOMON-PC Solomon DETECTION C:\Program Files (x86)\360\360Safe\leakrepair.dll Trojan.Agent ALLOW
2012/09/08 09:01:53 +0800 SOLOMON-PC Solomon MESSAGE Executing scheduled update: Daily
2012/09/08 09:02:32 +0800 SOLOMON-PC Solomon MESSAGE Starting database refresh
2012/09/08 09:02:32 +0800 SOLOMON-PC Solomon MESSAGE Scheduled update executed successfully: database updated from version v2012.09.06.08 to version v2012.09.07.13
2012/09/08 09:02:35 +0800 SOLOMON-PC Solomon MESSAGE Database refreshed successfully

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:44 AM

Posted 07 September 2012 - 08:59 PM

I want you to follow my instructions.

#13 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 07 September 2012 - 09:23 PM

as you said, i run the services repair tool. after rebooting system, everything just like normal before.
i really grateful for what you have done for me. @^_^@
i don't know what to say. you saved my computer.
may god bless you!
with my best wishes!

#14 Oaksmanor

Oaksmanor
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:03:44 PM

Posted 07 September 2012 - 09:24 PM

I want you to follow my instructions.


you are right.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:44 AM

Posted 07 September 2012 - 09:25 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


I want you read my instructions :)

Please run malwarebytes again and post the clean log


when i use windows update, system give me a ERROR Code 80246008: Windows Update encountered an unknown error.
i found http://windows.microsoft.com/en-US/windows7/Windows-Update-error-80246008
but there is no Background Intelligent Transfer Service in my services.msc
i search Code 80246008 - BITS missing in http://windows.microsoft.com
got http://windows.microsoft.com/en-US/windows/answers?tId=bfad6adb-cfd7-468e-94c3-2b37835f8055
i download MicrosoftFixit.wu.LB.158270497347223030.1.1.Run doesn't solve the problem.


If you do not need my help i can stop it here




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users