Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have a Google redirect problem


  • Please log in to reply
10 replies to this topic

#1 ronsea206

ronsea206

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 02 September 2012 - 08:35 PM

I was hoping someone can help me fix my google redirect problem. I occasionally have websites redirected and have used avast and malarebytes and removed some threats but the problem still persists. This is my first post so forgive me if I am in the wrong section.

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:51 AM

Posted 02 September 2012 - 08:41 PM

You most likely need to post in the am i infected forum but run the programs below until your thread gets moved.

Please download FarbarServiceScanner and run it on the computer with the issue.
http://download.bleepingcomputer.com/farbar/FSS.exe


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:


Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 AM

Posted 02 September 2012 - 09:47 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 ronsea206

ronsea206
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 03 September 2012 - 12:55 PM

I downloaded TDSSkiller, aswMBR and ESET online scanner. Here are the logs. I thank you for your time.

TDSSkiller

23:00:36.0183 5344 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
23:00:36.0553 5344 ============================================================
23:00:36.0553 5344 Current date / time: 2012/09/02 23:00:36.0553
23:00:36.0553 5344 SystemInfo:
23:00:36.0553 5344
23:00:36.0553 5344 OS Version: 6.1.7601 ServicePack: 1.0
23:00:36.0553 5344 Product type: Workstation
23:00:36.0553 5344 ComputerName: PC
23:00:36.0553 5344 UserName: Ronald Sirina Samuel
23:00:36.0553 5344 Windows directory: C:\windows
23:00:36.0553 5344 System windows directory: C:\windows
23:00:36.0553 5344 Running under WOW64
23:00:36.0553 5344 Processor architecture: Intel x64
23:00:36.0553 5344 Number of processors: 4
23:00:36.0553 5344 Page size: 0x1000
23:00:36.0553 5344 Boot type: Normal boot
23:00:36.0553 5344 ============================================================
23:00:37.0694 5344 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:00:37.0709 5344 ============================================================
23:00:37.0709 5344 \Device\Harddisk0\DR0:
23:00:37.0709 5344 MBR partitions:
23:00:37.0709 5344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x23C93800
23:00:37.0709 5344 ============================================================
23:00:37.0725 5344 C: <-> \Device\Harddisk0\DR0\Partition1
23:00:37.0725 5344 ============================================================
23:00:37.0725 5344 Initialize success
23:00:37.0725 5344 ============================================================
23:00:44.0636 1732 ============================================================
23:00:44.0636 1732 Scan started
23:00:44.0636 1732 Mode: Manual; TDLFS;
23:00:44.0636 1732 ============================================================
23:00:45.0088 1732 ================ Scan system memory ========================
23:00:45.0088 1732 System memory - ok
23:00:45.0088 1732 ================ Scan services =============================
23:00:45.0229 1732 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:00:45.0229 1732 !SASCORE - ok
23:00:45.0431 1732 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
23:00:45.0447 1732 1394ohci - ok
23:00:45.0494 1732 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
23:00:45.0494 1732 ACPI - ok
23:00:45.0525 1732 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
23:00:45.0541 1732 AcpiPmi - ok
23:00:45.0603 1732 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
23:00:45.0603 1732 adp94xx - ok
23:00:45.0650 1732 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
23:00:45.0650 1732 adpahci - ok
23:00:45.0681 1732 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
23:00:45.0681 1732 adpu320 - ok
23:00:45.0728 1732 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
23:00:45.0728 1732 AeLookupSvc - ok
23:00:45.0790 1732 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
23:00:45.0790 1732 AFD - ok
23:00:45.0853 1732 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
23:00:45.0853 1732 agp440 - ok
23:00:45.0899 1732 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
23:00:45.0899 1732 ALG - ok
23:00:45.0962 1732 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
23:00:45.0962 1732 aliide - ok
23:00:45.0977 1732 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
23:00:45.0977 1732 amdide - ok
23:00:46.0024 1732 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
23:00:46.0024 1732 AmdK8 - ok
23:00:46.0040 1732 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
23:00:46.0040 1732 AmdPPM - ok
23:00:46.0102 1732 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\windows\system32\drivers\amdsata.sys
23:00:46.0102 1732 amdsata - ok
23:00:46.0165 1732 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
23:00:46.0165 1732 amdsbs - ok
23:00:46.0211 1732 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\windows\system32\drivers\amdxata.sys
23:00:46.0211 1732 amdxata - ok
23:00:46.0243 1732 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
23:00:46.0243 1732 AppID - ok
23:00:46.0274 1732 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
23:00:46.0274 1732 AppIDSvc - ok
23:00:46.0336 1732 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
23:00:46.0336 1732 Appinfo - ok
23:00:46.0445 1732 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:00:46.0445 1732 Apple Mobile Device - ok
23:00:46.0508 1732 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
23:00:46.0508 1732 arc - ok
23:00:46.0555 1732 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
23:00:46.0555 1732 arcsas - ok
23:00:46.0601 1732 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
23:00:46.0601 1732 aswFsBlk - ok
23:00:46.0664 1732 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
23:00:46.0664 1732 aswMonFlt - ok
23:00:46.0711 1732 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\windows\system32\drivers\aswSnx.sys
23:00:46.0726 1732 aswSnx - ok
23:00:46.0742 1732 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\windows\system32\drivers\aswSP.sys
23:00:46.0742 1732 aswSP - ok
23:00:46.0773 1732 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
23:00:46.0773 1732 AsyncMac - ok
23:00:46.0804 1732 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
23:00:46.0804 1732 atapi - ok
23:00:46.0851 1732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
23:00:46.0851 1732 AudioEndpointBuilder - ok
23:00:46.0867 1732 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
23:00:46.0882 1732 AudioSrv - ok
23:00:46.0960 1732 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:00:46.0960 1732 avast! Antivirus - ok
23:00:47.0272 1732 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
23:00:47.0303 1732 AVGIDSAgent - ok
23:00:47.0350 1732 [ E6671E90D38C88764412E07C9D9B3D63 ] AVGIDSDriver C:\windows\system32\DRIVERS\AVGIDSDriver.Sys
23:00:47.0350 1732 AVGIDSDriver - ok
23:00:47.0381 1732 [ 1553B388E0F0462C25AD8F30C3C29E83 ] AVGIDSEH C:\windows\system32\DRIVERS\AVGIDSEH.Sys
23:00:47.0381 1732 AVGIDSEH - ok
23:00:47.0413 1732 [ DCA426A66739E75F51A72160DFB945AD ] AVGIDSFilter C:\windows\system32\DRIVERS\AVGIDSFilter.Sys
23:00:47.0413 1732 AVGIDSFilter - ok
23:00:47.0475 1732 [ FF7383388A7D2283DAE5831ABC2B0720 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
23:00:47.0475 1732 Avgldx64 - ok
23:00:47.0522 1732 [ 997D002827D3E3DCBBB25BF46DB161AB ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
23:00:47.0522 1732 Avgmfx64 - ok
23:00:47.0569 1732 [ BCCFE3374C887075CDE2AC8FDB1CB2F8 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
23:00:47.0569 1732 Avgrkx64 - ok
23:00:47.0615 1732 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
23:00:47.0615 1732 avgwd - ok
23:00:47.0662 1732 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
23:00:47.0662 1732 AxInstSV - ok
23:00:47.0725 1732 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
23:00:47.0725 1732 b06bdrv - ok
23:00:47.0771 1732 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
23:00:47.0771 1732 b57nd60a - ok
23:00:47.0849 1732 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
23:00:47.0849 1732 BDESVC - ok
23:00:47.0865 1732 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
23:00:47.0865 1732 Beep - ok
23:00:47.0927 1732 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
23:00:47.0927 1732 BFE - ok
23:00:47.0990 1732 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
23:00:47.0990 1732 blbdrive - ok
23:00:48.0068 1732 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:00:48.0068 1732 Bonjour Service - ok
23:00:48.0115 1732 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
23:00:48.0115 1732 bowser - ok
23:00:48.0161 1732 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
23:00:48.0161 1732 BrFiltLo - ok
23:00:48.0177 1732 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
23:00:48.0177 1732 BrFiltUp - ok
23:00:48.0239 1732 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
23:00:48.0239 1732 BridgeMP - ok
23:00:48.0286 1732 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
23:00:48.0302 1732 Browser - ok
23:00:48.0317 1732 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
23:00:48.0317 1732 Brserid - ok
23:00:48.0364 1732 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
23:00:48.0364 1732 BrSerWdm - ok
23:00:48.0380 1732 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
23:00:48.0380 1732 BrUsbMdm - ok
23:00:48.0395 1732 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
23:00:48.0395 1732 BrUsbSer - ok
23:00:48.0427 1732 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
23:00:48.0427 1732 BTHMODEM - ok
23:00:48.0473 1732 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
23:00:48.0473 1732 bthserv - ok
23:00:48.0505 1732 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
23:00:48.0505 1732 cdfs - ok
23:00:48.0551 1732 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
23:00:48.0551 1732 cdrom - ok
23:00:48.0614 1732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
23:00:48.0614 1732 CertPropSvc - ok
23:00:48.0661 1732 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
23:00:48.0661 1732 circlass - ok
23:00:48.0707 1732 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
23:00:48.0723 1732 CLFS - ok
23:00:48.0785 1732 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:00:48.0785 1732 clr_optimization_v2.0.50727_32 - ok
23:00:48.0848 1732 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:00:48.0863 1732 clr_optimization_v2.0.50727_64 - ok
23:00:48.0910 1732 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
23:00:48.0910 1732 CmBatt - ok
23:00:48.0941 1732 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
23:00:48.0941 1732 cmdide - ok
23:00:48.0988 1732 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\windows\system32\Drivers\cng.sys
23:00:49.0004 1732 CNG - ok
23:00:49.0066 1732 [ 25C58EE97BE0416A373E3E4F855206B5 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
23:00:49.0066 1732 CnxtHdAudService - ok
23:00:49.0113 1732 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
23:00:49.0113 1732 Compbatt - ok
23:00:49.0160 1732 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
23:00:49.0160 1732 CompositeBus - ok
23:00:49.0175 1732 COMSysApp - ok
23:00:49.0191 1732 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
23:00:49.0191 1732 crcdisk - ok
23:00:49.0238 1732 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\windows\system32\cryptsvc.dll
23:00:49.0238 1732 CryptSvc - ok
23:00:49.0331 1732 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:00:49.0347 1732 cvhsvc - ok
23:00:49.0394 1732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
23:00:49.0409 1732 DcomLaunch - ok
23:00:49.0441 1732 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
23:00:49.0441 1732 defragsvc - ok
23:00:49.0487 1732 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
23:00:49.0487 1732 DfsC - ok
23:00:49.0534 1732 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
23:00:49.0550 1732 Dhcp - ok
23:00:49.0565 1732 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
23:00:49.0565 1732 discache - ok
23:00:49.0612 1732 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
23:00:49.0612 1732 Disk - ok
23:00:49.0675 1732 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
23:00:49.0675 1732 Dnscache - ok
23:00:49.0721 1732 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
23:00:49.0721 1732 dot3svc - ok
23:00:49.0784 1732 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys
23:00:49.0784 1732 Dot4 - ok
23:00:49.0815 1732 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\drivers\Dot4Prt.sys
23:00:49.0815 1732 Dot4Print - ok
23:00:49.0862 1732 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
23:00:49.0862 1732 dot4usb - ok
23:00:49.0893 1732 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
23:00:49.0893 1732 DPS - ok
23:00:49.0940 1732 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
23:00:49.0940 1732 drmkaud - ok
23:00:49.0987 1732 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
23:00:50.0002 1732 DXGKrnl - ok
23:00:50.0018 1732 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
23:00:50.0033 1732 EapHost - ok
23:00:50.0127 1732 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
23:00:50.0143 1732 ebdrv - ok
23:00:50.0189 1732 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
23:00:50.0189 1732 EFS - ok
23:00:50.0236 1732 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
23:00:50.0252 1732 ehRecvr - ok
23:00:50.0267 1732 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
23:00:50.0267 1732 ehSched - ok
23:00:50.0314 1732 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
23:00:50.0314 1732 elxstor - ok
23:00:50.0439 1732 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
23:00:50.0439 1732 EPSON_EB_RPCV4_04 - ok
23:00:50.0486 1732 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
23:00:50.0486 1732 EPSON_PM_RPCV4_04 - ok
23:00:50.0517 1732 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
23:00:50.0517 1732 ErrDev - ok
23:00:50.0548 1732 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
23:00:50.0564 1732 EventSystem - ok
23:00:50.0626 1732 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
23:00:50.0626 1732 exfat - ok
23:00:50.0642 1732 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
23:00:50.0642 1732 fastfat - ok
23:00:50.0704 1732 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
23:00:50.0720 1732 Fax - ok
23:00:50.0751 1732 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
23:00:50.0751 1732 fdc - ok
23:00:50.0798 1732 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
23:00:50.0813 1732 fdPHost - ok
23:00:50.0813 1732 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
23:00:50.0813 1732 FDResPub - ok
23:00:50.0860 1732 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
23:00:50.0860 1732 FileInfo - ok
23:00:50.0876 1732 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
23:00:50.0876 1732 Filetrace - ok
23:00:50.0907 1732 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
23:00:50.0923 1732 flpydisk - ok
23:00:50.0969 1732 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
23:00:50.0969 1732 FltMgr - ok
23:00:51.0001 1732 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\windows\system32\FntCache.dll
23:00:51.0016 1732 FontCache - ok
23:00:51.0094 1732 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:00:51.0094 1732 FontCache3.0.0.0 - ok
23:00:51.0125 1732 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
23:00:51.0125 1732 FsDepends - ok
23:00:51.0172 1732 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
23:00:51.0172 1732 Fs_Rec - ok
23:00:51.0219 1732 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
23:00:51.0235 1732 fvevol - ok
23:00:51.0266 1732 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
23:00:51.0266 1732 gagp30kx - ok
23:00:51.0344 1732 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
23:00:51.0344 1732 GameConsoleService - ok
23:00:51.0406 1732 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
23:00:51.0406 1732 GEARAspiWDM - ok
23:00:51.0453 1732 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
23:00:51.0453 1732 gpsvc - ok
23:00:51.0547 1732 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:00:51.0547 1732 gupdate - ok
23:00:51.0562 1732 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:00:51.0578 1732 gupdatem - ok
23:00:51.0609 1732 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
23:00:51.0609 1732 hcw85cir - ok
23:00:51.0656 1732 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
23:00:51.0656 1732 HdAudAddService - ok
23:00:51.0703 1732 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
23:00:51.0703 1732 HDAudBus - ok
23:00:51.0749 1732 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
23:00:51.0749 1732 HECIx64 - ok
23:00:51.0781 1732 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
23:00:51.0781 1732 HidBatt - ok
23:00:51.0796 1732 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
23:00:51.0796 1732 HidBth - ok
23:00:51.0827 1732 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
23:00:51.0843 1732 HidIr - ok
23:00:51.0859 1732 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
23:00:51.0874 1732 hidserv - ok
23:00:51.0921 1732 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
23:00:51.0921 1732 HidUsb - ok
23:00:51.0952 1732 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
23:00:51.0968 1732 hkmsvc - ok
23:00:51.0999 1732 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
23:00:51.0999 1732 HomeGroupListener - ok
23:00:52.0046 1732 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
23:00:52.0046 1732 HomeGroupProvider - ok
23:00:52.0087 1732 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
23:00:52.0087 1732 HpSAMD - ok
23:00:52.0147 1732 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
23:00:52.0157 1732 HTTP - ok
23:00:52.0197 1732 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
23:00:52.0197 1732 hwpolicy - ok
23:00:52.0247 1732 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
23:00:52.0247 1732 i8042prt - ok
23:00:52.0287 1732 [ 5E60DD5F090AB4A563C7204C289C4650 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
23:00:52.0287 1732 iaStor - ok
23:00:52.0327 1732 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\windows\system32\drivers\iaStorV.sys
23:00:52.0337 1732 iaStorV - ok
23:00:52.0407 1732 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:00:52.0407 1732 IDriverT - ok
23:00:52.0477 1732 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:00:52.0487 1732 idsvc - ok
23:00:52.0717 1732 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
23:00:52.0767 1732 igfx - ok
23:00:52.0817 1732 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
23:00:52.0817 1732 iirsp - ok
23:00:52.0887 1732 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
23:00:52.0897 1732 IKEEXT - ok
23:00:52.0957 1732 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
23:00:52.0957 1732 Impcd - ok
23:00:53.0007 1732 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
23:00:53.0007 1732 intelide - ok
23:00:53.0047 1732 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
23:00:53.0057 1732 intelppm - ok
23:00:53.0097 1732 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
23:00:53.0097 1732 IPBusEnum - ok
23:00:53.0127 1732 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
23:00:53.0137 1732 IpFilterDriver - ok
23:00:53.0197 1732 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
23:00:53.0207 1732 iphlpsvc - ok
23:00:53.0247 1732 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
23:00:53.0247 1732 IPMIDRV - ok
23:00:53.0287 1732 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
23:00:53.0287 1732 IPNAT - ok
23:00:53.0367 1732 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:00:53.0377 1732 iPod Service - ok
23:00:53.0427 1732 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
23:00:53.0427 1732 IRENUM - ok
23:00:53.0467 1732 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
23:00:53.0467 1732 isapnp - ok
23:00:53.0487 1732 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
23:00:53.0487 1732 iScsiPrt - ok
23:00:53.0527 1732 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
23:00:53.0527 1732 kbdclass - ok
23:00:53.0557 1732 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
23:00:53.0567 1732 kbdhid - ok
23:00:53.0597 1732 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
23:00:53.0597 1732 KeyIso - ok
23:00:53.0637 1732 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
23:00:53.0647 1732 KSecDD - ok
23:00:53.0667 1732 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
23:00:53.0667 1732 KSecPkg - ok
23:00:53.0717 1732 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
23:00:53.0717 1732 ksthunk - ok
23:00:53.0747 1732 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
23:00:53.0757 1732 KtmRm - ok
23:00:53.0807 1732 [ 55480B9C63F3F91A8EBBADCBF28FE581 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
23:00:53.0807 1732 L1C - ok
23:00:53.0867 1732 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
23:00:53.0867 1732 LanmanServer - ok
23:00:53.0907 1732 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
23:00:53.0917 1732 LanmanWorkstation - ok
23:00:53.0957 1732 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
23:00:53.0957 1732 lltdio - ok
23:00:54.0027 1732 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
23:00:54.0027 1732 lltdsvc - ok
23:00:54.0047 1732 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
23:00:54.0057 1732 lmhosts - ok
23:00:54.0127 1732 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:00:54.0127 1732 LMS - ok
23:00:54.0184 1732 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
23:00:54.0184 1732 LSI_FC - ok
23:00:54.0199 1732 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
23:00:54.0199 1732 LSI_SAS - ok
23:00:54.0231 1732 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
23:00:54.0231 1732 LSI_SAS2 - ok
23:00:54.0246 1732 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
23:00:54.0246 1732 LSI_SCSI - ok
23:00:54.0277 1732 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
23:00:54.0277 1732 luafv - ok
23:00:54.0324 1732 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
23:00:54.0340 1732 Mcx2Svc - ok
23:00:54.0340 1732 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
23:00:54.0355 1732 megasas - ok
23:00:54.0402 1732 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
23:00:54.0402 1732 MegaSR - ok
23:00:54.0496 1732 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
23:00:54.0496 1732 Microsoft Office Groove Audit Service - ok
23:00:54.0543 1732 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
23:00:54.0543 1732 MMCSS - ok
23:00:54.0558 1732 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
23:00:54.0558 1732 Modem - ok
23:00:54.0605 1732 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
23:00:54.0605 1732 monitor - ok
23:00:54.0652 1732 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
23:00:54.0652 1732 mouclass - ok
23:00:54.0714 1732 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
23:00:54.0714 1732 mouhid - ok
23:00:54.0761 1732 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
23:00:54.0761 1732 mountmgr - ok
23:00:54.0823 1732 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:00:54.0823 1732 MozillaMaintenance - ok
23:00:54.0870 1732 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
23:00:54.0870 1732 mpio - ok
23:00:54.0886 1732 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
23:00:54.0886 1732 mpsdrv - ok
23:00:54.0933 1732 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
23:00:54.0933 1732 MRxDAV - ok
23:00:54.0964 1732 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
23:00:54.0979 1732 mrxsmb - ok
23:00:54.0995 1732 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
23:00:55.0011 1732 mrxsmb10 - ok
23:00:55.0011 1732 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
23:00:55.0011 1732 mrxsmb20 - ok
23:00:55.0042 1732 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
23:00:55.0042 1732 msahci - ok
23:00:55.0073 1732 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
23:00:55.0073 1732 msdsm - ok
23:00:55.0104 1732 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
23:00:55.0104 1732 MSDTC - ok
23:00:55.0135 1732 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
23:00:55.0135 1732 Msfs - ok
23:00:55.0167 1732 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
23:00:55.0167 1732 mshidkmdf - ok
23:00:55.0213 1732 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
23:00:55.0213 1732 msisadrv - ok
23:00:55.0255 1732 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
23:00:55.0265 1732 MSiSCSI - ok
23:00:55.0265 1732 msiserver - ok
23:00:55.0325 1732 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
23:00:55.0325 1732 MSKSSRV - ok
23:00:55.0335 1732 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
23:00:55.0335 1732 MSPCLOCK - ok
23:00:55.0345 1732 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
23:00:55.0355 1732 MSPQM - ok
23:00:55.0395 1732 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
23:00:55.0395 1732 MsRPC - ok
23:00:55.0405 1732 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
23:00:55.0405 1732 mssmbios - ok
23:00:55.0465 1732 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
23:00:55.0465 1732 MSTEE - ok
23:00:55.0485 1732 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
23:00:55.0485 1732 MTConfig - ok
23:00:55.0515 1732 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
23:00:55.0515 1732 Mup - ok
23:00:55.0565 1732 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
23:00:55.0565 1732 napagent - ok
23:00:55.0625 1732 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
23:00:55.0635 1732 NativeWifiP - ok
23:00:55.0695 1732 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
23:00:55.0695 1732 NDIS - ok
23:00:55.0735 1732 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
23:00:55.0735 1732 NdisCap - ok
23:00:55.0775 1732 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
23:00:55.0775 1732 NdisTapi - ok
23:00:55.0815 1732 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
23:00:55.0815 1732 Ndisuio - ok
23:00:55.0845 1732 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
23:00:55.0845 1732 NdisWan - ok
23:00:55.0885 1732 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
23:00:55.0885 1732 NDProxy - ok
23:00:55.0955 1732 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:00:55.0955 1732 Net Driver HPZ12 - ok
23:00:55.0995 1732 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
23:00:55.0995 1732 NetBIOS - ok
23:00:56.0035 1732 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
23:00:56.0035 1732 NetBT - ok
23:00:56.0075 1732 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
23:00:56.0075 1732 Netlogon - ok
23:00:56.0145 1732 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
23:00:56.0145 1732 Netman - ok
23:00:56.0165 1732 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
23:00:56.0175 1732 netprofm - ok
23:00:56.0235 1732 [ 81B8D0C1CE44A7FDBD596B693783950C ] netr7364 C:\windows\system32\DRIVERS\netr7364.sys
23:00:56.0245 1732 netr7364 - ok
23:00:56.0275 1732 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:00:56.0275 1732 NetTcpPortSharing - ok
23:00:56.0315 1732 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
23:00:56.0315 1732 nfrd960 - ok
23:00:56.0355 1732 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
23:00:56.0355 1732 NlaSvc - ok
23:00:56.0395 1732 Norton PC Checkup Application Launcher - ok
23:00:56.0415 1732 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
23:00:56.0415 1732 Npfs - ok
23:00:56.0445 1732 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
23:00:56.0445 1732 nsi - ok
23:00:56.0455 1732 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
23:00:56.0455 1732 nsiproxy - ok
23:00:56.0535 1732 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\windows\system32\drivers\Ntfs.sys
23:00:56.0545 1732 Ntfs - ok
23:00:56.0565 1732 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
23:00:56.0565 1732 Null - ok
23:00:56.0615 1732 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\windows\system32\drivers\nvraid.sys
23:00:56.0615 1732 nvraid - ok
23:00:56.0645 1732 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\windows\system32\drivers\nvstor.sys
23:00:56.0645 1732 nvstor - ok
23:00:56.0695 1732 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
23:00:56.0695 1732 nv_agp - ok
23:00:56.0796 1732 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:00:56.0806 1732 odserv - ok
23:00:56.0846 1732 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
23:00:56.0846 1732 ohci1394 - ok
23:00:56.0896 1732 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:00:56.0896 1732 ose - ok
23:00:57.0096 1732 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:00:57.0126 1732 osppsvc - ok
23:00:57.0186 1732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
23:00:57.0186 1732 p2pimsvc - ok
23:00:57.0206 1732 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
23:00:57.0216 1732 p2psvc - ok
23:00:57.0246 1732 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
23:00:57.0246 1732 Parport - ok
23:00:57.0276 1732 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\windows\system32\drivers\partmgr.sys
23:00:57.0276 1732 partmgr - ok
23:00:57.0296 1732 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
23:00:57.0306 1732 PcaSvc - ok
23:00:57.0356 1732 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
23:00:57.0356 1732 PCCUJobMgr - ok
23:00:57.0376 1732 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
23:00:57.0376 1732 pci - ok
23:00:57.0386 1732 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
23:00:57.0386 1732 pciide - ok
23:00:57.0416 1732 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
23:00:57.0416 1732 pcmcia - ok
23:00:57.0436 1732 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
23:00:57.0436 1732 pcw - ok
23:00:57.0456 1732 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
23:00:57.0456 1732 PEAUTH - ok
23:00:57.0546 1732 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
23:00:57.0546 1732 PerfHost - ok
23:00:57.0586 1732 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
23:00:57.0586 1732 PGEffect - ok
23:00:57.0636 1732 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
23:00:57.0646 1732 pla - ok
23:00:57.0706 1732 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
23:00:57.0706 1732 PlugPlay - ok
23:00:57.0766 1732 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:00:57.0776 1732 Pml Driver HPZ12 - ok
23:00:57.0806 1732 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
23:00:57.0806 1732 PNRPAutoReg - ok
23:00:57.0826 1732 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
23:00:57.0836 1732 PNRPsvc - ok
23:00:57.0886 1732 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
23:00:57.0886 1732 PolicyAgent - ok
23:00:57.0916 1732 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
23:00:57.0926 1732 Power - ok
23:00:57.0966 1732 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
23:00:57.0966 1732 PptpMiniport - ok
23:00:57.0996 1732 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
23:00:57.0996 1732 Processor - ok
23:00:58.0036 1732 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
23:00:58.0046 1732 ProfSvc - ok
23:00:58.0066 1732 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
23:00:58.0066 1732 ProtectedStorage - ok
23:00:58.0116 1732 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
23:00:58.0116 1732 Psched - ok
23:00:58.0166 1732 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
23:00:58.0166 1732 QIOMem - ok
23:00:58.0236 1732 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
23:00:58.0256 1732 ql2300 - ok
23:00:58.0296 1732 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
23:00:58.0296 1732 ql40xx - ok
23:00:58.0326 1732 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
23:00:58.0326 1732 QWAVE - ok
23:00:58.0336 1732 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
23:00:58.0336 1732 QWAVEdrv - ok
23:00:58.0346 1732 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
23:00:58.0346 1732 RasAcd - ok
23:00:58.0396 1732 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
23:00:58.0396 1732 RasAgileVpn - ok
23:00:58.0426 1732 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
23:00:58.0426 1732 RasAuto - ok
23:00:58.0476 1732 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
23:00:58.0476 1732 Rasl2tp - ok
23:00:58.0516 1732 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
23:00:58.0526 1732 RasMan - ok
23:00:58.0576 1732 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
23:00:58.0586 1732 RasPppoe - ok
23:00:58.0596 1732 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
23:00:58.0596 1732 RasSstp - ok
23:00:58.0646 1732 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
23:00:58.0646 1732 rdbss - ok
23:00:58.0676 1732 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
23:00:58.0676 1732 rdpbus - ok
23:00:58.0706 1732 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
23:00:58.0706 1732 RDPCDD - ok
23:00:58.0726 1732 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
23:00:58.0726 1732 RDPENCDD - ok
23:00:58.0736 1732 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
23:00:58.0746 1732 RDPREFMP - ok
23:00:58.0776 1732 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
23:00:58.0786 1732 RDPWD - ok
23:00:58.0836 1732 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
23:00:58.0836 1732 rdyboost - ok
23:00:58.0896 1732 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
23:00:58.0896 1732 RemoteAccess - ok
23:00:58.0926 1732 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
23:00:58.0926 1732 RemoteRegistry - ok
23:00:58.0966 1732 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
23:00:58.0966 1732 RpcEptMapper - ok
23:00:59.0006 1732 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
23:00:59.0006 1732 RpcLocator - ok
23:00:59.0046 1732 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
23:00:59.0056 1732 RpcSs - ok
23:00:59.0116 1732 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
23:00:59.0116 1732 rspndr - ok
23:00:59.0176 1732 [ 3CEEE53BBF8BA284FF44585CEC0162FE ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
23:00:59.0176 1732 RSUSBSTOR - ok
23:00:59.0226 1732 [ 5BFF00B29F7CC14AF67760C0E868109F ] RT2500USB C:\windows\system32\DRIVERS\rt2500usb.sys
23:00:59.0236 1732 RT2500USB - ok
23:00:59.0296 1732 [ FFC748D848740D1BC8F330A8879C2674 ] rtl8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
23:00:59.0306 1732 rtl8192Ce - ok
23:00:59.0316 1732 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
23:00:59.0326 1732 SamSs - ok
23:00:59.0376 1732 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:00:59.0376 1732 SASDIFSV - ok
23:00:59.0436 1732 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:00:59.0436 1732 SASKUTIL - ok
23:00:59.0476 1732 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
23:00:59.0476 1732 sbp2port - ok
23:00:59.0526 1732 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
23:00:59.0536 1732 SCardSvr - ok
23:00:59.0576 1732 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
23:00:59.0576 1732 scfilter - ok
23:00:59.0636 1732 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
23:00:59.0646 1732 Schedule - ok
23:00:59.0686 1732 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
23:00:59.0686 1732 SCPolicySvc - ok
23:00:59.0706 1732 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
23:00:59.0716 1732 SDRSVC - ok
23:00:59.0766 1732 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
23:00:59.0766 1732 secdrv - ok
23:00:59.0806 1732 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
23:00:59.0806 1732 seclogon - ok
23:00:59.0836 1732 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
23:00:59.0836 1732 SENS - ok
23:00:59.0846 1732 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
23:00:59.0846 1732 SensrSvc - ok
23:00:59.0886 1732 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
23:00:59.0886 1732 Serenum - ok
23:00:59.0906 1732 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
23:00:59.0906 1732 Serial - ok
23:00:59.0956 1732 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
23:00:59.0956 1732 sermouse - ok
23:00:59.0996 1732 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
23:00:59.0996 1732 SessionEnv - ok
23:01:00.0026 1732 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
23:01:00.0026 1732 sffdisk - ok
23:01:00.0036 1732 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
23:01:00.0036 1732 sffp_mmc - ok
23:01:00.0066 1732 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
23:01:00.0066 1732 sffp_sd - ok
23:01:00.0106 1732 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
23:01:00.0106 1732 sfloppy - ok
23:01:00.0166 1732 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
23:01:00.0176 1732 Sftfs - ok
23:01:00.0246 1732 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:01:00.0256 1732 sftlist - ok
23:01:00.0266 1732 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
23:01:00.0276 1732 Sftplay - ok
23:01:00.0286 1732 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
23:01:00.0286 1732 Sftredir - ok
23:01:00.0316 1732 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
23:01:00.0316 1732 Sftvol - ok
23:01:00.0346 1732 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:01:00.0346 1732 sftvsa - ok
23:01:00.0396 1732 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
23:01:00.0396 1732 ShellHWDetection - ok
23:01:00.0436 1732 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
23:01:00.0436 1732 SiSRaid2 - ok
23:01:00.0456 1732 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
23:01:00.0466 1732 SiSRaid4 - ok
23:01:00.0486 1732 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
23:01:00.0496 1732 Smb - ok
23:01:00.0536 1732 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
23:01:00.0546 1732 SNMPTRAP - ok
23:01:00.0576 1732 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
23:01:00.0576 1732 spldr - ok
23:01:00.0646 1732 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
23:01:00.0656 1732 Spooler - ok
23:01:00.0766 1732 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
23:01:00.0786 1732 sppsvc - ok
23:01:00.0816 1732 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
23:01:00.0826 1732 sppuinotify - ok
23:01:00.0866 1732 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
23:01:00.0876 1732 srv - ok
23:01:00.0896 1732 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
23:01:00.0906 1732 srv2 - ok
23:01:00.0946 1732 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
23:01:00.0946 1732 SrvHsfHDA - ok
23:01:00.0996 1732 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
23:01:01.0016 1732 SrvHsfV92 - ok
23:01:01.0046 1732 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
23:01:01.0056 1732 SrvHsfWinac - ok
23:01:01.0076 1732 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
23:01:01.0086 1732 srvnet - ok
23:01:01.0126 1732 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
23:01:01.0136 1732 SSDPSRV - ok
23:01:01.0146 1732 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
23:01:01.0146 1732 SstpSvc - ok
23:01:01.0176 1732 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
23:01:01.0176 1732 stexstor - ok
23:01:01.0236 1732 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
23:01:01.0256 1732 stisvc - ok
23:01:01.0286 1732 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
23:01:01.0286 1732 swenum - ok
23:01:01.0326 1732 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
23:01:01.0336 1732 swprv - ok
23:01:01.0396 1732 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
23:01:01.0406 1732 SynTP - ok
23:01:01.0466 1732 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
23:01:01.0486 1732 SysMain - ok
23:01:01.0516 1732 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
23:01:01.0526 1732 TabletInputService - ok
23:01:01.0546 1732 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
23:01:01.0556 1732 TapiSrv - ok
23:01:01.0576 1732 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
23:01:01.0586 1732 TBS - ok
23:01:01.0676 1732 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\windows\system32\drivers\tcpip.sys
23:01:01.0696 1732 Tcpip - ok
23:01:01.0766 1732 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
23:01:01.0776 1732 TCPIP6 - ok
23:01:01.0816 1732 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
23:01:01.0816 1732 tcpipreg - ok
23:01:01.0866 1732 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
23:01:01.0866 1732 tdcmdpst - ok
23:01:01.0896 1732 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
23:01:01.0896 1732 TDPIPE - ok
23:01:01.0916 1732 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
23:01:01.0916 1732 TDTCP - ok
23:01:01.0956 1732 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
23:01:01.0956 1732 tdx - ok
23:01:02.0016 1732 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
23:01:02.0016 1732 TermDD - ok
23:01:02.0066 1732 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
23:01:02.0086 1732 TermService - ok
23:01:02.0116 1732 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
23:01:02.0116 1732 Themes - ok
23:01:02.0136 1732 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
23:01:02.0136 1732 THREADORDER - ok
23:01:02.0226 1732 [ 28644B0523D64EFF2FC7312A2EE74B0A ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
23:01:02.0226 1732 TMachInfo - ok
23:01:02.0256 1732 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
23:01:02.0266 1732 TODDSrv - ok
23:01:02.0406 1732 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
23:01:02.0406 1732 TosCoSrv - ok
23:01:02.0476 1732 [ BAE96AD126F4EED4D361B092BA2E61FE ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
23:01:02.0476 1732 TOSHIBA eco Utility Service - ok
23:01:02.0546 1732 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
23:01:02.0546 1732 TOSHIBA HDD SSD Alert Service - ok
23:01:02.0586 1732 [ 97687D094AA597DA366E1194B218CC6C ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
23:01:02.0596 1732 TPCHSrv - ok
23:01:02.0626 1732 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
23:01:02.0636 1732 TrkWks - ok
23:01:02.0687 1732 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
23:01:02.0702 1732 TrustedInstaller - ok
23:01:02.0734 1732 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
23:01:02.0734 1732 tssecsrv - ok
23:01:02.0780 1732 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
23:01:02.0780 1732 TsUsbFlt - ok
23:01:02.0827 1732 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
23:01:02.0827 1732 tunnel - ok
23:01:02.0874 1732 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
23:01:02.0890 1732 TVALZ - ok
23:01:02.0921 1732 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
23:01:02.0921 1732 TVALZFL - ok
23:01:02.0983 1732 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
23:01:02.0983 1732 uagp35 - ok
23:01:03.0046 1732 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
23:01:03.0046 1732 udfs - ok
23:01:03.0077 1732 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
23:01:03.0092 1732 UI0Detect - ok
23:01:03.0124 1732 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
23:01:03.0124 1732 uliagpkx - ok
23:01:03.0155 1732 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys
23:01:03.0155 1732 umbus - ok
23:01:03.0202 1732 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
23:01:03.0202 1732 UmPass - ok
23:01:03.0326 1732 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:01:03.0358 1732 UNS - ok
23:01:03.0389 1732 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
23:01:03.0389 1732 upnphost - ok
23:01:03.0436 1732 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
23:01:03.0436 1732 USBAAPL64 - ok
23:01:03.0482 1732 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\windows\system32\drivers\usbccgp.sys
23:01:03.0482 1732 usbccgp - ok
23:01:03.0498 1732 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
23:01:03.0498 1732 usbcir - ok
23:01:03.0560 1732 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
23:01:03.0560 1732 usbehci - ok
23:01:03.0607 1732 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\windows\system32\drivers\usbhub.sys
23:01:03.0607 1732 usbhub - ok
23:01:03.0623 1732 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\drivers\usbohci.sys
23:01:03.0623 1732 usbohci - ok
23:01:03.0670 1732 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
23:01:03.0670 1732 usbprint - ok
23:01:03.0701 1732 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
23:01:03.0701 1732 usbscan - ok
23:01:03.0732 1732 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
23:01:03.0748 1732 USBSTOR - ok
23:01:03.0748 1732 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
23:01:03.0748 1732 usbuhci - ok
23:01:03.0810 1732 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
23:01:03.0810 1732 usbvideo - ok
23:01:03.0841 1732 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\windows\system32\DRIVERS\usb8023x.sys
23:01:03.0841 1732 usb_rndisx - ok
23:01:03.0872 1732 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
23:01:03.0872 1732 UxSms - ok
23:01:03.0888 1732 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
23:01:03.0888 1732 VaultSvc - ok
23:01:03.0935 1732 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
23:01:03.0935 1732 vdrvroot - ok
23:01:03.0982 1732 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
23:01:03.0997 1732 vds - ok
23:01:04.0044 1732 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
23:01:04.0044 1732 vga - ok
23:01:04.0060 1732 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
23:01:04.0060 1732 VgaSave - ok
23:01:04.0091 1732 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
23:01:04.0091 1732 vhdmp - ok
23:01:04.0122 1732 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
23:01:04.0122 1732 viaide - ok
23:01:04.0138 1732 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
23:01:04.0138 1732 volmgr - ok
23:01:04.0169 1732 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
23:01:04.0169 1732 volmgrx - ok
23:01:04.0216 1732 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
23:01:04.0216 1732 volsnap - ok
23:01:04.0262 1732 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
23:01:04.0278 1732 vsmraid - ok
23:01:04.0340 1732 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
23:01:04.0372 1732 VSS - ok
23:01:04.0387 1732 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
23:01:04.0387 1732 vwifibus - ok
23:01:04.0418 1732 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
23:01:04.0418 1732 vwififlt - ok
23:01:04.0465 1732 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
23:01:04.0465 1732 vwifimp - ok
23:01:04.0512 1732 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
23:01:04.0512 1732 W32Time - ok
23:01:04.0543 1732 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
23:01:04.0543 1732 WacomPen - ok
23:01:04.0574 1732 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
23:01:04.0574 1732 WANARP - ok
23:01:04.0590 1732 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
23:01:04.0590 1732 Wanarpv6 - ok
23:01:04.0652 1732 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
23:01:04.0668 1732 WatAdminSvc - ok
23:01:04.0730 1732 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
23:01:04.0746 1732 wbengine - ok
23:01:04.0777 1732 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
23:01:04.0777 1732 WbioSrvc - ok
23:01:04.0808 1732 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
23:01:04.0824 1732 wcncsvc - ok
23:01:04.0855 1732 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
23:01:04.0855 1732 WcsPlugInService - ok
23:01:04.0886 1732 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
23:01:04.0886 1732 Wd - ok
23:01:04.0918 1732 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
23:01:04.0918 1732 Wdf01000 - ok
23:01:04.0964 1732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
23:01:04.0964 1732 WdiServiceHost - ok
23:01:04.0964 1732 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
23:01:04.0964 1732 WdiSystemHost - ok
23:01:04.0996 1732 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
23:01:05.0011 1732 WebClient - ok
23:01:05.0042 1732 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
23:01:05.0042 1732 Wecsvc - ok
23:01:05.0058 1732 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
23:01:05.0058 1732 wercplsupport - ok
23:01:05.0105 1732 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
23:01:05.0105 1732 WerSvc - ok
23:01:05.0152 1732 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
23:01:05.0152 1732 WfpLwf - ok
23:01:05.0183 1732 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
23:01:05.0183 1732 WIMMount - ok
23:01:05.0214 1732 WinDefend - ok
23:01:05.0214 1732 WinHttpAutoProxySvc - ok
23:01:05.0276 1732 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
23:01:05.0276 1732 Winmgmt - ok
23:01:05.0354 1732 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
23:01:05.0386 1732 WinRM - ok
23:01:05.0432 1732 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
23:01:05.0432 1732 WinUsb - ok
23:01:05.0464 1732 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
23:01:05.0464 1732 Wlansvc - ok
23:01:05.0505 1732 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
23:01:05.0505 1732 WmiAcpi - ok
23:01:05.0535 1732 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
23:01:05.0535 1732 wmiApSrv - ok
23:01:05.0555 1732 WMPNetworkSvc - ok
23:01:05.0595 1732 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
23:01:05.0595 1732 WPCSvc - ok
23:01:05.0635 1732 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
23:01:05.0635 1732 WPDBusEnum - ok
23:01:05.0665 1732 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
23:01:05.0665 1732 ws2ifsl - ok
23:01:05.0725 1732 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
23:01:05.0735 1732 wscsvc - ok
23:01:05.0745 1732 WSearch - ok
23:01:05.0825 1732 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
23:01:05.0845 1732 wuauserv - ok
23:01:05.0885 1732 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
23:01:05.0885 1732 WudfPf - ok
23:01:05.0935 1732 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
23:01:05.0945 1732 WUDFRd - ok
23:01:05.0975 1732 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
23:01:05.0985 1732 wudfsvc - ok
23:01:06.0015 1732 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
23:01:06.0025 1732 WwanSvc - ok
23:01:06.0085 1732 ================ Scan global ===============================
23:01:06.0115 1732 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
23:01:06.0145 1732 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
23:01:06.0155 1732 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
23:01:06.0185 1732 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
23:01:06.0225 1732 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
23:01:06.0225 1732 [Global] - ok
23:01:06.0225 1732 ================ Scan MBR ==================================
23:01:06.0245 1732 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
23:01:08.0386 1732 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:01:08.0386 1732 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:01:08.0386 1732 ================ Scan VBR ==================================
23:01:08.0433 1732 [ BD1DA00357B81C386FF0D6C059FC1763 ] \Device\Harddisk0\DR0\Partition1
23:01:08.0433 1732 \Device\Harddisk0\DR0\Partition1 - ok
23:01:08.0433 1732 ============================================================
23:01:08.0433 1732 Scan finished
23:01:08.0433 1732 ============================================================
23:01:08.0480 3180 Detected object count: 1
23:01:08.0480 3180 Actual detected object count: 1
23:02:26.0879 3180 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
23:02:26.0879 3180 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
23:02:36.0692 5196 Deinitialize success


aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-02 23:06:48
-----------------------------
23:06:48.205 OS Version: Windows x64 6.1.7601 Service Pack 1
23:06:48.205 Number of processors: 4 586 0x2505
23:06:48.205 ComputerName: PC UserName:
23:06:49.407 Initialize success
23:06:49.500 AVAST engine defs: 12090201
23:06:55.553 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:06:55.553 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 305245MB BusType: 3
23:06:55.569 Disk 0 MBR read successfully
23:06:55.569 Disk 0 MBR scan
23:06:56.099 Disk 0 Windows VISTA default MBR code
23:06:56.115 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
23:06:56.707 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 293159 MB offset 3074048
23:06:56.739 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10585 MB offset 603463680
23:06:57.191 Disk 0 scanning C:\windows\system32\drivers
23:07:12.432 Service scanning
23:07:57.688 Modules scanning
23:07:57.703 Disk 0 trace - called modules:
23:07:58.374 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:07:58.390 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c90060]
23:07:58.390 3 CLASSPNP.SYS[fffff88001b9143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a11050]
23:07:59.326 AVAST engine scan C:\windows
23:08:01.978 AVAST engine scan C:\windows\system32
23:10:23.067 AVAST engine scan C:\windows\system32\drivers
23:10:35.548 AVAST engine scan C:\Users\Ronald Sirina Samuel
23:28:34.398 AVAST engine scan C:\ProgramData
23:31:30.133 Scan finished successfully
23:32:26.293 Disk 0 MBR has been saved successfully to "C:\Users\Ronald Sirina Samuel\Desktop\MBR.dat"
23:32:26.309 The log file has been saved successfully to "C:\Users\Ronald Sirina Samuel\Desktop\aswMBR.txt"




ESET online scanner

C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric1.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric2.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Ronald Sirina Samuel\AppData\Local\{F103DEC5-E7D0-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 AM

Posted 03 September 2012 - 04:08 PM

Run TDSSkiller and select delete

23:02:26.0879 3180 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 ronsea206

ronsea206
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 03 September 2012 - 08:43 PM

Hello, I ran TDSSkiller and deleted

23:02:26.0879 3180 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

I scaned with MBAM in regular mode until I got a clean log

mini toolbox

MiniToolBox by Farbar Version: 23-07-2012
Ran by Ronald Sirina Samuel (administrator) on 03-09-2012 at 18:32:55
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 5 (Hardware not present)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 20-7C-8F-40-2F-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::156b:327e:e94b:ca8%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, September 03, 2012 5:30:37 PM
Lease Expires . . . . . . . . . . : Tuesday, September 04, 2012 5:30:41 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 320896143
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-41-4F-78-60-EB-69-62-47-B9
DNS Servers . . . . . . . . . . . : 192.168.1.1
75.75.76.76
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F4B31C4B-02BF-4948-93FD-1A720D1792A2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:401:2a29:3f57:fefc(Preferred)
Link-local IPv6 Address . . . . . : fe80::401:2a29:3f57:fefc%20(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: my.router
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.33.14
173.194.33.4
173.194.33.0
173.194.33.7
173.194.33.3
173.194.33.5
173.194.33.1
173.194.33.9
173.194.33.6
173.194.33.8
173.194.33.2


Pinging google.com [173.194.33.14] with 32 bytes of data:
Reply from 173.194.33.14: bytes=32 time=19ms TTL=55
Reply from 173.194.33.14: bytes=32 time=13ms TTL=55

Ping statistics for 173.194.33.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 13ms, Maximum = 19ms, Average = 16ms
Server: my.router
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=137ms TTL=52
Reply from 72.30.38.140: bytes=32 time=39ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 137ms, Average = 88ms
Server: my.router
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...20 7c 8f 40 2f c9 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
20 58 ::/0 On-link
1 306 ::1/128 On-link
20 58 2001::/32 On-link
20 306 2001:0:9d38:953c:401:2a29:3f57:fefc/128
On-link
11 281 fe80::/64 On-link
20 306 fe80::/64 On-link
20 306 fe80::401:2a29:3f57:fefc/128
On-link
11 281 fe80::156b:327e:e94b:ca8/128
On-link
1 306 ff00::/8 On-link
20 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/03/2012 01:23:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/03/2012 01:22:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/03/2012 01:22:30 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 11:32:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 11:32:48 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 11:06:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 11:03:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 11:03:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 11:03:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/02/2012 04:51:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e21213c
Exception code: 0xc06d007e
Fault offset: 0x000000000000cacd
Faulting process id: 0xd18
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3


System errors:
=============
Error: (09/03/2012 05:30:58 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/03/2012 05:30:58 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/03/2012 05:30:58 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/03/2012 05:30:43 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (09/03/2012 04:16:24 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/03/2012 04:16:24 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/03/2012 01:37:12 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/03/2012 01:37:12 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (09/03/2012 00:43:54 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (09/03/2012 00:43:54 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader 9.3 (Version: 9.3.0)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.26)
avast! Free Antivirus (Version: 7.0.1466.0)
AVG 2011 (Version: 10.0.1382)
AVG 2011 (Version: 10.0.1388)
AVG 2011 (Version: 10.0.1390)
AVG 2011 (Version: 10.0.1391)
AVG 2011 (Version: 10.0.1392)
AVG 2011 (Version: 10.0.1410)
AVG 2011 (Version: 10.0.1411)
AVG 2011 (Version: 10.0.1415)
AVG 2011 (Version: 10.0.1416)
AVG 2011 (Version: 10.0.1424)
AVG 2011 (Version: 10.0.2437)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.95)
CCleaner (Version: 3.22)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Conexant HD Audio (Version: 4.119.0.60)
DivX Setup (Version: 2.2.0.24)
DivX Web Player (Version: 1.5.0)
Download Accelerator Plus (DAP) (Version: 9504 (Build 2064))
Easy Guitar Deluxe
Epson CreativeZone
Epson Easy Photo Print 2 (Version: 2.2.0.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Event Manager (Version: 2.40.0001)
EPSON NX420 Series Printer Uninstall
EPSON Scan
EpsonNet Setup 3.2 (Version: 3.2a)
ESET Online Scanner v3
FATE (Version: 2.2.0.95)
Google Chrome (Version: 21.0.1180.89)
Google Update Helper (Version: 1.3.21.115)
HP Update (Version: 4.000.011.006)
HPDiagnosticAlert (Version: 1.00.0000)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2189)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.1.1001)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.2.4)
Jewel Quest - Heritage (Version: 2.2.0.95)
Junk Mail filter update (Version: 14.0.8117.416)
LTCM Client
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Single Image 2010 (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.0.60310.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVCRT (Version: 14.0.1468.721)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.95)
Quickbooks Financial Center (Version: 2.02)
QuickTime (Version: 7.72.80.56)
Reading Blaster Ages 9-12
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Realtek WLAN Driver (Version: 2.00.0011)
Skype Launcher (Version: 2.01)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 5.5.1012)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
Toshiba App Place (Version: 1.0.2.0)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 3.00.11)
Toshiba Book Place (Version: 2.0.3977.0)
TOSHIBA Bulletin Board (Version: 1.6.06.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA eco Utility (Version: 1.2.7.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Hardware Setup (Version: 4.03.02.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
Toshiba Laptop Checkup (Version: 2.0.3.198)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.4.9)
Toshiba Online Backup (Version: 2.0.0.24)
TOSHIBA PC Health Monitor (Version: 1.6.0.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.05.64)
TOSHIBA Service Station (Version: 2.1.40)
TOSHIBA Supervisor Password (Version: 4.03.02.00)
TOSHIBA Value Added Package (Version: 1.3.2.64)
TOSHIBA Web Camera Application (Version: 1.1.1.15)
ToshibaRegistration (Version: 1.0.4)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Wheel of Fortune 2 (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.1.3)
WildTangent ORB Game Console
Winamp (Version: 5.61 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3893.86 MB
Available physical RAM: 2270.22 MB
Total Pagefile: 7785.91 MB
Available Pagefile: 6191.65 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.21 MB

========================= Partitions: =====================================

1 Drive c: (TI105927W0F) (Fixed) (Total:286.29 GB) (Free:211.48 GB) NTFS

========================= Users: ========================================

User accounts for \\PC

Administrator Guest Ronald Sirina Samuel


**** End of log ****




FSS

Farbar Service Scanner Version: 06-08-2012
Ran by Ronald Sirina Samuel (administrator) on 03-09-2012 at 18:35:28
Running from "C:\Users\Ronald Sirina Samuel\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to open SharedAccess registry key. The service key does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner

# AdwCleaner v2.000 - Logfile created 09/03/2012 at 18:37:06
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Ronald Sirina Samuel - PC
# Boot Mode : Normal
# Running from : C:\Users\Ronald Sirina Samuel\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Ronald Sirina Samuel\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKLM\SOFTWARE\Software

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Ronald Sirina Samuel\AppData\Roaming\Mozilla\Firefox\Profiles\tpulx1cv.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Ronald Sirina Samuel\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1406 octets] - [03/09/2012 18:36:30]
AdwCleaner[S1].txt - [1964 octets] - [03/09/2012 18:37:06]

########## EOF - C:\AdwCleaner[S1].txt - [2024 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 AM

Posted 04 September 2012 - 12:07 AM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#8 ronsea206

ronsea206
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 04 September 2012 - 04:33 AM

Hello, I Ran the services repair tool

new FSS log
Farbar Service Scanner Version: 06-08-2012
Ran by Ronald Sirina Samuel (administrator) on 04-09-2012 at 02:29:30
Running from "C:\Users\Ronald Sirina Samuel\Desktop\bleepingpc"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

rkill
Rkill 2.3.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/04/2012 02:30:55 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Ronald Sirina Samuel\Desktop\rkill\rkill-09-04-2012-02-30-58.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/04/2012 02:31:11 AM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 AM

Posted 04 September 2012 - 04:38 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#10 ronsea206

ronsea206
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:11:51 PM

Posted 04 September 2012 - 11:54 AM

Thank you very much!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 AM

Posted 04 September 2012 - 01:03 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users