Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Locked up during re-boot


  • Please log in to reply
5 replies to this topic

#1 hrolsons

hrolsons

  • Members
  • 226 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 13 November 2012 - 03:00 PM

My computer locked up during re-boot. I powered off and back on but wanted the experts to help me run through some scans to make sure the computer is safe.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:27 PM

Posted 13 November 2012 - 09:35 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 226 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 14 November 2012 - 01:39 PM

10:52:50.0550 5420 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:52:51.0006 5420 ============================================================
10:52:51.0006 5420 Current date / time: 2012/11/14 10:52:51.0006
10:52:51.0006 5420 SystemInfo:
10:52:51.0006 5420
10:52:51.0006 5420 OS Version: 6.1.7601 ServicePack: 1.0
10:52:51.0006 5420 Product type: Workstation
10:52:51.0007 5420 ComputerName: GOLD-HP
10:52:51.0007 5420 UserName: Gold
10:52:51.0007 5420 Windows directory: C:\Windows
10:52:51.0007 5420 System windows directory: C:\Windows
10:52:51.0007 5420 Running under WOW64
10:52:51.0007 5420 Processor architecture: Intel x64
10:52:51.0007 5420 Number of processors: 4
10:52:51.0007 5420 Page size: 0x1000
10:52:51.0007 5420 Boot type: Normal boot
10:52:51.0007 5420 ============================================================
10:52:52.0907 5420 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:52:52.0917 5420 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1475000 (2794.52 Gb), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:52:52.0975 5420 ============================================================
10:52:52.0975 5420 \Device\Harddisk0\DR0:
10:52:52.0975 5420 MBR partitions:
10:52:52.0975 5420 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x35000
10:52:52.0975 5420 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x36E8E, BlocksNum 0x72B95182
10:52:52.0975 5420 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72BCC800, BlocksNum 0x1B39DB0
10:52:52.0975 5420 \Device\Harddisk1\DR1:
10:52:52.0976 5420 MBR partitions:
10:52:52.0976 5420 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2BAA0A20
10:52:52.0976 5420 ============================================================
10:52:53.0017 5420 C: <-> \Device\Harddisk0\DR0\Partition2
10:52:53.0060 5420 D: <-> \Device\Harddisk0\DR0\Partition3
10:52:53.0076 5420 K: <-> \Device\Harddisk1\DR1\Partition1
10:52:53.0076 5420 ============================================================
10:52:53.0076 5420 Initialize success
10:52:53.0076 5420 ============================================================
10:53:06.0035 5804 ============================================================
10:53:06.0035 5804 Scan started
10:53:06.0035 5804 Mode: Manual; TDLFS;
10:53:06.0036 5804 ============================================================
10:53:06.0758 5804 ================ Scan system memory ========================
10:53:06.0759 5804 System memory - ok
10:53:06.0759 5804 ================ Scan services =============================
10:53:07.0090 5804 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:53:07.0097 5804 1394ohci - ok
10:53:07.0140 5804 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:53:07.0148 5804 ACPI - ok
10:53:07.0181 5804 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:53:07.0183 5804 AcpiPmi - ok
10:53:07.0302 5804 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:53:07.0305 5804 AdobeARMservice - ok
10:53:07.0406 5804 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:07.0412 5804 AdobeFlashPlayerUpdateSvc - ok
10:53:07.0464 5804 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:53:07.0470 5804 adp94xx - ok
10:53:07.0482 5804 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:53:07.0488 5804 adpahci - ok
10:53:07.0499 5804 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:53:07.0502 5804 adpu320 - ok
10:53:07.0533 5804 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:53:07.0535 5804 AeLookupSvc - ok
10:53:07.0591 5804 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:53:07.0601 5804 AFD - ok
10:53:07.0624 5804 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:53:07.0627 5804 agp440 - ok
10:53:07.0649 5804 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:53:07.0653 5804 ALG - ok
10:53:07.0678 5804 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:53:07.0681 5804 aliide - ok
10:53:07.0719 5804 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:53:07.0725 5804 AMD External Events Utility - ok
10:53:07.0797 5804 AMD FUEL Service - ok
10:53:07.0822 5804 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:53:07.0824 5804 amdide - ok
10:53:07.0860 5804 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
10:53:07.0862 5804 amdiox64 - ok
10:53:07.0877 5804 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:53:07.0879 5804 AmdK8 - ok
10:53:08.0361 5804 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:53:08.0545 5804 amdkmdag - ok
10:53:08.0577 5804 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:53:08.0582 5804 amdkmdap - ok
10:53:08.0615 5804 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:53:08.0617 5804 AmdPPM - ok
10:53:08.0638 5804 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:53:08.0641 5804 amdsata - ok
10:53:08.0654 5804 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:53:08.0657 5804 amdsbs - ok
10:53:08.0669 5804 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:53:08.0670 5804 amdxata - ok
10:53:08.0690 5804 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
10:53:08.0691 5804 amd_sata - ok
10:53:08.0730 5804 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
10:53:08.0733 5804 amd_xata - ok
10:53:08.0775 5804 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:53:08.0779 5804 AODDriver4.0 - ok
10:53:08.0800 5804 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:53:08.0801 5804 AODDriver4.01 - ok
10:53:08.0819 5804 [ 5A528A540B1AEE8B1C77ED65094E8CDF ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:53:08.0820 5804 AODDriver4.2 - ok
10:53:08.0863 5804 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:53:08.0865 5804 AppID - ok
10:53:08.0890 5804 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:53:08.0893 5804 AppIDSvc - ok
10:53:08.0925 5804 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:53:08.0927 5804 Appinfo - ok
10:53:09.0009 5804 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:53:09.0012 5804 Apple Mobile Device - ok
10:53:09.0027 5804 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
10:53:09.0029 5804 arc - ok
10:53:09.0040 5804 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:53:09.0043 5804 arcsas - ok
10:53:09.0122 5804 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:53:09.0177 5804 aspnet_state - ok
10:53:09.0214 5804 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:53:09.0217 5804 AsyncMac - ok
10:53:09.0261 5804 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:53:09.0264 5804 atapi - ok
10:53:09.0315 5804 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:53:09.0319 5804 AtiHDAudioService - ok
10:53:09.0346 5804 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
10:53:09.0349 5804 AtiPcie - ok
10:53:09.0388 5804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:53:09.0397 5804 AudioEndpointBuilder - ok
10:53:09.0408 5804 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:53:09.0416 5804 AudioSrv - ok
10:53:09.0439 5804 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:53:09.0441 5804 AxInstSV - ok
10:53:09.0461 5804 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:53:09.0468 5804 b06bdrv - ok
10:53:09.0479 5804 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:53:09.0483 5804 b57nd60a - ok
10:53:09.0619 5804 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
10:53:09.0624 5804 BBSvc - ok
10:53:09.0667 5804 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
10:53:09.0670 5804 BBUpdate - ok
10:53:09.0704 5804 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:53:09.0706 5804 BDESVC - ok
10:53:09.0722 5804 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:53:09.0724 5804 Beep - ok
10:53:09.0768 5804 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:53:09.0777 5804 BFE - ok
10:53:09.0850 5804 [ 1B63F2B7CA6B5290CC124CDD07520BC9 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
10:53:09.0853 5804 BingDesktopUpdate - ok
10:53:09.0893 5804 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:53:09.0915 5804 BITS - ok
10:53:09.0957 5804 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:53:09.0978 5804 blbdrive - ok
10:53:10.0137 5804 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:53:10.0147 5804 Bonjour Service - ok
10:53:10.0228 5804 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:53:10.0242 5804 bowser - ok
10:53:10.0265 5804 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:53:10.0268 5804 BrFiltLo - ok
10:53:10.0282 5804 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:53:10.0283 5804 BrFiltUp - ok
10:53:10.0314 5804 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:53:10.0316 5804 Browser - ok
10:53:10.0331 5804 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:53:10.0336 5804 Brserid - ok
10:53:10.0346 5804 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:53:10.0347 5804 BrSerWdm - ok
10:53:10.0361 5804 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:53:10.0362 5804 BrUsbMdm - ok
10:53:10.0366 5804 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:53:10.0367 5804 BrUsbSer - ok
10:53:10.0385 5804 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:53:10.0387 5804 BTHMODEM - ok
10:53:10.0434 5804 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:53:10.0436 5804 bthserv - ok
10:53:10.0645 5804 [ 5B183E26AFE185DE1436479D217154B3 ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
10:53:10.0773 5804 CarboniteService - ok
10:53:10.0800 5804 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:53:10.0802 5804 cdfs - ok
10:53:10.0844 5804 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:53:10.0848 5804 cdrom - ok
10:53:10.0873 5804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:53:10.0877 5804 CertPropSvc - ok
10:53:10.0888 5804 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:53:10.0891 5804 circlass - ok
10:53:10.0913 5804 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:53:10.0918 5804 CLFS - ok
10:53:10.0985 5804 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:11.0062 5804 clr_optimization_v2.0.50727_32 - ok
10:53:11.0105 5804 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:53:11.0113 5804 clr_optimization_v2.0.50727_64 - ok
10:53:11.0193 5804 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:53:11.0310 5804 clr_optimization_v4.0.30319_32 - ok
10:53:11.0344 5804 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:53:11.0389 5804 clr_optimization_v4.0.30319_64 - ok
10:53:11.0430 5804 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:53:11.0432 5804 CmBatt - ok
10:53:11.0452 5804 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:53:11.0453 5804 cmdide - ok
10:53:11.0493 5804 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
10:53:11.0499 5804 CNG - ok
10:53:11.0520 5804 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:53:11.0522 5804 Compbatt - ok
10:53:11.0551 5804 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:53:11.0553 5804 CompositeBus - ok
10:53:11.0570 5804 COMSysApp - ok
10:53:11.0583 5804 [ A398ED024F739E7BE74ECFFA8A713A89 ] CpqDfw C:\Windows\system32\drivers\CpqDfw.sys
10:53:11.0584 5804 CpqDfw - ok
10:53:11.0590 5804 [ 10FB0FF62AF6262BF88E3607E2AE2A69 ] cqcpu C:\Windows\system32\drivers\cqcpu.sys
10:53:11.0591 5804 cqcpu - ok
10:53:11.0596 5804 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:53:11.0597 5804 crcdisk - ok
10:53:11.0644 5804 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:53:11.0646 5804 CryptSvc - ok
10:53:11.0696 5804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:53:11.0709 5804 DcomLaunch - ok
10:53:11.0760 5804 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:53:11.0764 5804 defragsvc - ok
10:53:11.0786 5804 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:53:11.0789 5804 DfsC - ok
10:53:11.0803 5804 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:53:11.0834 5804 Dhcp - ok
10:53:11.0874 5804 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:53:11.0874 5804 discache - ok
10:53:11.0898 5804 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:53:11.0900 5804 Disk - ok
10:53:11.0927 5804 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:53:11.0930 5804 Dnscache - ok
10:53:11.0956 5804 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:53:11.0959 5804 dot3svc - ok
10:53:11.0984 5804 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:53:11.0986 5804 DPS - ok
10:53:12.0016 5804 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:53:12.0018 5804 drmkaud - ok
10:53:12.0114 5804 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:53:12.0134 5804 DXGKrnl - ok
10:53:12.0167 5804 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:53:12.0172 5804 EapHost - ok
10:53:12.0315 5804 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:53:12.0433 5804 ebdrv - ok
10:53:12.0469 5804 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:53:12.0472 5804 EFS - ok
10:53:12.0508 5804 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:53:12.0519 5804 ehRecvr - ok
10:53:12.0552 5804 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:53:12.0555 5804 ehSched - ok
10:53:12.0591 5804 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:53:12.0599 5804 elxstor - ok
10:53:12.0646 5804 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:53:12.0649 5804 ErrDev - ok
10:53:12.0687 5804 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:53:12.0693 5804 EventSystem - ok
10:53:12.0707 5804 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:53:12.0710 5804 exfat - ok
10:53:12.0720 5804 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:53:12.0724 5804 fastfat - ok
10:53:12.0798 5804 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:53:12.0833 5804 Fax - ok
10:53:13.0008 5804 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:53:13.0011 5804 fdc - ok
10:53:13.0087 5804 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:53:13.0122 5804 fdPHost - ok
10:53:13.0168 5804 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:53:13.0214 5804 FDResPub - ok
10:53:13.0240 5804 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:53:13.0243 5804 FileInfo - ok
10:53:13.0253 5804 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:53:13.0256 5804 Filetrace - ok
10:53:13.0277 5804 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:53:13.0279 5804 flpydisk - ok
10:53:13.0310 5804 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:53:13.0315 5804 FltMgr - ok
10:53:13.0370 5804 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:53:13.0398 5804 FontCache - ok
10:53:13.0435 5804 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:53:13.0437 5804 FontCache3.0.0.0 - ok
10:53:13.0442 5804 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:53:13.0444 5804 FsDepends - ok
10:53:13.0485 5804 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:53:13.0489 5804 Fs_Rec - ok
10:53:13.0509 5804 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:53:13.0514 5804 fvevol - ok
10:53:13.0536 5804 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:53:13.0539 5804 gagp30kx - ok
10:53:13.0606 5804 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
10:53:13.0614 5804 GameConsoleService - ok
10:53:13.0639 5804 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:53:13.0642 5804 GEARAspiWDM - ok
10:53:13.0679 5804 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:53:13.0697 5804 gpsvc - ok
10:53:13.0802 5804 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:13.0805 5804 gupdate - ok
10:53:13.0832 5804 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:53:13.0835 5804 gupdatem - ok
10:53:13.0873 5804 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:53:13.0879 5804 gusvc - ok
10:53:13.0895 5804 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:53:13.0898 5804 hcw85cir - ok
10:53:13.0940 5804 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:53:13.0950 5804 HdAudAddService - ok
10:53:14.0008 5804 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:53:14.0012 5804 HDAudBus - ok
10:53:14.0032 5804 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:53:14.0034 5804 HidBatt - ok
10:53:14.0057 5804 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:53:14.0060 5804 HidBth - ok
10:53:14.0066 5804 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:53:14.0068 5804 HidIr - ok
10:53:14.0096 5804 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:53:14.0098 5804 hidserv - ok
10:53:14.0110 5804 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:53:14.0112 5804 HidUsb - ok
10:53:14.0135 5804 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:53:14.0139 5804 hkmsvc - ok
10:53:14.0160 5804 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:53:14.0164 5804 HomeGroupListener - ok
10:53:14.0181 5804 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:53:14.0185 5804 HomeGroupProvider - ok
10:53:14.0267 5804 [ F90DD89E8A482AC976DD4E1029802E49 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
10:53:14.0353 5804 HP LaserJet Service - ok
10:53:14.0439 5804 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
10:53:14.0441 5804 HP Support Assistant Service - ok
10:53:14.0472 5804 [ 0570A17A2E5001B97E20C15B4FC516AE ] HP1210FAX C:\Windows\system32\Drivers\HPM1210FAX.sys
10:53:14.0474 5804 HP1210FAX - ok
10:53:14.0512 5804 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
10:53:14.0516 5804 HPClientSvc - ok
10:53:14.0556 5804 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
10:53:14.0559 5804 HPDrvMntSvc.exe - ok
10:53:14.0642 5804 [ F8F686D62121549377D9E1CDF6BC3441 ] HPM1210RcvFaxSrvc C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
10:53:14.0650 5804 HPM1210RcvFaxSrvc - ok
10:53:14.0701 5804 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
10:53:14.0719 5804 hpqwmiex - ok
10:53:14.0780 5804 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:53:14.0789 5804 HpSAMD - ok
10:53:14.0834 5804 [ 4E9CAE3200A46135DE01CE22BAF832BE ] HPSIService C:\Windows\system32\HPSIsvc.exe
10:53:14.0842 5804 HPSIService - ok
10:53:14.0926 5804 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:53:14.0954 5804 HTTP - ok
10:53:14.0976 5804 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:53:14.0978 5804 hwpolicy - ok
10:53:15.0017 5804 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:53:15.0021 5804 i8042prt - ok
10:53:15.0084 5804 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:53:15.0095 5804 iaStorV - ok
10:53:15.0153 5804 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:53:15.0158 5804 IDriverT - ok
10:53:15.0228 5804 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:53:15.0248 5804 idsvc - ok
10:53:15.0278 5804 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:53:15.0280 5804 iirsp - ok
10:53:15.0309 5804 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:53:15.0321 5804 IKEEXT - ok
10:53:15.0404 5804 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:53:15.0449 5804 IntcAzAudAddService - ok
10:53:15.0471 5804 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:53:15.0473 5804 intelide - ok
10:53:15.0499 5804 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:53:15.0501 5804 intelppm - ok
10:53:15.0587 5804 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
10:53:15.0589 5804 IntuitUpdateServiceV4 - ok
10:53:15.0626 5804 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:53:15.0629 5804 IPBusEnum - ok
10:53:15.0655 5804 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:53:15.0657 5804 IpFilterDriver - ok
10:53:15.0696 5804 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:53:15.0703 5804 iphlpsvc - ok
10:53:15.0726 5804 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:53:15.0728 5804 IPMIDRV - ok
10:53:15.0744 5804 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:53:15.0746 5804 IPNAT - ok
10:53:15.0820 5804 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:53:15.0833 5804 iPod Service - ok
10:53:15.0843 5804 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:53:15.0844 5804 IRENUM - ok
10:53:15.0863 5804 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:53:15.0865 5804 isapnp - ok
10:53:15.0886 5804 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:53:15.0890 5804 iScsiPrt - ok
10:53:15.0926 5804 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:53:15.0928 5804 kbdclass - ok
10:53:15.0939 5804 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:53:15.0940 5804 kbdhid - ok
10:53:15.0949 5804 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:53:15.0950 5804 KeyIso - ok
10:53:15.0984 5804 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:53:15.0986 5804 KSecDD - ok
10:53:16.0023 5804 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:53:16.0026 5804 KSecPkg - ok
10:53:16.0041 5804 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:53:16.0044 5804 ksthunk - ok
10:53:16.0083 5804 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:53:16.0091 5804 KtmRm - ok
10:53:16.0140 5804 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:53:16.0145 5804 LanmanServer - ok
10:53:16.0158 5804 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:53:16.0162 5804 LanmanWorkstation - ok
10:53:16.0202 5804 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
10:53:16.0267 5804 LightScribeService - ok
10:53:16.0318 5804 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:53:16.0321 5804 lltdio - ok
10:53:16.0364 5804 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:53:16.0373 5804 lltdsvc - ok
10:53:16.0397 5804 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:53:16.0400 5804 lmhosts - ok
10:53:16.0505 5804 [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
10:53:16.0513 5804 LMIGuardianSvc - ok
10:53:16.0568 5804 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
10:53:16.0571 5804 LMIInfo - ok
10:53:16.0592 5804 [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
10:53:16.0749 5804 LMIMaint - ok
10:53:16.0795 5804 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
10:53:16.0797 5804 lmimirr - ok
10:53:16.0801 5804 LMIRfsClientNP - ok
10:53:16.0820 5804 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
10:53:16.0822 5804 LMIRfsDriver - ok
10:53:16.0860 5804 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
10:53:16.0869 5804 LogMeIn - ok
10:53:16.0914 5804 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:53:16.0917 5804 LSI_FC - ok
10:53:16.0952 5804 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:53:16.0956 5804 LSI_SAS - ok
10:53:16.0968 5804 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:53:16.0970 5804 LSI_SAS2 - ok
10:53:16.0976 5804 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:53:16.0979 5804 LSI_SCSI - ok
10:53:17.0016 5804 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:53:17.0020 5804 luafv - ok
10:53:17.0057 5804 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:53:17.0069 5804 Mcx2Svc - ok
10:53:17.0082 5804 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:53:17.0085 5804 megasas - ok
10:53:17.0100 5804 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:53:17.0104 5804 MegaSR - ok
10:53:17.0154 5804 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:53:17.0157 5804 MMCSS - ok
10:53:17.0174 5804 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:53:17.0176 5804 Modem - ok
10:53:17.0206 5804 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:53:17.0208 5804 monitor - ok
10:53:17.0250 5804 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:53:17.0252 5804 mouclass - ok
10:53:17.0275 5804 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:53:17.0277 5804 mouhid - ok
10:53:17.0292 5804 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:53:17.0294 5804 mountmgr - ok
10:53:17.0352 5804 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:53:17.0358 5804 MozillaMaintenance - ok
10:53:17.0422 5804 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:53:17.0425 5804 MpFilter - ok
10:53:17.0445 5804 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:53:17.0449 5804 mpio - ok
10:53:17.0455 5804 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:53:17.0457 5804 mpsdrv - ok
10:53:17.0498 5804 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:53:17.0510 5804 MpsSvc - ok
10:53:17.0532 5804 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:53:17.0536 5804 MRxDAV - ok
10:53:17.0569 5804 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:53:17.0573 5804 mrxsmb - ok
10:53:17.0596 5804 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:53:17.0600 5804 mrxsmb10 - ok
10:53:17.0607 5804 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:53:17.0610 5804 mrxsmb20 - ok
10:53:17.0626 5804 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:53:17.0628 5804 msahci - ok
10:53:17.0644 5804 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:53:17.0647 5804 msdsm - ok
10:53:17.0662 5804 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:53:17.0665 5804 MSDTC - ok
10:53:17.0787 5804 [ 0171827668F8DDC5C7E740E26DCAB6DD ] MsDtsServer100 C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
10:53:17.0793 5804 MsDtsServer100 - ok
10:53:17.0810 5804 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:53:17.0813 5804 Msfs - ok
10:53:17.0831 5804 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:53:17.0832 5804 mshidkmdf - ok
10:53:17.0853 5804 MSICDSetup - ok
10:53:17.0879 5804 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:53:17.0881 5804 msisadrv - ok
10:53:17.0931 5804 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:53:17.0935 5804 MSiSCSI - ok
10:53:17.0940 5804 msiserver - ok
10:53:17.0971 5804 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:53:17.0973 5804 MSKSSRV - ok
10:53:18.0065 5804 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:53:18.0067 5804 MsMpSvc - ok
10:53:18.0090 5804 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:53:18.0092 5804 MSPCLOCK - ok
10:53:18.0157 5804 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:53:18.0160 5804 MSPQM - ok
10:53:18.0200 5804 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:53:18.0210 5804 MsRPC - ok
10:53:18.0267 5804 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:53:18.0269 5804 mssmbios - ok
10:53:18.0344 5804 [ AA511EB28672011A1D832F73E302F0A0 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
10:53:18.0347 5804 MSSQLFDLauncher - ok
10:53:18.0367 5804 MSSQLSERVER - ok
10:53:18.0436 5804 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:53:18.0440 5804 MSSQLServerADHelper100 - ok
10:53:18.0551 5804 MSSQLServerOLAPService - ok
10:53:18.0575 5804 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:53:18.0578 5804 MSTEE - ok
10:53:18.0595 5804 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:53:18.0598 5804 MTConfig - ok
10:53:18.0626 5804 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:53:18.0628 5804 Mup - ok
10:53:18.0666 5804 [ 09818558C2579B45D78AB18A759B0CA8 ] mvusbews C:\Windows\system32\Drivers\mvusbews.sys
10:53:18.0668 5804 mvusbews - ok
10:53:18.0693 5804 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:53:18.0701 5804 napagent - ok
10:53:18.0737 5804 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:53:18.0742 5804 NativeWifiP - ok
10:53:18.0790 5804 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:53:18.0801 5804 NDIS - ok
10:53:18.0828 5804 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:53:18.0830 5804 NdisCap - ok
10:53:18.0853 5804 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:53:18.0855 5804 NdisTapi - ok
10:53:18.0886 5804 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:53:18.0890 5804 Ndisuio - ok
10:53:18.0917 5804 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:53:18.0933 5804 NdisWan - ok
10:53:18.0959 5804 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:53:18.0961 5804 NDProxy - ok
10:53:18.0996 5804 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:53:18.0998 5804 NetBIOS - ok
10:53:19.0017 5804 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:53:19.0039 5804 NetBT - ok
10:53:19.0151 5804 [ 8ECAE76DEE3765986573D45E283117EA ] NetgearUDSMBus C:\Windows\syswow64\Drivers\NetgearUDSMBus.sys
10:53:19.0155 5804 NetgearUDSMBus - ok
10:53:19.0191 5804 [ 12855C2B86A14CB5EC8BAE706E0BCF15 ] NetgearUDSTcpBus C:\Windows\syswow64\Drivers\NetgearUDSTcpBus.sys
10:53:19.0195 5804 NetgearUDSTcpBus - ok
10:53:19.0221 5804 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:53:19.0223 5804 Netlogon - ok
10:53:19.0273 5804 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:53:19.0279 5804 Netman - ok
10:53:19.0317 5804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:19.0341 5804 NetMsmqActivator - ok
10:53:19.0350 5804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:19.0354 5804 NetPipeActivator - ok
10:53:19.0400 5804 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:53:19.0413 5804 netprofm - ok
10:53:19.0479 5804 [ 31609B481CC202BFB441E37FEBCDEA05 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
10:53:19.0515 5804 netr28x - ok
10:53:19.0521 5804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:19.0522 5804 NetTcpActivator - ok
10:53:19.0528 5804 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:53:19.0529 5804 NetTcpPortSharing - ok
10:53:19.0568 5804 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:53:19.0571 5804 nfrd960 - ok
10:53:19.0631 5804 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:53:19.0636 5804 NisDrv - ok
10:53:19.0705 5804 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
10:53:19.0713 5804 NisSrv - ok
10:53:19.0735 5804 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:53:19.0745 5804 NlaSvc - ok
10:53:19.0801 5804 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
10:53:19.0805 5804 NPF - ok
10:53:19.0822 5804 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:53:19.0825 5804 Npfs - ok
10:53:19.0847 5804 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:53:19.0849 5804 nsi - ok
10:53:19.0859 5804 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:53:19.0859 5804 nsiproxy - ok
10:53:19.0935 5804 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:53:19.0980 5804 Ntfs - ok
10:53:20.0056 5804 [ 0D06C5CEDA9670BAB363F08639483B99 ] ntop C:\Program Files (x86)\ntop-Win32\ntop.exe
10:53:20.0147 5804 ntop - ok
10:53:20.0164 5804 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:53:20.0165 5804 Null - ok
10:53:20.0191 5804 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
10:53:20.0193 5804 nusb3hub - ok
10:53:20.0243 5804 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
10:53:20.0248 5804 nusb3xhc - ok
10:53:20.0286 5804 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:53:20.0290 5804 nvraid - ok
10:53:20.0315 5804 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:53:20.0319 5804 nvstor - ok
10:53:20.0343 5804 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:53:20.0347 5804 nv_agp - ok
10:53:20.0373 5804 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:53:20.0375 5804 ohci1394 - ok
10:53:20.0415 5804 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:53:20.0419 5804 ose - ok
10:53:20.0443 5804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:53:20.0449 5804 p2pimsvc - ok
10:53:20.0463 5804 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:53:20.0470 5804 p2psvc - ok
10:53:20.0489 5804 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:53:20.0493 5804 Parport - ok
10:53:20.0529 5804 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:53:20.0533 5804 partmgr - ok
10:53:20.0545 5804 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:53:20.0549 5804 PcaSvc - ok
10:53:20.0564 5804 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:53:20.0567 5804 pci - ok
10:53:20.0594 5804 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:53:20.0596 5804 pciide - ok
10:53:20.0616 5804 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:53:20.0621 5804 pcmcia - ok
10:53:20.0634 5804 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:53:20.0636 5804 pcw - ok
10:53:20.0676 5804 pdfcDispatcher - ok
10:53:20.0747 5804 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:53:20.0764 5804 PEAUTH - ok
10:53:20.0801 5804 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:53:20.0803 5804 PerfHost - ok
10:53:20.0877 5804 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:53:20.0928 5804 pla - ok
10:53:20.0966 5804 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:53:20.0971 5804 PlugPlay - ok
10:53:20.0982 5804 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:53:20.0984 5804 PNRPAutoReg - ok
10:53:20.0991 5804 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:53:20.0993 5804 PNRPsvc - ok
10:53:21.0013 5804 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:53:21.0018 5804 PolicyAgent - ok
10:53:21.0039 5804 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:53:21.0042 5804 Power - ok
10:53:21.0062 5804 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:53:21.0064 5804 PptpMiniport - ok
10:53:21.0081 5804 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:53:21.0083 5804 Processor - ok
10:53:21.0119 5804 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:53:21.0122 5804 ProfSvc - ok
10:53:21.0136 5804 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:53:21.0137 5804 ProtectedStorage - ok
10:53:21.0177 5804 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:53:21.0178 5804 Psched - ok
10:53:21.0271 5804 [ 31C01072252BAD768D583957C518F9F9 ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
10:53:21.0309 5804 QBCFMonitorService - ok
10:53:21.0394 5804 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
10:53:21.0398 5804 QBFCService - ok
10:53:21.0503 5804 [ 0C7B65C8743442A37152FCFAC5F7D16A ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
10:53:21.0555 5804 QBVSS - ok
10:53:21.0592 5804 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:53:21.0618 5804 ql2300 - ok
10:53:21.0629 5804 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:53:21.0631 5804 ql40xx - ok
10:53:21.0694 5804 QuickBooksDB23 - ok
10:53:21.0720 5804 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:53:21.0729 5804 QWAVE - ok
10:53:21.0739 5804 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:53:21.0742 5804 QWAVEdrv - ok
10:53:21.0828 5804 [ F4C083E290BCBC8DA05C6E2C7F8053B9 ] RalinkRegistryWriter C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
10:53:22.0011 5804 RalinkRegistryWriter - ok
10:53:22.0042 5804 [ C3B515559046A89BB0E0F2CEEF73CABC ] RalinkRegistryWriter64 C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
10:53:22.0133 5804 RalinkRegistryWriter64 - ok
10:53:22.0168 5804 [ ACCFA0846D9C7BD6A9F506982B812A5C ] RaMediaServer C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
10:53:22.0366 5804 RaMediaServer - ok
10:53:22.0399 5804 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:53:22.0401 5804 RasAcd - ok
10:53:22.0441 5804 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:53:22.0451 5804 RasAgileVpn - ok
10:53:22.0473 5804 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:53:22.0479 5804 RasAuto - ok
10:53:22.0509 5804 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:53:22.0512 5804 Rasl2tp - ok
10:53:22.0533 5804 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:53:22.0539 5804 RasMan - ok
10:53:22.0559 5804 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:53:22.0561 5804 RasPppoe - ok
10:53:22.0576 5804 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:53:22.0579 5804 RasSstp - ok
10:53:22.0597 5804 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:53:22.0603 5804 rdbss - ok
10:53:22.0619 5804 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:53:22.0621 5804 rdpbus - ok
10:53:22.0635 5804 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:53:22.0635 5804 RDPCDD - ok
10:53:22.0671 5804 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:53:22.0672 5804 RDPENCDD - ok
10:53:22.0685 5804 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:53:22.0686 5804 RDPREFMP - ok
10:53:22.0720 5804 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:53:22.0722 5804 RdpVideoMiniport - ok
10:53:22.0758 5804 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:53:22.0761 5804 RDPWD - ok
10:53:22.0793 5804 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:53:22.0798 5804 rdyboost - ok
10:53:22.0822 5804 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:53:22.0825 5804 RemoteAccess - ok
10:53:22.0843 5804 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:53:22.0848 5804 RemoteRegistry - ok
10:53:22.0994 5804 [ B08D6B6785B947FC97F18027A7A88F86 ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
10:53:23.0048 5804 ReportServer - ok
10:53:23.0131 5804 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
10:53:23.0141 5804 RoxioNow Service - ok
10:53:23.0184 5804 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
10:53:23.0189 5804 rpcapd - ok
10:53:23.0225 5804 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:53:23.0231 5804 RpcEptMapper - ok
10:53:23.0256 5804 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:53:23.0265 5804 RpcLocator - ok
10:53:23.0343 5804 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:53:23.0352 5804 RpcSs - ok
10:53:23.0427 5804 [ C606C5F712A3761896CEFFA4AF6B1268 ] RsFx0151 C:\Windows\system32\DRIVERS\RsFx0151.sys
10:53:23.0474 5804 RsFx0151 - ok
10:53:23.0567 5804 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:53:23.0569 5804 rspndr - ok
10:53:23.0600 5804 [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:53:23.0624 5804 RTL8167 - ok
10:53:23.0641 5804 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:53:23.0643 5804 SamSs - ok
10:53:23.0668 5804 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:53:23.0671 5804 sbp2port - ok
10:53:23.0688 5804 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:53:23.0693 5804 SCardSvr - ok
10:53:23.0724 5804 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:53:23.0726 5804 scfilter - ok
10:53:23.0764 5804 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:53:23.0791 5804 Schedule - ok
10:53:23.0809 5804 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:53:23.0810 5804 SCPolicySvc - ok
10:53:23.0842 5804 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:53:23.0847 5804 SDRSVC - ok
10:53:23.0867 5804 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:53:23.0869 5804 secdrv - ok
10:53:23.0889 5804 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:53:23.0893 5804 seclogon - ok
10:53:23.0913 5804 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:53:23.0916 5804 SENS - ok
10:53:23.0934 5804 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:53:23.0937 5804 SensrSvc - ok
10:53:23.0976 5804 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:53:23.0978 5804 Serenum - ok
10:53:23.0989 5804 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:53:23.0992 5804 Serial - ok
10:53:24.0005 5804 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:53:24.0007 5804 sermouse - ok
10:53:24.0044 5804 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:53:24.0048 5804 SessionEnv - ok
10:53:24.0078 5804 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:53:24.0080 5804 sffdisk - ok
10:53:24.0094 5804 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:53:24.0096 5804 sffp_mmc - ok
10:53:24.0101 5804 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:53:24.0102 5804 sffp_sd - ok
10:53:24.0110 5804 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:53:24.0112 5804 sfloppy - ok
10:53:24.0148 5804 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:53:24.0153 5804 SharedAccess - ok
10:53:24.0175 5804 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:53:24.0182 5804 ShellHWDetection - ok
10:53:24.0201 5804 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:53:24.0203 5804 SiSRaid2 - ok
10:53:24.0213 5804 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:53:24.0215 5804 SiSRaid4 - ok
10:53:24.0251 5804 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:53:24.0254 5804 Smb - ok
10:53:24.0287 5804 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:53:24.0290 5804 SNMPTRAP - ok
10:53:24.0303 5804 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:53:24.0305 5804 spldr - ok
10:53:24.0389 5804 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:53:24.0406 5804 Spooler - ok
10:53:24.0501 5804 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:53:24.0593 5804 sppsvc - ok
10:53:24.0631 5804 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:53:24.0634 5804 sppuinotify - ok
10:53:24.0707 5804 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:53:24.0715 5804 SQLBrowser - ok
10:53:24.0786 5804 [ A99D9DCA14281E0B787501CAE4D995E0 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
10:53:24.0801 5804 SQLSERVERAGENT - ok
10:53:24.0906 5804 [ F98DDFBFE0EE66D4C4B00693512B9527 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:53:24.0910 5804 SQLWriter - ok
10:53:24.0958 5804 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:53:24.0970 5804 srv - ok
10:53:24.0988 5804 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:53:24.0998 5804 srv2 - ok
10:53:25.0006 5804 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:53:25.0009 5804 srvnet - ok
10:53:25.0047 5804 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:53:25.0051 5804 SSDPSRV - ok
10:53:25.0063 5804 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:53:25.0067 5804 SstpSvc - ok
10:53:25.0096 5804 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:53:25.0098 5804 stexstor - ok
10:53:25.0142 5804 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:53:25.0151 5804 stisvc - ok
10:53:25.0164 5804 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:53:25.0166 5804 swenum - ok
10:53:25.0185 5804 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:53:25.0193 5804 swprv - ok
10:53:25.0237 5804 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:53:25.0272 5804 SysMain - ok
10:53:25.0286 5804 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:53:25.0293 5804 TabletInputService - ok
10:53:25.0319 5804 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:53:25.0325 5804 TapiSrv - ok
10:53:25.0338 5804 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:53:25.0341 5804 TBS - ok
10:53:25.0432 5804 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:53:25.0468 5804 Tcpip - ok
10:53:25.0511 5804 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:53:25.0520 5804 TCPIP6 - ok
10:53:25.0568 5804 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:53:25.0581 5804 tcpipreg - ok
10:53:25.0596 5804 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:53:25.0598 5804 TDPIPE - ok
10:53:25.0630 5804 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:53:25.0632 5804 TDTCP - ok
10:53:25.0661 5804 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:53:25.0665 5804 tdx - ok
10:53:25.0682 5804 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:53:25.0686 5804 TermDD - ok
10:53:25.0717 5804 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:53:25.0736 5804 TermService - ok
10:53:25.0754 5804 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:53:25.0757 5804 Themes - ok
10:53:25.0779 5804 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:53:25.0781 5804 THREADORDER - ok
10:53:25.0795 5804 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:53:25.0798 5804 TrkWks - ok
10:53:25.0831 5804 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:53:25.0833 5804 TrustedInstaller - ok
10:53:25.0850 5804 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:53:25.0852 5804 tssecsrv - ok
10:53:25.0882 5804 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:53:25.0885 5804 TsUsbFlt - ok
10:53:25.0917 5804 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:53:25.0920 5804 tunnel - ok
10:53:25.0937 5804 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:53:25.0939 5804 uagp35 - ok
10:53:25.0956 5804 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:53:25.0963 5804 udfs - ok
10:53:25.0985 5804 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:53:25.0989 5804 UI0Detect - ok
10:53:26.0006 5804 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:53:26.0008 5804 uliagpkx - ok
10:53:26.0032 5804 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
10:53:26.0034 5804 umbus - ok
10:53:26.0050 5804 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:53:26.0052 5804 UmPass - ok
10:53:26.0070 5804 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:53:26.0076 5804 upnphost - ok
10:53:26.0123 5804 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:53:26.0150 5804 USBAAPL64 - ok
10:53:26.0200 5804 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:53:26.0205 5804 usbccgp - ok
10:53:26.0230 5804 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:53:26.0234 5804 usbcir - ok
10:53:26.0274 5804 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:53:26.0292 5804 usbehci - ok
10:53:26.0324 5804 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
10:53:26.0334 5804 usbfilter - ok
10:53:26.0344 5804 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:53:26.0349 5804 usbhub - ok
10:53:26.0359 5804 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:53:26.0362 5804 usbohci - ok
10:53:26.0387 5804 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:53:26.0389 5804 usbprint - ok
10:53:26.0428 5804 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:53:26.0430 5804 usbscan - ok
10:53:26.0455 5804 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:53:26.0458 5804 USBSTOR - ok
10:53:26.0477 5804 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:53:26.0479 5804 usbuhci - ok
10:53:26.0492 5804 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:53:26.0496 5804 UxSms - ok
10:53:26.0505 5804 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:53:26.0506 5804 VaultSvc - ok
10:53:26.0523 5804 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:53:26.0524 5804 vdrvroot - ok
10:53:26.0557 5804 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:53:26.0568 5804 vds - ok
10:53:26.0579 5804 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:53:26.0581 5804 vga - ok
10:53:26.0598 5804 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:53:26.0600 5804 VgaSave - ok
10:53:26.0615 5804 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:53:26.0621 5804 vhdmp - ok
10:53:26.0639 5804 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:53:26.0642 5804 viaide - ok
10:53:26.0660 5804 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:53:26.0662 5804 volmgr - ok
10:53:26.0689 5804 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:53:26.0704 5804 volmgrx - ok
10:53:26.0721 5804 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:53:26.0725 5804 volsnap - ok
10:53:26.0743 5804 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:53:26.0746 5804 vsmraid - ok
10:53:26.0795 5804 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:53:26.0819 5804 VSS - ok
10:53:26.0844 5804 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:53:26.0846 5804 vwifibus - ok
10:53:26.0883 5804 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:53:26.0887 5804 vwififlt - ok
10:53:26.0924 5804 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:53:26.0927 5804 vwifimp - ok
10:53:26.0964 5804 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:53:26.0977 5804 W32Time - ok
10:53:27.0135 5804 w4shwdrv - ok
10:53:27.0262 5804 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:53:27.0265 5804 WacomPen - ok
10:53:27.0310 5804 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:53:27.0316 5804 WANARP - ok
10:53:27.0325 5804 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:53:27.0327 5804 Wanarpv6 - ok
10:53:27.0383 5804 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:53:27.0410 5804 WatAdminSvc - ok
10:53:27.0461 5804 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:53:27.0496 5804 wbengine - ok
10:53:27.0512 5804 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:53:27.0517 5804 WbioSrvc - ok
10:53:27.0546 5804 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:53:27.0553 5804 wcncsvc - ok
10:53:27.0569 5804 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:53:27.0572 5804 WcsPlugInService - ok
10:53:27.0589 5804 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:53:27.0591 5804 Wd - ok
10:53:27.0636 5804 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
10:53:27.0638 5804 WDC_SAM - ok
10:53:27.0686 5804 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:53:27.0696 5804 Wdf01000 - ok
10:53:27.0712 5804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:53:27.0716 5804 WdiServiceHost - ok
10:53:27.0721 5804 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:53:27.0724 5804 WdiSystemHost - ok
10:53:27.0764 5804 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:53:27.0770 5804 WebClient - ok
10:53:27.0824 5804 [ 983AF1AD233E603420EAFFD9EC1B5139 ] WebDriveFSD C:\Program Files\WebDrive\wdfsd.sys
10:53:27.0881 5804 WebDriveFSD - ok
10:53:27.0936 5804 [ D3896C41AE72943C4D558B39A09A2328 ] WebDriveService C:\Program Files\WebDrive\wdService.exe
10:53:28.0176 5804 WebDriveService - ok
10:53:28.0207 5804 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:53:28.0224 5804 Wecsvc - ok
10:53:28.0255 5804 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:53:28.0267 5804 wercplsupport - ok
10:53:28.0295 5804 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:53:28.0302 5804 WerSvc - ok
10:53:28.0340 5804 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:53:28.0343 5804 WfpLwf - ok
10:53:28.0364 5804 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:53:28.0367 5804 WIMMount - ok
10:53:28.0393 5804 WinDefend - ok
10:53:28.0412 5804 WinHttpAutoProxySvc - ok
10:53:28.0472 5804 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:53:28.0476 5804 Winmgmt - ok
10:53:28.0528 5804 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:53:28.0573 5804 WinRM - ok
10:53:28.0758 5804 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:53:28.0760 5804 WinUsb - ok
10:53:28.0791 5804 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:53:28.0803 5804 Wlansvc - ok
10:53:28.0856 5804 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:53:28.0901 5804 wlidsvc - ok
10:53:28.0919 5804 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:53:28.0921 5804 WmiAcpi - ok
10:53:28.0943 5804 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:53:28.0947 5804 wmiApSrv - ok
10:53:28.0964 5804 WMPNetworkSvc - ok
10:53:28.0978 5804 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:53:28.0981 5804 WPCSvc - ok
10:53:29.0012 5804 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:53:29.0017 5804 WPDBusEnum - ok
10:53:29.0038 5804 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:53:29.0041 5804 ws2ifsl - ok
10:53:29.0058 5804 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:53:29.0062 5804 wscsvc - ok
10:53:29.0076 5804 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:53:29.0078 5804 WSDPrintDevice - ok
10:53:29.0083 5804 WSearch - ok
10:53:29.0172 5804 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:53:29.0213 5804 wuauserv - ok
10:53:29.0251 5804 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:53:29.0271 5804 WudfPf - ok
10:53:29.0295 5804 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:53:29.0321 5804 WUDFRd - ok
10:53:29.0340 5804 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:53:29.0371 5804 wudfsvc - ok
10:53:29.0396 5804 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:53:29.0401 5804 WwanSvc - ok
10:53:29.0414 5804 ================ Scan global ===============================
10:53:29.0438 5804 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:53:29.0478 5804 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:53:29.0496 5804 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
10:53:29.0524 5804 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:53:29.0540 5804 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:53:29.0546 5804 [Global] - ok
10:53:29.0546 5804 ================ Scan MBR ==================================
10:53:29.0560 5804 [ D3F3D406F47598575889AA4B8F8DD083 ] \Device\Harddisk0\DR0
10:53:29.0759 5804 \Device\Harddisk0\DR0 - ok
10:53:29.0784 5804 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:53:29.0864 5804 \Device\Harddisk1\DR1 - ok
10:53:29.0864 5804 ================ Scan VBR ==================================
10:53:29.0868 5804 [ 6A77AC194AC0B035DC34313033575C6F ] \Device\Harddisk0\DR0\Partition1
10:53:29.0870 5804 \Device\Harddisk0\DR0\Partition1 - ok
10:53:29.0881 5804 [ 1D9C33492D0E1E5AB12B72577ABC5D1B ] \Device\Harddisk0\DR0\Partition2
10:53:29.0883 5804 \Device\Harddisk0\DR0\Partition2 - ok
10:53:29.0911 5804 [ 4FD9E226A9E5A524E0136D57C72FBF46 ] \Device\Harddisk0\DR0\Partition3
10:53:29.0913 5804 \Device\Harddisk0\DR0\Partition3 - ok
10:53:29.0917 5804 [ C767694B8FCBE9B602DE7A352484D251 ] \Device\Harddisk1\DR1\Partition1
10:53:29.0919 5804 \Device\Harddisk1\DR1\Partition1 - ok
10:53:29.0919 5804 ============================================================
10:53:29.0919 5804 Scan finished
10:53:29.0919 5804 ============================================================
10:53:29.0934 4136 Detected object count: 0
10:53:29.0934 4136 Actual detected object count: 0


While running aswMBR, Microsoft Security Essentials reported:

Category: Exploit

Description: This program is dangerous and exploits the computer on which it is run.

Recommended action: Remove this software immediately.

Items:
containerfile:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b
containerfile:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b2E71D1A3
containerfile:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b94BBE5A0
containerfile:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b94BBE5A00895079A
file:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b->gradsnyrhrkmjrulrr/bjwwejhlcrkedh.class
file:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b2E71D1A3->gradsnyrhrkmjrulrr/bjwwejhlcrkedh.class
file:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b651F4330->gradsnyrhrkmjrulrr/bjwwejhlcrkedh.class
file:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b94BBE5A0->gradsnyrhrkmjrulrr/bjwwejhlcrkedh.class
file:C:\Users\Gold\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\c09eaec-58dd4e6b94BBE5A00895079A->gradsnyrhrkmjrulrr/bjwwejhlcrkedh.class

Get more information about this item online.

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-14 10:55:24
-----------------------------
10:55:24.332 OS Version: Windows x64 6.1.7601 Service Pack 1
10:55:24.332 Number of processors: 4 586 0x503
10:55:24.333 ComputerName: GOLD-HP UserName: Gold
10:55:30.734 Initialize success
10:56:30.283 AVAST engine defs: 12111400
10:57:08.842 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
10:57:08.847 Disk 0 Vendor: ST310005 HP35 Size: 953869MB BusType: 11
10:57:08.852 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000007b
10:57:08.858 Disk 1 Vendor: Size: 953869MB BusType: 0
10:57:08.899 Disk 0 MBR read successfully
10:57:08.906 Disk 0 MBR scan
10:57:08.920 Disk 0 unknown MBR code
10:57:08.929 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106 MB offset 2048
10:57:08.985 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 939818 MB offset 224910
10:57:09.031 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 13939 MB offset 1924974592
10:57:09.192 Disk 0 scanning C:\Windows\system32\drivers
10:57:26.049 Service scanning
10:57:42.767 Service MSICDSetup E:\CDriver64.sys **LOCKED** 21
10:58:09.408 Modules scanning
10:58:09.423 Disk 0 trace - called modules:
10:58:09.445 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
10:58:09.451 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009eb3060]
10:58:09.457 3 CLASSPNP.SYS[fffff8800195e43f] -> nt!IofCallDriver -> [0xfffffa8009d5eac0]
10:58:09.463 5 amd_xata.sys[fffff8800113a8b4] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa8009d5a9c0]
10:58:12.897 AVAST engine scan C:\Windows
10:58:18.226 AVAST engine scan C:\Windows\system32
11:07:42.552 AVAST engine scan C:\Windows\system32\drivers
11:08:20.687 AVAST engine scan C:\Users\Gold
11:23:37.635 AVAST engine scan C:\ProgramData
11:30:23.262 Scan finished successfully
11:30:58.499 Disk 0 MBR has been saved successfully to "C:\Users\Gold\Desktop\MBR.dat"
11:30:58.597 The log file has been saved successfully to "C:\Users\Gold\Desktop\aswMBR.txt"


ESET would not run, it said "Could not get updates. Is proxy configured?"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:27 PM

Posted 14 November 2012 - 01:40 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 hrolsons

hrolsons
  • Topic Starter

  • Members
  • 226 posts
  • OFFLINE
  •  
  • Local time:10:27 PM

Posted 14 November 2012 - 03:27 PM

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Gold (administrator) on 14-11-2012 at 12:54:24
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Gold-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 1C-65-9D-B3-05-E2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 1C-65-9D-B3-05-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f9e4:1c05:f5c4:62f4%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, November 13, 2012 1:34:55 PM
Lease Expires . . . . . . . . . . : Thursday, November 15, 2012 1:34:59 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 236742045
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-34-67-41-64-31-50-24-CB-E3
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 64-31-50-24-CB-E3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::558a:a32b:19a3:29c2%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, November 13, 2012 2:12:53 PM
Lease Expires . . . . . . . . . . : Thursday, November 15, 2012 12:18:54 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 258224464
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-34-67-41-64-31-50-24-CB-E3
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{BBF9F091-EADE-4E1C-AB76-D5897FD5207B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:eb:1af1:3f57:fefb(Preferred)
Link-local IPv6 Address . . . . . : fe80::eb:1af1:3f57:fefb%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{D739A00B-9635-4EAB-B035-E5B71059EB9F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1838AA3C-E231-42D7-9CBA-FD112D7C105F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:4001:802::1002
74.125.224.99
74.125.224.98
74.125.224.103
74.125.224.97
74.125.224.101
74.125.224.105
74.125.224.96
74.125.224.104
74.125.224.110
74.125.224.102
74.125.224.100


Pinging google.com [74.125.224.100] with 32 bytes of data:
Reply from 74.125.224.100: bytes=32 time=43ms TTL=51
Reply from 74.125.224.100: bytes=32 time=44ms TTL=51

Ping statistics for 74.125.224.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 44ms, Average = 43ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=710ms TTL=49
Reply from 98.139.183.24: bytes=32 time=776ms TTL=47

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 710ms, Maximum = 776ms, Average = 743ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...1c 65 9d b3 05 e2 ......Microsoft Virtual WiFi Miniport Adapter
12...1c 65 9d b3 05 e3 ......802.11n Wireless LAN Card
11...64 31 50 24 cb e3 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 25
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 281
192.168.1.0 255.255.255.0 On-link 192.168.1.3 276
192.168.1.3 255.255.255.255 On-link 192.168.1.3 276
192.168.1.4 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 276
224.0.0.0 240.0.0.0 On-link 192.168.1.4 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 276
255.255.255.255 255.255.255.255 On-link 192.168.1.4 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 58 ::/0 On-link
1 306 ::1/128 On-link
10 58 2001::/32 On-link
10 306 2001:0:4137:9e76:eb:1af1:3f57:fefb/128
On-link
11 276 fe80::/64 On-link
12 281 fe80::/64 On-link
10 306 fe80::/64 On-link
10 306 fe80::eb:1af1:3f57:fefb/128
On-link
11 276 fe80::558a:a32b:19a3:29c2/128
On-link
12 281 fe80::f9e4:1c05:f5c4:62f4/128
On-link
1 306 ff00::/8 On-link
10 306 ff00::/8 On-link
11 276 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/14/2012 11:31:44 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/14/2012 01:21:09 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {35e81631-13e1-48db-97fc-d5bc721bb18a}
Writer Name: NPS VSS Writer
Writer Instance ID: {7da2eb1e-745c-447b-af12-4ccd81c4a529}

Error: (11/14/2012 01:21:09 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {22600687-b5bd-4703-afb2-90eede3869e1}

Error: (11/14/2012 01:19:28 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {35e81631-13e1-48db-97fc-d5bc721bb18a}
Writer Name: NPS VSS Writer
Writer Instance ID: {7da2eb1e-745c-447b-af12-4ccd81c4a529}

Error: (11/14/2012 01:19:28 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {22600687-b5bd-4703-afb2-90eede3869e1}

Error: (11/13/2012 01:39:58 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Unable to find the section for this mentu item!!!

Error: (11/13/2012 01:39:17 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (11/13/2012 01:39:17 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (11/13/2012 01:39:17 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (11/13/2012 11:02:05 AM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Unable to find the section for this mentu item!!!


System errors:
=============
Error: (11/14/2012 00:09:33 PM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

Error: (11/14/2012 11:34:33 AM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

Error: (11/14/2012 11:16:46 AM) (Source: Microsoft Antimalware) (User: )
Description: %Exploit:Java/CVE-2012-1723.BKN60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Exploit:Java/CVE-2012-1723.BKN603

Name: Exploit:Java/CVE-2012-1723.BKN

ID: 2147664807

Severity: %Exploit:Java/CVE-2012-1723.BKN600

Category: %Exploit:Java/CVE-2012-1723.BKN602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Exploit:Java/CVE-2012-1723.BKN608

User: {903D4BDD-C58F-4984-989A-50039B812CB2}9

Process Name: %Exploit:Java/CVE-2012-1723.BKN609

Action: {903D4BDD-C58F-4984-989A-50039B812CB2}1

Action Status: {903D4BDD-C58F-4984-989A-50039B812CB2}8

Error Code: {903D4BDD-C58F-4984-989A-50039B812CB2}3

Error description: {903D4BDD-C58F-4984-989A-50039B812CB2}4

Signature Version: 2012-11-14T18:16:26.678Z1

Engine Version: 2012-11-14T18:16:26.678Z2

Error: (11/14/2012 11:16:46 AM) (Source: Microsoft Antimalware) (User: )
Description: %Exploit:Java/CVE-2012-1723.BKV60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Exploit:Java/CVE-2012-1723.BKV603

Name: Exploit:Java/CVE-2012-1723.BKV

ID: 2147664815

Severity: %Exploit:Java/CVE-2012-1723.BKV600

Category: %Exploit:Java/CVE-2012-1723.BKV602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Exploit:Java/CVE-2012-1723.BKV608

User: {367D7BF7-BF32-4769-8C78-F00A16ECC34D}9

Process Name: %Exploit:Java/CVE-2012-1723.BKV609

Action: {367D7BF7-BF32-4769-8C78-F00A16ECC34D}1

Action Status: {367D7BF7-BF32-4769-8C78-F00A16ECC34D}8

Error Code: {367D7BF7-BF32-4769-8C78-F00A16ECC34D}3

Error description: {367D7BF7-BF32-4769-8C78-F00A16ECC34D}4

Signature Version: 2012-11-14T18:16:09.733Z1

Engine Version: 2012-11-14T18:16:09.733Z2

Error: (11/14/2012 11:16:33 AM) (Source: Microsoft Antimalware) (User: )
Description: %Exploit:Java/CVE-2012-1723!generic60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Exploit:Java/CVE-2012-1723!generic603

Name: Exploit:Java/CVE-2012-1723!generic

ID: 2147665055

Severity: %Exploit:Java/CVE-2012-1723!generic600

Category: %Exploit:Java/CVE-2012-1723!generic602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Exploit:Java/CVE-2012-1723!generic608

User: {7C2C192B-EB62-4A48-842E-29AC2CA3463B}9

Process Name: %Exploit:Java/CVE-2012-1723!generic609

Action: {7C2C192B-EB62-4A48-842E-29AC2CA3463B}1

Action Status: {7C2C192B-EB62-4A48-842E-29AC2CA3463B}8

Error Code: {7C2C192B-EB62-4A48-842E-29AC2CA3463B}3

Error description: {7C2C192B-EB62-4A48-842E-29AC2CA3463B}4

Signature Version: 2012-11-14T18:16:13.527Z1

Engine Version: 2012-11-14T18:16:13.527Z2

Error: (11/14/2012 11:16:32 AM) (Source: Microsoft Antimalware) (User: )
Description: %Exploit:Java/CVE-2012-1723.AAU60 has encountered a critical error when taking action on malware or other potentially unwanted software.

For more information please see the following:
%Exploit:Java/CVE-2012-1723.AAU603

Name: Exploit:Java/CVE-2012-1723.AAU

ID: 2147662142

Severity: %Exploit:Java/CVE-2012-1723.AAU600

Category: %Exploit:Java/CVE-2012-1723.AAU602

Path: 4.1.0522.02

Detection Origin: 4.1.0522.04

Detection Type: 4.1.0522.08

Detection Source: %Exploit:Java/CVE-2012-1723.AAU608

User: {9CD33AEA-FFE3-4BAC-81C3-CD027D1BF500}9

Process Name: %Exploit:Java/CVE-2012-1723.AAU609

Action: {9CD33AEA-FFE3-4BAC-81C3-CD027D1BF500}1

Action Status: {9CD33AEA-FFE3-4BAC-81C3-CD027D1BF500}8

Error Code: {9CD33AEA-FFE3-4BAC-81C3-CD027D1BF500}3

Error description: {9CD33AEA-FFE3-4BAC-81C3-CD027D1BF500}4

Signature Version: 2012-11-14T18:16:13.527Z1

Engine Version: 2012-11-14T18:16:13.527Z2

Error: (11/14/2012 10:59:33 AM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

Error: (11/14/2012 10:46:33 AM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

Error: (11/14/2012 10:43:33 AM) (Source: srv) (User: )
Description: The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations.

Error: (11/14/2012 10:21:43 AM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.3.
The computer with the IP address 192.168.1.7 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================
Error: (11/14/2012 11:31:44 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Gold\Downloads\esetsmartinstaller_enu.exe

Error: (11/14/2012 01:21:09 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {35e81631-13e1-48db-97fc-d5bc721bb18a}
Writer Name: NPS VSS Writer
Writer Instance ID: {7da2eb1e-745c-447b-af12-4ccd81c4a529}

Error: (11/14/2012 01:21:09 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {22600687-b5bd-4703-afb2-90eede3869e1}

Error: (11/14/2012 01:19:28 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {35e81631-13e1-48db-97fc-d5bc721bb18a}
Writer Name: NPS VSS Writer
Writer Instance ID: {7da2eb1e-745c-447b-af12-4ccd81c4a529}

Error: (11/14/2012 01:19:28 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {22600687-b5bd-4703-afb2-90eede3869e1}

Error: (11/13/2012 01:39:58 PM) (Source: QuickBooks)(User: )
Description: QuickBooksUnable to find the section for this mentu item!!!

Error: (11/13/2012 01:39:17 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (11/13/2012 01:39:17 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (11/13/2012 01:39:17 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (11/13/2012 11:02:05 AM) (Source: QuickBooks)(User: )
Description: QuickBooksUnable to find the section for this mentu item!!!


CodeIntegrity Errors:
===================================
Date: 2012-03-03 14:28:07.301
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Gold\AppData\Local\Temp\w4sCCC1.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-03-03 14:28:07.227
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Gold\AppData\Local\Temp\w4sCCC1.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.5.0.600)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Agatha Christie - Peril at End House (Version: 2.2.0.95)
AMD Accelerated Video Transcoding (Version: 12.5.100.20928)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.891.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0928.1532.26058)
AMD Media Foundation Decoders (Version: 1.0.70928.1539)
AMD Steady Video Plug-In (Version: 2.04.0000)
AMD VISION Engine Control Center (Version: 2012.0928.1532.26058)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.10309)
ATI Problem Report Wizard (Version: 3.0.821.0)
AutoIt v3.3.6.1
AviSynth 2.5
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Bing Bar (Version: 7.1.361.0)
Bing Desktop (Version: 1.0.45.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blasterball 3 (Version: 2.2.0.95)
Blio (Version: 2.0.5350)
Bonjour (Version: 3.0.0.10)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
Cake Mania (Version: 2.2.0.95)
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294)
Carbonite (Version: 5.3.1 build 2232 (Aug-29-2012))
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0928.1532.26058)
Catalyst Control Center InstallProxy (Version: 2012.0928.1532.26058)
Catalyst Control Center Localization All (Version: 2012.0928.1532.26058)
ccc-utility64 (Version: 2012.0928.1532.26058)
CCC Help Chinese Standard (Version: 2012.0928.1531.26058)
CCC Help Chinese Traditional (Version: 2012.0928.1531.26058)
CCC Help Czech (Version: 2012.0928.1531.26058)
CCC Help Danish (Version: 2012.0928.1531.26058)
CCC Help Dutch (Version: 2012.0928.1531.26058)
CCC Help English (Version: 2012.0928.1531.26058)
CCC Help Finnish (Version: 2012.0928.1531.26058)
CCC Help French (Version: 2012.0928.1531.26058)
CCC Help German (Version: 2012.0928.1531.26058)
CCC Help Greek (Version: 2012.0928.1531.26058)
CCC Help Hungarian (Version: 2012.0928.1531.26058)
CCC Help Italian (Version: 2012.0928.1531.26058)
CCC Help Japanese (Version: 2012.0928.1531.26058)
CCC Help Korean (Version: 2012.0928.1531.26058)
CCC Help Norwegian (Version: 2012.0928.1531.26058)
CCC Help Polish (Version: 2012.0928.1531.26058)
CCC Help Portuguese (Version: 2012.0928.1531.26058)
CCC Help Russian (Version: 2012.0928.1531.26058)
CCC Help Spanish (Version: 2012.0928.1531.26058)
CCC Help Swedish (Version: 2012.0928.1531.26058)
CCC Help Thai (Version: 2012.0928.1531.26058)
CCC Help Turkish (Version: 2012.0928.1531.26058)
CCleaner (Version: 3.24)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CSE HTML Validator Lite v6.52
CyberLink DVD Suite Deluxe (Version: 7.0.3210)
D3DX10 (Version: 15.4.2368.0902)
Defraggler (Version: 2.10)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
Dora's World Adventure (Version: 2.2.0.95)
Dropbox (Version: 1.4.7)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
DVD Menu Pack for HP MediaSmart Video (Version: 4.2.4412)
eBay Blackthorne (Version: 04.08.031)
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
GameRanger
GDR 2550 for SQL Server 2008 R2 (KB2716440) (64-bit) (Version: 10.51.2550.0)
GIMP 2.6.11 (Version: 2.6.11)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
Heroes of Hellas 2 - Olympia (Version: 2.2.0.95)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12494.3472)
HP Client Services (Version: 1.0.12656.3472)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Game Console
HP Games (Version: 1.0.1.5)
HP LaserJet Professional M1130-M1210 MFP Series
HP LaserJet Professional M1210 MFP Series Fax Installer (Version: 1.1.0)
HP LaserJet Professional M1210 MFP Series Toolbox (Version: 1.0.12)
HP LaserJet Toolbox (Version: 2.0.0)
HP MediaSmart DVD (Version: 4.2.4521)
HP MediaSmart Music (Version: 4.2.4517)
HP MediaSmart Photo (Version: 4.2.4513)
HP MediaSmart SmartMenu (Version: 3.1.2.4)
HP MediaSmart Video (Version: 4.2.4522)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.4.0)
HP MovieStore (Version: 1.0.027)
HP MovieStore (Version: 2.0.2)
HP Odometer (Version: 2.10.0000)
HP Setup (Version: 8.4.4400.3525)
HP Setup Manager (Version: 1.0.12844.3519)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.1000)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.1.6.0)
hppLaserJetService (Version: 001.003.000145)
hppM1130M1210SeriesLaserJetService (Version: 001.003.00073)
hppusgM1130M1210Series (Version: 1.0.0.2)
HPSSupply (Version: 2.1.1.0000)
Hulu Desktop (Version: 0.9.13)
HydraVision (Version: 4.2.188.0)
ImageMagick 6.7.2-9 Q16 (2011-10-15) (Version: 6.7.2)
iTunes (Version: 10.6.3.25)
Jasc Paint Shop Pro 8 (Version: 8.10.0000)
Jasc Paint Shop Pro 8.10 Update Patch
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Codec Pack 7.1.0 (Basic) (Version: 7.1.0)
Kobo (Version: 1.6)
LabelPrint (Version: 2.5.3130)
LightScribe System Software (Version: 1.18.15.1)
LogMeIn (Version: 4.1.2138)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Age of Empires II: The Conquerors Expansion
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office 2003 Web Components (Version: 12.0.6213.1000)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access database engine 2007 (English) (Version: 12.0.6612.1000)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Books Online (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2550.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.51.2500.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server System CLR Types (x64) (Version: 10.51.2500.0)
Microsoft SQL Server VSS Writer (Version: 10.51.2500.0)
Microsoft Sync Framework Runtime v1.0 (x64) (Version: 1.0.1215.0)
Microsoft Sync Services for ADO.NET v2.0 (x64) (Version: 2.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (Version: 9.0.30729)
Microsoft Visual Studio 6.0 Professional Edition
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Microsoft Web Publishing Wizard 1.53
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.2.4412)
Mozilla Embedded Browser version 4.0 (Version: 4.0.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSI Afterburner 2.1.0 (Version: 2.1.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Mystery P.I. - The London Caper (Version: 2.2.0.95)
NETGEAR USB Control Center (Version: 1.11)
Notepad++ (Version: 5.9.2)
ntop for Win32 4.0.3 (Version: 4.0.3)
NuSphere PhpED version 6.1 (Version: 6.1)
OverDrive Media Console (Version: 3.2.10)
Pandora (Version: 2.0.6)
PDF Complete Special Edition (Version: 4.0.57)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.7717)
php-4.4.9 for NuSphere PhpED (Version: 6.1)
php-5.2.17 for NuSphere PhpED (Version: 6.1)
php-5.3.5 for NuSphere PhpED (Version: 6.1)
Php Documentor version 1.4.2 for NuSphere PhpED (Version: 6.1)
Picasa 3 (Version: 3.8)
PictureMover (Version: 3.5.0.33)
PixRecovery 3.0.18586.1 Demo License (Version: 3.0.18586.1)
Plants vs. Zombies (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Polystyle 2.0zo (trial) for NuSphere PhpED (Version: 6.1)
Power Video Cutter 5.3
Power2Go (Version: 6.1.4329)
PowerDirector (Version: 8.0.3129)
PressReader (Version: 5.10.1102.0)
QuickBooks (Version: 22.0.4010.2206)
QuickBooks (Version: 23.0.4003.2305)
QuickBooks Pro 2012 (Version: 22.0.4010.2206)
QuickBooks Pro 2013 (Version: 23.0.4001.2305)
QuickTime (Version: 7.72.80.56)
Ralink 802.11n Wireless LAN Card (Version: 3.2.13.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
Recovery Manager (Version: 5.5.3219)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.34.0)
RoxioNow Player (Version: 1.9.5.101)
Scan To (Version: 2.0.1)
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (Version: 10.51.2500.0)
SMConverter 1.0.7 (Version: 1.0.7)
SMRecorder 1.2.1 (Version: 1.2.1)
SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1)
SQL Server 2008 R2 SP1 Analysis Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 BI Development Studio (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Client Tools (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Full text search (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Integration Services (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Reporting Services (Version: 10.51.2500.0)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
TurboTax 2011 wcosbpm (Version: 011.000.0392)
TurboTax 2011 WinBizFedFormset (Version: 011.000.1842)
TurboTax 2011 WinBizReleaseEngine (Version: 011.000.0488)
TurboTax 2011 WinBizTaxSupport (Version: 011.000.1391)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax Business 2011
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Video2Down FileBulldog Toolbar
Virtual Families (Version: 2.2.0.95)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
VLC media player 1.1.11 (Version: 1.1.11)
WebDrive (Version: 9.17.2407)
Wheel of Fortune 2 (Version: 2.2.0.95)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinPcap 4.1.2 (Version: 4.1.0.2001)
World of Warcraft (Version: 4.3.4.15595)
Zinio Reader 4 (Version: 4.0.3184)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 12287.29 MB
Available physical RAM: 6093.79 MB
Total Pagefile: 24572.76 MB
Available Pagefile: 17795.95 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.89 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:917.79 GB) (Free:287.04 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:13.61 GB) (Free:1.68 GB) NTFS
6 Drive k: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:221.19 GB) NTFS
9 Drive o: (FreeAgent GoFlex Drive) (Network) (Total:2794.51 GB) (Free:221.19 GB) NTFS
10 Drive w: (WWW.BLUEAPPLEHOUSES.COM) (Network) (Total:100 GB) (Free:100 GB) WebDrive

========================= Users: ========================================

User accounts for \\GOLD-HP

Administrator Gold Guest
LogMeInRemoteUser QBDataServiceUser23 share

========================= Restore Points ==================================

13-11-2012 18:07:16 Windows Update
13-11-2012 20:01:16 Windows Update
14-11-2012 18:20:05 Installed Java™ 6 Update 37

**** End of log ****

Farbar Service Scanner Version: 09-11-2012
Ran by Gold (administrator) on 14-11-2012 at 12:58:53
Running from "C:\Users\Gold\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-11-13 12:56] - [2012-10-03 10:56] - 1914248 ____A (Microsoft Corporation) 37608401DFDB388CAF66917F6B2D6FB0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

# AdwCleaner v2.007 - Logfile created 11/14/2012 at 13:06:23
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Gold - GOLD-HP
# Boot Mode : Normal
# Running from : C:\Users\Gold\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Found : C:\Users\Public\Desktop\eBay.lnk

***** [Registry] *****

Key Found : HKCU\Software\Somoto Toolbar
Key Found : HKCU\Software\Zugo
Key Found : HKLM\Software\Description
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Gold\AppData\Roaming\Mozilla\Firefox\Profiles\rd1o9wgq.default\prefs.js

Found : user_pref("browser.search.selectedEngine", "Search the Web");
Found : user_pref("browser.startup.homepage", "hxxps://mail.google.com/mail/u/0/?hl=en&shva=1#inbox|hxxp://k[...]

*************************

AdwCleaner[R1].txt - [1321 octets] - [14/11/2012 13:06:23]

########## EOF - C:\AdwCleaner[R1].txt - [1381 octets] ##########

Malwarebytes is still running and will post results when it completes.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:27 PM

Posted 14 November 2012 - 03:49 PM

ESET would not run, it said "Could not get updates. Is proxy configured?"


Try to run ESET in safemode with networking




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users