Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How slow is to slow?


  • Please log in to reply
13 replies to this topic

#1 Dash1730

Dash1730

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 25 November 2012 - 05:06 PM

MalwareBytes Anti_Rootkit Beta v1.01.0.1009

After 18 hours Malwarebytes has run its course, finding 32 gotchas. I had just about given up on it when it finished. A Bleeping Computer moderator suggested I post my results over here.
While running Mbar, I was able to check email, write a letter, and browse the net without any problem, so my desktop didnít seem to be slowing down Mbar.
Iím running MS Windows 7, service pack 1, 7601. Also Norton Internet Security 2012 with latest update, and ran a full scan an hour before running Mbar.

The desktop PC is an HP Pavillian H8-1200c with 6 core and 3300 Mhz and 6 GB RAM, so processes most everything I do reasonably promptly.

What should I do now? Rerun Mbar a second time as recommended, or?

My topic discussion on that can be found at: http://www.bleepingcomputer.com/forums/topic476416.html

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:00 AM

Posted 25 November 2012 - 05:27 PM

Hello,, is this

After 18 hours Malwarebytes has run its course, finding 32 gotchas

MBAM or MBAR?
Yes run the second MBAR scan.
Do you have logs? How is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Dash1730

Dash1730
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 27 November 2012 - 11:09 PM

The second run thru with the MBAR scan didn't find any more problems. It appears that it running MBAR has helped. The computer seems to be running a little faster. My wife can play a game for the first time in several weeks. And I no longer have to wiggle the mouse to keep videos playing.

BUT I must now repeatedly click the videos to keep them playing. Also the when I do Google searches Google still assumes I live in Australia. With 32 problems MBAR found, I was hoping these problems would be also resolved, but it was not to be. Any suggestions?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:00 AM

Posted 28 November 2012 - 11:40 AM

Let's also do therse..
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.



ESET ONLINE


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Dash1730

Dash1730
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 30 November 2012 - 07:33 PM

Thanks for such a comprehensive set of diagnostics. I am looking forward to your response I don't see a way to attach the results of the 4 programs you asked me to run, so I will cut and paste them here:

TDSKILLER:

17:40:09.0586 9428 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:40:09.0586 9428 UEFI system
17:40:10.0132 9428 ============================================================
17:40:10.0132 9428 Current date / time: 2012/11/30 17:40:10.0132
17:40:10.0132 9428 SystemInfo:
17:40:10.0132 9428
17:40:10.0132 9428 OS Version: 6.1.7601 ServicePack: 1.0
17:40:10.0132 9428 Product type: Workstation
17:40:10.0132 9428 ComputerName: DON-HP
17:40:10.0132 9428 UserName: Don
17:40:10.0132 9428 Windows directory: C:\windows
17:40:10.0132 9428 System windows directory: C:\windows
17:40:10.0132 9428 Running under WOW64
17:40:10.0132 9428 Processor architecture: Intel x64
17:40:10.0132 9428 Number of processors: 6
17:40:10.0132 9428 Page size: 0x1000
17:40:10.0132 9428 Boot type: Normal boot
17:40:10.0132 9428 ============================================================
17:40:10.0756 9428 Drive \Device\Harddisk0\DR0 - Size: 0xE8D4A50000 (931.32 Gb), SectorSize: 0x200, Cylinders: 0x1DAE8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:40:10.0772 9428 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:40:10.0803 9428 ============================================================
17:40:10.0803 9428 \Device\Harddisk0\DR0:
17:40:10.0803 9428 GPT partitions:
17:40:10.0803 9428 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F14E2FF6-13A9-485D-9D87-B66D5C71B3C0}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
17:40:10.0803 9428 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {671AC981-40E3-4145-B88A-5E9034D9F124}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
17:40:10.0803 9428 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {27921703-7398-4D48-AD58-79C6E34922C3}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x723CF800
17:40:10.0803 9428 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5BFBC6A8-99D4-4DB8-8658-7FC9EC493FA3}, Name: Basic data partition, StartLBA 0x72442000, BlocksNum 0x2263000
17:40:10.0803 9428 MBR partitions:
17:40:10.0803 9428 \Device\Harddisk1\DR1:
17:40:10.0803 9428 MBR partitions:
17:40:10.0803 9428 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:40:10.0803 9428 ============================================================
17:40:10.0850 9428 C: <-> \Device\Harddisk0\DR0\Partition3
17:40:10.0944 9428 Z: <-> \Device\Harddisk0\DR0\Partition4
17:40:10.0975 9428 D: <-> \Device\Harddisk1\DR1\Partition1
17:40:10.0975 9428 ============================================================
17:40:10.0975 9428 Initialize success
17:40:10.0975 9428 ============================================================
17:44:31.0418 10840 ============================================================
17:44:31.0418 10840 Scan started
17:44:31.0418 10840 Mode: Manual; TDLFS;
17:44:31.0418 10840 ============================================================
17:44:31.0933 10840 ================ Scan system memory ========================
17:44:31.0933 10840 System memory - ok
17:44:31.0933 10840 ================ Scan services =============================
17:44:32.0074 10840 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:44:32.0074 10840 1394ohci - ok
17:44:32.0120 10840 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:44:32.0136 10840 ACPI - ok
17:44:32.0183 10840 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:44:32.0183 10840 AcpiPmi - ok
17:44:32.0292 10840 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:44:32.0292 10840 AdobeFlashPlayerUpdateSvc - ok
17:44:32.0308 10840 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:44:32.0323 10840 adp94xx - ok
17:44:32.0323 10840 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
17:44:32.0339 10840 adpahci - ok
17:44:32.0354 10840 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:44:32.0354 10840 adpu320 - ok
17:44:32.0386 10840 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:44:32.0386 10840 AeLookupSvc - ok
17:44:32.0432 10840 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
17:44:32.0432 10840 AESTFilters - ok
17:44:32.0464 10840 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
17:44:32.0464 10840 AFD - ok
17:44:32.0479 10840 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
17:44:32.0495 10840 agp440 - ok
17:44:32.0510 10840 [ 156BFCEA9318F449890C6710A4F1D986 ] ahcix64s C:\windows\system32\drivers\ahcix64s.sys
17:44:32.0510 10840 ahcix64s - ok
17:44:32.0510 10840 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
17:44:32.0526 10840 ALG - ok
17:44:32.0557 10840 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
17:44:32.0557 10840 aliide - ok
17:44:32.0620 10840 [ C9A5A02CB76B35A78404F6D4101163F9 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
17:44:32.0620 10840 AMD External Events Utility - ok
17:44:32.0682 10840 AMD FUEL Service - ok
17:44:32.0698 10840 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
17:44:32.0698 10840 amdide - ok
17:44:32.0776 10840 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\windows\system32\DRIVERS\amdiox64.sys
17:44:32.0776 10840 amdiox64 - ok
17:44:32.0791 10840 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:44:32.0791 10840 AmdK8 - ok
17:44:33.0025 10840 [ 5F62E6CFD4FEA8D19110BDEB423BF510 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
17:44:33.0197 10840 amdkmdag - ok
17:44:33.0228 10840 [ D93655EC3CA48FCBFFD9D4E6DF63737F ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
17:44:33.0228 10840 amdkmdap - ok
17:44:33.0244 10840 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:44:33.0244 10840 AmdPPM - ok
17:44:33.0306 10840 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:44:33.0306 10840 amdsata - ok
17:44:33.0337 10840 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:44:33.0353 10840 amdsbs - ok
17:44:33.0368 10840 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:44:33.0368 10840 amdxata - ok
17:44:33.0462 10840 [ 67FB6EC7C1232FA350D12378D41B742A ] AMD_RAIDXpert C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
17:44:33.0462 10840 AMD_RAIDXpert - ok
17:44:33.0478 10840 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:44:33.0478 10840 AODDriver4.1 - ok
17:44:33.0524 10840 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
17:44:33.0524 10840 AppID - ok
17:44:33.0540 10840 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:44:33.0556 10840 AppIDSvc - ok
17:44:33.0587 10840 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
17:44:33.0587 10840 Appinfo - ok
17:44:33.0602 10840 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
17:44:33.0602 10840 arc - ok
17:44:33.0618 10840 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
17:44:33.0618 10840 arcsas - ok
17:44:33.0727 10840 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:44:33.0727 10840 aspnet_state - ok
17:44:33.0774 10840 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:44:33.0774 10840 AsyncMac - ok
17:44:33.0805 10840 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
17:44:33.0821 10840 atapi - ok
17:44:33.0868 10840 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
17:44:33.0868 10840 AtiHDAudioService - ok
17:44:33.0899 10840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:44:33.0899 10840 AudioEndpointBuilder - ok
17:44:33.0914 10840 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:44:33.0914 10840 AudioSrv - ok
17:44:33.0961 10840 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
17:44:33.0961 10840 AxInstSV - ok
17:44:34.0008 10840 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:44:34.0008 10840 b06bdrv - ok
17:44:34.0024 10840 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:44:34.0024 10840 b57nd60a - ok
17:44:34.0039 10840 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
17:44:34.0039 10840 BDESVC - ok
17:44:34.0055 10840 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
17:44:34.0055 10840 Beep - ok
17:44:34.0102 10840 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
17:44:34.0117 10840 BFE - ok
17:44:34.0367 10840 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121106.001\BHDrvx64.sys
17:44:34.0398 10840 BHDrvx64 - ok
17:44:34.0429 10840 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
17:44:34.0429 10840 BITS - ok
17:44:34.0492 10840 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
17:44:34.0492 10840 blbdrive - ok
17:44:34.0585 10840 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:44:34.0585 10840 Bonjour Service - ok
17:44:34.0601 10840 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:44:34.0616 10840 bowser - ok
17:44:34.0616 10840 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:44:34.0632 10840 BrFiltLo - ok
17:44:34.0632 10840 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:44:34.0632 10840 BrFiltUp - ok
17:44:34.0663 10840 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
17:44:34.0663 10840 Browser - ok
17:44:34.0679 10840 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:44:34.0679 10840 Brserid - ok
17:44:34.0694 10840 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:44:34.0694 10840 BrSerWdm - ok
17:44:34.0710 10840 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:44:34.0726 10840 BrUsbMdm - ok
17:44:34.0757 10840 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:44:34.0757 10840 BrUsbSer - ok
17:44:34.0772 10840 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:44:34.0772 10840 BTHMODEM - ok
17:44:34.0804 10840 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
17:44:34.0804 10840 bthserv - ok
17:44:34.0897 10840 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
17:44:34.0897 10840 CalendarSynchService - ok
17:44:34.0991 10840 [ 0E1737A63AEC0F6DE231BB59836C0A11 ] ccSet_MCLIENT C:\windows\system32\drivers\MCLIENTx64\0201020.00D\ccSetx64.sys
17:44:34.0991 10840 ccSet_MCLIENT - ok
17:44:35.0069 10840 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS C:\windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys
17:44:35.0069 10840 ccSet_NIS - ok
17:44:35.0084 10840 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:44:35.0084 10840 cdfs - ok
17:44:35.0100 10840 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\drivers\cdrom.sys
17:44:35.0100 10840 cdrom - ok
17:44:35.0116 10840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
17:44:35.0116 10840 CertPropSvc - ok
17:44:35.0162 10840 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
17:44:35.0162 10840 circlass - ok
17:44:35.0178 10840 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
17:44:35.0178 10840 CLFS - ok
17:44:35.0225 10840 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:35.0225 10840 clr_optimization_v2.0.50727_32 - ok
17:44:35.0256 10840 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:44:35.0256 10840 clr_optimization_v2.0.50727_64 - ok
17:44:35.0350 10840 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:35.0350 10840 clr_optimization_v4.0.30319_32 - ok
17:44:35.0381 10840 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:44:35.0381 10840 clr_optimization_v4.0.30319_64 - ok
17:44:35.0396 10840 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
17:44:35.0396 10840 CmBatt - ok
17:44:35.0412 10840 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
17:44:35.0412 10840 cmdide - ok
17:44:35.0459 10840 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
17:44:35.0474 10840 CNG - ok
17:44:35.0506 10840 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:44:35.0506 10840 Compbatt - ok
17:44:35.0552 10840 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:44:35.0568 10840 CompositeBus - ok
17:44:35.0568 10840 COMSysApp - ok
17:44:35.0584 10840 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:44:35.0584 10840 crcdisk - ok
17:44:35.0615 10840 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
17:44:35.0615 10840 CryptSvc - ok
17:44:35.0708 10840 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:44:35.0724 10840 cvhsvc - ok
17:44:35.0755 10840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
17:44:35.0755 10840 DcomLaunch - ok
17:44:35.0771 10840 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
17:44:35.0771 10840 defragsvc - ok
17:44:35.0786 10840 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:44:35.0786 10840 DfsC - ok
17:44:35.0833 10840 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
17:44:35.0833 10840 Dhcp - ok
17:44:35.0849 10840 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
17:44:35.0849 10840 discache - ok
17:44:35.0864 10840 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
17:44:35.0864 10840 Disk - ok
17:44:35.0896 10840 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:44:35.0896 10840 Dnscache - ok
17:44:35.0911 10840 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
17:44:35.0911 10840 dot3svc - ok
17:44:35.0927 10840 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
17:44:35.0927 10840 DPS - ok
17:44:35.0958 10840 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:44:35.0958 10840 drmkaud - ok
17:44:35.0989 10840 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:44:35.0989 10840 DXGKrnl - ok
17:44:36.0020 10840 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
17:44:36.0020 10840 EapHost - ok
17:44:36.0098 10840 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
17:44:36.0145 10840 ebdrv - ok
17:44:36.0239 10840 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:44:36.0239 10840 eeCtrl - ok
17:44:36.0270 10840 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
17:44:36.0270 10840 EFS - ok
17:44:36.0379 10840 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:44:36.0379 10840 ehRecvr - ok
17:44:36.0442 10840 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
17:44:36.0442 10840 ehSched - ok
17:44:36.0473 10840 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:44:36.0473 10840 elxstor - ok
17:44:36.0535 10840 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:44:36.0535 10840 EraserUtilRebootDrv - ok
17:44:36.0551 10840 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
17:44:36.0551 10840 ErrDev - ok
17:44:36.0582 10840 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
17:44:36.0582 10840 EventSystem - ok
17:44:36.0613 10840 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
17:44:36.0613 10840 exfat - ok
17:44:36.0629 10840 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
17:44:36.0629 10840 fastfat - ok
17:44:36.0676 10840 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
17:44:36.0691 10840 Fax - ok
17:44:36.0707 10840 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
17:44:36.0707 10840 fdc - ok
17:44:36.0785 10840 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
17:44:36.0785 10840 fdPHost - ok
17:44:36.0800 10840 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
17:44:36.0800 10840 FDResPub - ok
17:44:36.0816 10840 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:44:36.0816 10840 FileInfo - ok
17:44:36.0847 10840 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:44:36.0847 10840 Filetrace - ok
17:44:36.0863 10840 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:44:36.0863 10840 flpydisk - ok
17:44:36.0894 10840 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:44:36.0894 10840 FltMgr - ok
17:44:36.0941 10840 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
17:44:36.0941 10840 FontCache - ok
17:44:36.0972 10840 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:44:36.0972 10840 FontCache3.0.0.0 - ok
17:44:37.0019 10840 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:44:37.0019 10840 FsDepends - ok
17:44:37.0034 10840 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:44:37.0034 10840 Fs_Rec - ok
17:44:37.0097 10840 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:44:37.0097 10840 fvevol - ok
17:44:37.0112 10840 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:44:37.0112 10840 gagp30kx - ok
17:44:37.0190 10840 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:44:37.0190 10840 GamesAppService - ok
17:44:37.0206 10840 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
17:44:37.0222 10840 gpsvc - ok
17:44:37.0284 10840 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:37.0284 10840 gupdate - ok
17:44:37.0300 10840 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:44:37.0300 10840 gupdatem - ok
17:44:37.0362 10840 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:44:37.0362 10840 gusvc - ok
17:44:37.0440 10840 [ 02B592C2AECFF69F844AA8F4520C39E9 ] HCW723x C:\windows\system32\DRIVERS\HCW723x.sys
17:44:37.0456 10840 HCW723x - ok
17:44:37.0471 10840 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:44:37.0471 10840 hcw85cir - ok
17:44:37.0518 10840 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:44:37.0518 10840 HdAudAddService - ok
17:44:37.0580 10840 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
17:44:37.0580 10840 HDAudBus - ok
17:44:37.0612 10840 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:44:37.0612 10840 HidBatt - ok
17:44:37.0627 10840 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:44:37.0627 10840 HidBth - ok
17:44:37.0674 10840 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
17:44:37.0674 10840 HidIr - ok
17:44:37.0690 10840 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
17:44:37.0690 10840 hidserv - ok
17:44:37.0736 10840 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:44:37.0736 10840 HidUsb - ok
17:44:37.0768 10840 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
17:44:37.0783 10840 hkmsvc - ok
17:44:37.0783 10840 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:44:37.0783 10840 HomeGroupListener - ok
17:44:37.0799 10840 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:44:37.0814 10840 HomeGroupProvider - ok
17:44:37.0892 10840 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:44:37.0892 10840 HP Support Assistant Service - ok
17:44:37.0939 10840 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
17:44:37.0939 10840 HPAuto - ok
17:44:37.0970 10840 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:44:37.0970 10840 HPClientSvc - ok
17:44:38.0002 10840 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:44:38.0002 10840 HPDrvMntSvc.exe - ok
17:44:38.0017 10840 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:44:38.0033 10840 hpqwmiex - ok
17:44:38.0048 10840 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:44:38.0048 10840 HpSAMD - ok
17:44:38.0095 10840 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:44:38.0111 10840 HTTP - ok
17:44:38.0126 10840 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:44:38.0126 10840 hwpolicy - ok
17:44:38.0173 10840 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:44:38.0189 10840 i8042prt - ok
17:44:38.0189 10840 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:44:38.0204 10840 iaStorV - ok
17:44:38.0251 10840 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:44:38.0251 10840 idsvc - ok
17:44:38.0376 10840 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121129.001\IDSvia64.sys
17:44:38.0376 10840 IDSVia64 - ok
17:44:38.0516 10840 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:44:38.0548 10840 igfx - ok
17:44:38.0563 10840 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:44:38.0563 10840 iirsp - ok
17:44:38.0610 10840 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
17:44:38.0610 10840 IKEEXT - ok
17:44:38.0641 10840 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
17:44:38.0641 10840 intelide - ok
17:44:38.0657 10840 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
17:44:38.0657 10840 intelppm - ok
17:44:38.0766 10840 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
17:44:38.0766 10840 IntuitUpdateServiceV4 - ok
17:44:38.0782 10840 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:44:38.0782 10840 IPBusEnum - ok
17:44:38.0797 10840 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:44:38.0813 10840 IpFilterDriver - ok
17:44:38.0860 10840 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:44:38.0860 10840 iphlpsvc - ok
17:44:38.0875 10840 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:44:38.0875 10840 IPMIDRV - ok
17:44:38.0875 10840 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:44:38.0891 10840 IPNAT - ok
17:44:38.0906 10840 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
17:44:38.0906 10840 IRENUM - ok
17:44:38.0938 10840 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:44:38.0938 10840 isapnp - ok
17:44:38.0953 10840 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:44:38.0953 10840 iScsiPrt - ok
17:44:38.0984 10840 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:44:38.0984 10840 kbdclass - ok
17:44:39.0000 10840 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
17:44:39.0000 10840 kbdhid - ok
17:44:39.0031 10840 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
17:44:39.0031 10840 KeyIso - ok
17:44:39.0062 10840 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:44:39.0062 10840 KSecDD - ok
17:44:39.0078 10840 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:44:39.0078 10840 KSecPkg - ok
17:44:39.0094 10840 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:44:39.0094 10840 ksthunk - ok
17:44:39.0125 10840 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
17:44:39.0125 10840 KtmRm - ok
17:44:39.0187 10840 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
17:44:39.0187 10840 LanmanServer - ok
17:44:39.0218 10840 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:44:39.0218 10840 LanmanWorkstation - ok
17:44:39.0374 10840 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:44:39.0374 10840 LBTServ - ok
17:44:39.0421 10840 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb C:\windows\system32\DRIVERS\LEqdUsb.Sys
17:44:39.0421 10840 LEqdUsb - ok
17:44:39.0452 10840 [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd C:\windows\system32\DRIVERS\LHidEqd.Sys
17:44:39.0452 10840 LHidEqd - ok
17:44:39.0468 10840 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys
17:44:39.0468 10840 LHidFilt - ok
17:44:39.0515 10840 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:44:39.0515 10840 lltdio - ok
17:44:39.0546 10840 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
17:44:39.0546 10840 lltdsvc - ok
17:44:39.0562 10840 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
17:44:39.0562 10840 lmhosts - ok
17:44:39.0624 10840 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys
17:44:39.0624 10840 LMouFilt - ok
17:44:39.0671 10840 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:44:39.0671 10840 LSI_FC - ok
17:44:39.0702 10840 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:44:39.0702 10840 LSI_SAS - ok
17:44:39.0733 10840 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:44:39.0733 10840 LSI_SAS2 - ok
17:44:39.0749 10840 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:44:39.0749 10840 LSI_SCSI - ok
17:44:39.0764 10840 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
17:44:39.0764 10840 luafv - ok
17:44:39.0827 10840 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:44:39.0827 10840 MBAMProtector - ok
17:44:39.0905 10840 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:44:39.0905 10840 MBAMScheduler - ok
17:44:39.0936 10840 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:44:39.0936 10840 MBAMService - ok
17:44:40.0014 10840 [ 7A02F128A454BB22E300F3F80BC1BD22 ] MCLIENT C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\ccSvcHst.exe
17:44:40.0014 10840 MCLIENT - ok
17:44:40.0030 10840 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:44:40.0030 10840 Mcx2Svc - ok
17:44:40.0030 10840 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
17:44:40.0030 10840 megasas - ok
17:44:40.0061 10840 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:44:40.0061 10840 MegaSR - ok
17:44:40.0123 10840 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
17:44:40.0123 10840 MMCSS - ok
17:44:40.0139 10840 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
17:44:40.0139 10840 Modem - ok
17:44:40.0154 10840 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:44:40.0154 10840 monitor - ok
17:44:40.0201 10840 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:44:40.0201 10840 mouclass - ok
17:44:40.0248 10840 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:44:40.0248 10840 mouhid - ok
17:44:40.0279 10840 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:44:40.0279 10840 mountmgr - ok
17:44:40.0342 10840 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:44:40.0342 10840 MozillaMaintenance - ok
17:44:40.0373 10840 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
17:44:40.0373 10840 mpio - ok
17:44:40.0388 10840 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:44:40.0388 10840 mpsdrv - ok
17:44:40.0404 10840 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
17:44:40.0404 10840 MpsSvc - ok
17:44:40.0435 10840 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:44:40.0435 10840 MRxDAV - ok
17:44:40.0451 10840 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:44:40.0451 10840 mrxsmb - ok
17:44:40.0466 10840 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:44:40.0466 10840 mrxsmb10 - ok
17:44:40.0482 10840 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:44:40.0482 10840 mrxsmb20 - ok
17:44:40.0513 10840 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
17:44:40.0513 10840 msahci - ok
17:44:40.0529 10840 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:44:40.0529 10840 msdsm - ok
17:44:40.0544 10840 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
17:44:40.0544 10840 MSDTC - ok
17:44:40.0560 10840 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:44:40.0560 10840 Msfs - ok
17:44:40.0622 10840 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:44:40.0622 10840 mshidkmdf - ok
17:44:40.0638 10840 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:44:40.0638 10840 msisadrv - ok
17:44:40.0669 10840 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:44:40.0669 10840 MSiSCSI - ok
17:44:40.0669 10840 msiserver - ok
17:44:40.0685 10840 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:44:40.0685 10840 MSKSSRV - ok
17:44:40.0700 10840 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:44:40.0700 10840 MSPCLOCK - ok
17:44:40.0716 10840 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:44:40.0716 10840 MSPQM - ok
17:44:40.0732 10840 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:44:40.0732 10840 MsRPC - ok
17:44:40.0778 10840 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:44:40.0778 10840 mssmbios - ok
17:44:40.0825 10840 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:44:40.0825 10840 MSTEE - ok
17:44:40.0841 10840 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:44:40.0841 10840 MTConfig - ok
17:44:40.0872 10840 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
17:44:40.0872 10840 Mup - ok
17:44:40.0903 10840 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
17:44:40.0919 10840 napagent - ok
17:44:40.0966 10840 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:44:40.0966 10840 NativeWifiP - ok
17:44:41.0059 10840 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121130.002\ENG64.SYS
17:44:41.0059 10840 NAVENG - ok
17:44:41.0200 10840 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121130.002\EX64.SYS
17:44:41.0200 10840 NAVEX15 - ok
17:44:41.0340 10840 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
17:44:41.0340 10840 NDIS - ok
17:44:41.0418 10840 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:44:41.0418 10840 NdisCap - ok
17:44:41.0496 10840 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:44:41.0496 10840 NdisTapi - ok
17:44:41.0558 10840 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:44:41.0574 10840 Ndisuio - ok
17:44:41.0574 10840 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:44:41.0574 10840 NdisWan - ok
17:44:41.0621 10840 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:44:41.0636 10840 NDProxy - ok
17:44:41.0683 10840 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:44:41.0683 10840 NetBIOS - ok
17:44:41.0746 10840 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:44:41.0746 10840 NetBT - ok
17:44:41.0777 10840 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
17:44:41.0777 10840 Netlogon - ok
17:44:41.0808 10840 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
17:44:41.0808 10840 Netman - ok
17:44:41.0870 10840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:41.0886 10840 NetMsmqActivator - ok
17:44:41.0886 10840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:41.0886 10840 NetPipeActivator - ok
17:44:41.0902 10840 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
17:44:41.0902 10840 netprofm - ok
17:44:41.0995 10840 [ 570813483F26B5C8D984BCA5BB70B50D ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
17:44:41.0995 10840 netr28x - ok
17:44:42.0011 10840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:42.0011 10840 NetTcpActivator - ok
17:44:42.0011 10840 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:44:42.0011 10840 NetTcpPortSharing - ok
17:44:42.0042 10840 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:44:42.0042 10840 nfrd960 - ok
17:44:42.0214 10840 [ 4A9258B9597A31DB68EC9740F3A8A70B ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
17:44:42.0214 10840 NIS - ok
17:44:42.0260 10840 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
17:44:42.0260 10840 NlaSvc - ok
17:44:42.0323 10840 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:44:42.0354 10840 NOBU - ok
17:44:42.0370 10840 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
17:44:42.0370 10840 Npfs - ok
17:44:42.0432 10840 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
17:44:42.0432 10840 nsi - ok
17:44:42.0448 10840 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:44:42.0448 10840 nsiproxy - ok
17:44:42.0510 10840 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:44:42.0526 10840 Ntfs - ok
17:44:42.0541 10840 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
17:44:42.0541 10840 Null - ok
17:44:42.0604 10840 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
17:44:42.0604 10840 nvraid - ok
17:44:42.0604 10840 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
17:44:42.0604 10840 nvstor - ok
17:44:42.0635 10840 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:44:42.0635 10840 nv_agp - ok
17:44:42.0682 10840 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:44:42.0682 10840 ohci1394 - ok
17:44:42.0728 10840 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:42.0728 10840 ose - ok
17:44:42.0869 10840 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:44:42.0884 10840 osppsvc - ok
17:44:42.0916 10840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:44:42.0916 10840 p2pimsvc - ok
17:44:42.0931 10840 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
17:44:42.0931 10840 p2psvc - ok
17:44:42.0978 10840 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
17:44:42.0978 10840 Parport - ok
17:44:43.0009 10840 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
17:44:43.0009 10840 partmgr - ok
17:44:43.0025 10840 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
17:44:43.0025 10840 PcaSvc - ok
17:44:43.0040 10840 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
17:44:43.0040 10840 pci - ok
17:44:43.0056 10840 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
17:44:43.0056 10840 pciide - ok
17:44:43.0103 10840 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:44:43.0103 10840 pcmcia - ok
17:44:43.0118 10840 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
17:44:43.0118 10840 pcw - ok
17:44:43.0134 10840 pdfcDispatcher - ok
17:44:43.0150 10840 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:44:43.0150 10840 PEAUTH - ok
17:44:43.0212 10840 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
17:44:43.0212 10840 PerfHost - ok
17:44:43.0259 10840 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
17:44:43.0259 10840 pla - ok
17:44:43.0321 10840 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:44:43.0337 10840 PlugPlay - ok
17:44:43.0352 10840 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:44:43.0352 10840 PNRPAutoReg - ok
17:44:43.0368 10840 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:44:43.0368 10840 PNRPsvc - ok
17:44:43.0399 10840 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:44:43.0399 10840 PolicyAgent - ok
17:44:43.0430 10840 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
17:44:43.0430 10840 Power - ok
17:44:43.0477 10840 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:44:43.0477 10840 PptpMiniport - ok
17:44:43.0493 10840 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
17:44:43.0493 10840 Processor - ok
17:44:43.0555 10840 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
17:44:43.0555 10840 ProfSvc - ok
17:44:43.0571 10840 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
17:44:43.0571 10840 ProtectedStorage - ok
17:44:43.0586 10840 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:44:43.0586 10840 Psched - ok
17:44:43.0649 10840 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:44:43.0664 10840 ql2300 - ok
17:44:43.0680 10840 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:44:43.0680 10840 ql40xx - ok
17:44:43.0711 10840 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
17:44:43.0711 10840 QWAVE - ok
17:44:43.0711 10840 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:44:43.0711 10840 QWAVEdrv - ok
17:44:43.0883 10840 [ F98487B25828441B1C6488C642C2AC10 ] RapportCerberus_43926 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys
17:44:43.0898 10840 RapportCerberus_43926 - ok
17:44:43.0945 10840 [ E0BEDA9DFC8013CC829D872675FBB2CC ] RapportEI64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
17:44:43.0945 10840 RapportEI64 - ok
17:44:43.0992 10840 [ D1E7786313707F8D2147C4DC62F14776 ] RapportKE64 C:\windows\system32\Drivers\RapportKE64.sys
17:44:43.0992 10840 RapportKE64 - ok
17:44:44.0039 10840 [ 4D7B30001787A7E36B899BE4693C8769 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
17:44:44.0054 10840 RapportMgmtService - ok
17:44:44.0086 10840 [ D8A9889D724F6353C6D60906AF730CD1 ] RapportPG64 C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
17:44:44.0101 10840 RapportPG64 - ok
17:44:44.0101 10840 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:44:44.0101 10840 RasAcd - ok
17:44:44.0164 10840 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:44:44.0164 10840 RasAgileVpn - ok
17:44:44.0164 10840 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
17:44:44.0164 10840 RasAuto - ok
17:44:44.0179 10840 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:44:44.0179 10840 Rasl2tp - ok
17:44:44.0195 10840 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
17:44:44.0195 10840 RasMan - ok
17:44:44.0195 10840 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:44:44.0195 10840 RasPppoe - ok
17:44:44.0210 10840 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:44:44.0210 10840 RasSstp - ok
17:44:44.0226 10840 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:44:44.0242 10840 rdbss - ok
17:44:44.0257 10840 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:44:44.0257 10840 rdpbus - ok
17:44:44.0273 10840 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:44:44.0273 10840 RDPCDD - ok
17:44:44.0304 10840 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:44:44.0304 10840 RDPENCDD - ok
17:44:44.0351 10840 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:44:44.0351 10840 RDPREFMP - ok
17:44:44.0398 10840 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:44:44.0398 10840 RDPWD - ok
17:44:44.0413 10840 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:44:44.0413 10840 rdyboost - ok
17:44:44.0444 10840 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
17:44:44.0444 10840 RemoteAccess - ok
17:44:44.0460 10840 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:44:44.0460 10840 RemoteRegistry - ok
17:44:44.0522 10840 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:44:44.0522 10840 RpcEptMapper - ok
17:44:44.0538 10840 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
17:44:44.0538 10840 RpcLocator - ok
17:44:44.0554 10840 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
17:44:44.0554 10840 RpcSs - ok
17:44:44.0569 10840 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:44:44.0569 10840 rspndr - ok
17:44:44.0632 10840 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
17:44:44.0632 10840 RTL8167 - ok
17:44:44.0632 10840 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
17:44:44.0632 10840 SamSs - ok
17:44:44.0663 10840 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:44:44.0663 10840 sbp2port - ok
17:44:44.0678 10840 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
17:44:44.0678 10840 SCardSvr - ok
17:44:44.0694 10840 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:44:44.0694 10840 scfilter - ok
17:44:44.0756 10840 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
17:44:44.0756 10840 Schedule - ok
17:44:44.0788 10840 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
17:44:44.0803 10840 SCPolicySvc - ok
17:44:44.0819 10840 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:44:44.0819 10840 SDRSVC - ok
17:44:44.0834 10840 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:44:44.0834 10840 secdrv - ok
17:44:44.0834 10840 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
17:44:44.0850 10840 seclogon - ok
17:44:44.0850 10840 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
17:44:44.0850 10840 SENS - ok
17:44:44.0866 10840 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
17:44:44.0866 10840 SensrSvc - ok
17:44:44.0897 10840 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
17:44:44.0897 10840 Serenum - ok
17:44:44.0944 10840 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
17:44:44.0944 10840 Serial - ok
17:44:45.0006 10840 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
17:44:45.0006 10840 sermouse - ok
17:44:45.0037 10840 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
17:44:45.0037 10840 SessionEnv - ok
17:44:45.0053 10840 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:44:45.0053 10840 sffdisk - ok
17:44:45.0084 10840 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:44:45.0084 10840 sffp_mmc - ok
17:44:45.0100 10840 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:44:45.0115 10840 sffp_sd - ok
17:44:45.0115 10840 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:44:45.0115 10840 sfloppy - ok
17:44:45.0178 10840 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:44:45.0178 10840 Sftfs - ok
17:44:45.0240 10840 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:44:45.0240 10840 sftlist - ok
17:44:45.0271 10840 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:44:45.0271 10840 Sftplay - ok
17:44:45.0287 10840 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:44:45.0287 10840 Sftredir - ok
17:44:45.0302 10840 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:44:45.0302 10840 Sftvol - ok
17:44:45.0318 10840 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:44:45.0318 10840 sftvsa - ok
17:44:45.0365 10840 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
17:44:45.0365 10840 SharedAccess - ok
17:44:45.0412 10840 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:44:45.0412 10840 ShellHWDetection - ok
17:44:45.0427 10840 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:44:45.0427 10840 SiSRaid2 - ok
17:44:45.0443 10840 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:44:45.0458 10840 SiSRaid4 - ok
17:44:45.0505 10840 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:44:45.0505 10840 Smb - ok
17:44:45.0536 10840 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:44:45.0536 10840 SNMPTRAP - ok
17:44:45.0552 10840 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
17:44:45.0552 10840 spldr - ok
17:44:45.0630 10840 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
17:44:45.0630 10840 Spooler - ok
17:44:45.0692 10840 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
17:44:45.0708 10840 sppsvc - ok
17:44:45.0724 10840 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:44:45.0724 10840 sppuinotify - ok
17:44:45.0848 10840 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\windows\system32\drivers\NISx64\1402000.013\SRTSP64.SYS
17:44:45.0848 10840 SRTSP - ok
17:44:45.0864 10840 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\windows\system32\drivers\NISx64\1402000.013\SRTSPX64.SYS
17:44:45.0864 10840 SRTSPX - ok
17:44:45.0911 10840 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
17:44:45.0911 10840 srv - ok
17:44:45.0942 10840 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:44:45.0942 10840 srv2 - ok
17:44:45.0958 10840 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:44:45.0958 10840 srvnet - ok
17:44:46.0004 10840 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:44:46.0020 10840 SSDPSRV - ok
17:44:46.0036 10840 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
17:44:46.0036 10840 SstpSvc - ok
17:44:46.0114 10840 [ D343109DF7DAFEC3C75AC65446F5A1A9 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:44:46.0114 10840 STacSV - ok
17:44:46.0129 10840 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
17:44:46.0129 10840 stexstor - ok
17:44:46.0192 10840 [ 8C490A03D0E44165D8BB48CEA4787F47 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
17:44:46.0192 10840 STHDA - ok
17:44:46.0238 10840 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
17:44:46.0238 10840 StillCam - ok
17:44:46.0301 10840 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
17:44:46.0301 10840 stisvc - ok
17:44:46.0332 10840 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
17:44:46.0332 10840 swenum - ok
17:44:46.0379 10840 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
17:44:46.0379 10840 swprv - ok
17:44:46.0613 10840 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\windows\system32\drivers\NISx64\1402000.013\SYMDS64.SYS
17:44:46.0613 10840 SymDS - ok
17:44:46.0753 10840 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\windows\system32\drivers\NISx64\1402000.013\SYMEFA64.SYS
17:44:46.0769 10840 SymEFA - ok
17:44:46.0800 10840 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\windows\system32\Drivers\SYMEVENT64x86.SYS
17:44:46.0800 10840 SymEvent - ok
17:44:46.0831 10840 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS
17:44:46.0831 10840 SymIRON - ok
17:44:46.0909 10840 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\windows\system32\drivers\NISx64\1402000.013\SYMNETS.SYS
17:44:46.0909 10840 SymNetS - ok
17:44:46.0956 10840 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
17:44:46.0972 10840 SysMain - ok
17:44:46.0987 10840 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
17:44:46.0987 10840 TabletInputService - ok
17:44:47.0050 10840 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
17:44:47.0050 10840 TapiSrv - ok
17:44:47.0065 10840 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
17:44:47.0065 10840 TBS - ok
17:44:47.0143 10840 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:44:47.0143 10840 Tcpip - ok
17:44:47.0221 10840 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:44:47.0221 10840 TCPIP6 - ok
17:44:47.0237 10840 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:44:47.0237 10840 tcpipreg - ok
17:44:47.0268 10840 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:44:47.0268 10840 TDPIPE - ok
17:44:47.0299 10840 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:44:47.0299 10840 TDTCP - ok
17:44:47.0346 10840 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:44:47.0346 10840 tdx - ok
17:44:47.0362 10840 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
17:44:47.0362 10840 TermDD - ok
17:44:47.0408 10840 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
17:44:47.0408 10840 TermService - ok
17:44:47.0424 10840 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
17:44:47.0424 10840 Themes - ok
17:44:47.0455 10840 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
17:44:47.0455 10840 THREADORDER - ok
17:44:47.0471 10840 [ DA632FAE7B5629032B2C24E1BE29168B ] tihub3 C:\windows\system32\DRIVERS\tihub3.sys
17:44:47.0471 10840 tihub3 - ok
17:44:47.0533 10840 [ E2083499BD967396B3449C56EC8CFA70 ] tixhci C:\windows\system32\drivers\tixhci.sys
17:44:47.0533 10840 tixhci - ok
17:44:47.0549 10840 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
17:44:47.0549 10840 TrkWks - ok
17:44:47.0596 10840 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:44:47.0611 10840 TrustedInstaller - ok
17:44:47.0611 10840 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:44:47.0611 10840 tssecsrv - ok
17:44:47.0642 10840 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:44:47.0642 10840 TsUsbFlt - ok
17:44:47.0658 10840 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:44:47.0658 10840 TsUsbGD - ok
17:44:47.0720 10840 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:44:47.0720 10840 tunnel - ok
17:44:47.0736 10840 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:44:47.0736 10840 uagp35 - ok
17:44:47.0767 10840 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:44:47.0767 10840 udfs - ok
17:44:47.0783 10840 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:44:47.0783 10840 UI0Detect - ok
17:44:47.0814 10840 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:44:47.0814 10840 uliagpkx - ok
17:44:47.0830 10840 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:44:47.0830 10840 umbus - ok
17:44:47.0861 10840 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
17:44:47.0861 10840 UmPass - ok
17:44:47.0892 10840 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
17:44:47.0892 10840 upnphost - ok
17:44:47.0908 10840 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:44:47.0908 10840 usbccgp - ok
17:44:47.0939 10840 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:44:47.0939 10840 usbcir - ok
17:44:47.0970 10840 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
17:44:47.0970 10840 usbehci - ok
17:44:47.0970 10840 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\windows\system32\drivers\usbfilter.sys
17:44:47.0970 10840 usbfilter - ok
17:44:48.0001 10840 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:44:48.0001 10840 usbhub - ok
17:44:48.0017 10840 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:44:48.0017 10840 usbohci - ok
17:44:48.0032 10840 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:44:48.0032 10840 usbprint - ok
17:44:48.0079 10840 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
17:44:48.0079 10840 usbscan - ok
17:44:48.0095 10840 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:44:48.0095 10840 USBSTOR - ok
17:44:48.0110 10840 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:44:48.0110 10840 usbuhci - ok
17:44:48.0126 10840 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
17:44:48.0126 10840 UxSms - ok
17:44:48.0142 10840 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
17:44:48.0142 10840 VaultSvc - ok
17:44:48.0173 10840 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:44:48.0173 10840 vdrvroot - ok
17:44:48.0235 10840 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
17:44:48.0251 10840 vds - ok
17:44:48.0266 10840 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:44:48.0266 10840 vga - ok
17:44:48.0282 10840 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
17:44:48.0282 10840 VgaSave - ok
17:44:48.0313 10840 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:44:48.0313 10840 vhdmp - ok
17:44:48.0344 10840 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
17:44:48.0344 10840 viaide - ok
17:44:48.0376 10840 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:44:48.0376 10840 volmgr - ok
17:44:48.0391 10840 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:44:48.0391 10840 volmgrx - ok
17:44:48.0422 10840 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
17:44:48.0422 10840 volsnap - ok
17:44:48.0485 10840 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:44:48.0485 10840 vsmraid - ok
17:44:48.0516 10840 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
17:44:48.0532 10840 VSS - ok
17:44:48.0547 10840 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:44:48.0547 10840 vwifibus - ok
17:44:48.0594 10840 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:44:48.0594 10840 vwififlt - ok
17:44:48.0641 10840 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
17:44:48.0641 10840 vwifimp - ok
17:44:48.0656 10840 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
17:44:48.0672 10840 W32Time - ok
17:44:48.0703 10840 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:44:48.0703 10840 WacomPen - ok
17:44:48.0781 10840 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:44:48.0781 10840 WANARP - ok
17:44:48.0828 10840 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:44:48.0828 10840 Wanarpv6 - ok
17:44:48.0906 10840 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:44:48.0922 10840 WatAdminSvc - ok
17:44:48.0984 10840 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
17:44:48.0984 10840 wbengine - ok
17:44:49.0000 10840 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:44:49.0015 10840 WbioSrvc - ok
17:44:49.0031 10840 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
17:44:49.0031 10840 wcncsvc - ok
17:44:49.0046 10840 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:44:49.0046 10840 WcsPlugInService - ok
17:44:49.0078 10840 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
17:44:49.0078 10840 Wd - ok
17:44:49.0156 10840 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:44:49.0156 10840 Wdf01000 - ok
17:44:49.0171 10840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
17:44:49.0171 10840 WdiServiceHost - ok
17:44:49.0171 10840 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
17:44:49.0187 10840 WdiSystemHost - ok
17:44:49.0202 10840 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
17:44:49.0218 10840 WebClient - ok
17:44:49.0234 10840 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
17:44:49.0234 10840 Wecsvc - ok
17:44:49.0249 10840 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:44:49.0249 10840 wercplsupport - ok
17:44:49.0312 10840 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
17:44:49.0312 10840 WerSvc - ok
17:44:49.0327 10840 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:44:49.0327 10840 WfpLwf - ok
17:44:49.0343 10840 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:44:49.0343 10840 WIMMount - ok
17:44:49.0358 10840 WinDefend - ok
17:44:49.0374 10840 WinHttpAutoProxySvc - ok
17:44:49.0421 10840 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:44:49.0421 10840 Winmgmt - ok
17:44:49.0468 10840 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
17:44:49.0468 10840 WinRM - ok
17:44:49.0546 10840 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:44:49.0546 10840 WinUsb - ok
17:44:49.0577 10840 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
17:44:49.0577 10840 Wlansvc - ok
17:44:49.0624 10840 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:44:49.0624 10840 wlcrasvc - ok
17:44:49.0748 10840 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:44:49.0764 10840 wlidsvc - ok
17:44:49.0780 10840 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:44:49.0780 10840 WmiAcpi - ok
17:44:49.0795 10840 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:44:49.0811 10840 wmiApSrv - ok
17:44:49.0842 10840 WMPNetworkSvc - ok
17:44:49.0858 10840 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
17:44:49.0858 10840 WPCSvc - ok
17:44:49.0889 10840 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:44:49.0889 10840 WPDBusEnum - ok
17:44:49.0904 10840 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:44:49.0904 10840 ws2ifsl - ok
17:44:49.0920 10840 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
17:44:49.0920 10840 wscsvc - ok
17:44:49.0920 10840 WSearch - ok
17:44:50.0014 10840 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
17:44:50.0029 10840 wuauserv - ok
17:44:50.0060 10840 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:44:50.0060 10840 WudfPf - ok
17:44:50.0107 10840 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:44:50.0123 10840 wudfsvc - ok
17:44:50.0138 10840 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
17:44:50.0138 10840 WwanSvc - ok
17:44:50.0185 10840 X5XSEx - ok
17:44:50.0248 10840 [ C6B289A70A2D36242A2CCAA2715E1747 ] X5XSEx_Pr143 C:\Program Files (x86)\Free Ride Games\X5XSEx_Pr143.Sys
17:44:50.0263 10840 X5XSEx_Pr143 - ok
17:44:50.0294 10840 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:44:50.0294 10840 YahooAUService - ok
17:44:50.0326 10840 ================ Scan global ===============================
17:44:50.0357 10840 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
17:44:50.0388 10840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:44:50.0404 10840 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
17:44:50.0419 10840 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
17:44:50.0450 10840 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
17:44:50.0450 10840 [Global] - ok
17:44:50.0450 10840 ================ Scan MBR ==================================
17:44:50.0450 10840 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:44:50.0528 10840 \Device\Harddisk0\DR0 - ok
17:44:50.0528 10840 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:44:50.0606 10840 \Device\Harddisk1\DR1 - ok
17:44:50.0606 10840 ================ Scan VBR ==================================
17:44:50.0622 10840 [ 0F312CBE40EFC60E28036AA32D549384 ] \Device\Harddisk0\DR0\Partition1
17:44:50.0622 10840 \Device\Harddisk0\DR0\Partition1 - ok
17:44:50.0638 10840 [ C46A44B6C2C78F9A690C44E832800DFF ] \Device\Harddisk0\DR0\Partition2
17:44:50.0638 10840 \Device\Harddisk0\DR0\Partition2 - ok
17:44:50.0653 10840 [ 068B1EE408318E3AA1B703490CC7D3F3 ] \Device\Harddisk0\DR0\Partition3
17:44:50.0653 10840 \Device\Harddisk0\DR0\Partition3 - ok
17:44:50.0669 10840 [ 6211A54910BDEB9AB6E44DE1DDAC62E7 ] \Device\Harddisk0\DR0\Partition4
17:44:50.0669 10840 \Device\Harddisk0\DR0\Partition4 - ok
17:44:50.0684 10840 [ DCE9D10D5297E45034B5D1EF1B187C18 ] \Device\Harddisk1\DR1\Partition1
17:44:50.0684 10840 \Device\Harddisk1\DR1\Partition1 - ok
17:44:50.0684 10840 ============================================================
17:44:50.0684 10840 Scan finished
17:44:50.0684 10840 ============================================================
17:44:50.0684 7956 Detected object count: 0
17:44:50.0684 7956 Actual detected object count: 0





MINI TOOL BOX

MiniToolBox by Farbar Version: 25-11-2012
Ran by Don (administrator) on 30-11-2012 at 17:34:46
Running from "C:\Users\Don\Desktop\WIP\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
802.11n Wireless LAN Card = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Don-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : att.net

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 9C-B7-0D-E0-54-5E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 9C-B7-0D-E0-54-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : att.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 90-2B-34-21-A8-25
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2602:306:cefd:9290:187c:26f9:3dfc:28d9(Preferred)
Temporary IPv6 Address. . . . . . : 2602:306:cefd:9290:2d61:78f8:a66f:6d77(Preferred)
Link-local IPv6 Address . . . . . : fe80::187c:26f9:3dfc:28d9%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, November 30, 2012 3:36:29 PM
Lease Expires . . . . . . . . . . : Friday, November 30, 2012 5:35:33 PM
Default Gateway . . . . . . . . . : fe80::42b7:f3ff:fe3a:a0f0%12
192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 277883700
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-20-D2-3B-90-2B-34-21-A8-25
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{398A5A5F-F0D0-4C3C-82C5-4622DD4AB64C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1817:2d3e:9310:26d6(Preferred)
Link-local IPv6 Address . . . . . : fe80::1817:2d3e:9310:26d6%16(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{2AF5C3ED-73C9-45DB-9120-A97C588C5F2B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.att.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : att.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dsldevice.att.net
Address: 192.168.1.254

Name: google.com
Addresses: 2001:4860:4007:800::1005
74.125.224.162
74.125.224.163
74.125.224.164
74.125.224.165
74.125.224.166
74.125.224.167
74.125.224.168
74.125.224.169
74.125.224.174
74.125.224.160
74.125.224.161


Pinging google.com [2001:4860:4007:801::1004] with 32 bytes of data:
Reply from 2001:4860:4007:801::1004: time=46ms
Reply from 2001:4860:4007:801::1004: time=45ms

Ping statistics for 2001:4860:4007:801::1004:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 45ms, Maximum = 46ms, Average = 45ms
Server: dsldevice.att.net
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=49ms TTL=47
Reply from 98.138.253.109: bytes=32 time=152ms TTL=47

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 49ms, Maximum = 152ms, Average = 100ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 4ms, Average = 2ms
===========================================================================
Interface List
14...9c b7 0d e0 54 5e ......Microsoft Virtual WiFi Miniport Adapter
13...9c b7 0d e0 54 5f ......802.11n Wireless LAN Card
12...90 2b 34 21 a8 25 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.68 296
169.254.255.255 255.255.255.255 On-link 192.168.1.68 276
192.168.1.0 255.255.255.0 On-link 192.168.1.68 276
192.168.1.68 255.255.255.255 On-link 192.168.1.68 276
192.168.1.255 255.255.255.255 On-link 192.168.1.68 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.68 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.68 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 276 ::/0 fe80::42b7:f3ff:fe3a:a0f0
1 306 ::1/128 On-link
16 58 2001::/32 On-link
16 306 2001:0:9d38:6ab8:1817:2d3e:9310:26d6/128
On-link
12 28 2602:306:cefd:9290::/64 On-link
12 276 2602:306:cefd:9290:187c:26f9:3dfc:28d9/128
On-link
12 276 2602:306:cefd:9290:2d61:78f8:a66f:6d77/128
On-link
12 276 fe80::/64 On-link
16 306 fe80::/64 On-link
16 306 fe80::1817:2d3e:9310:26d6/128
On-link
12 276 fe80::187c:26f9:3dfc:28d9/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193024] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/30/2012 05:50:31 AM) (Source: Application Hang) (User: )
Description: The program TWCApp.exe version 7.5.2.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1914

Start Time: 01cdce2665adb4f4

Termination Time: 305

Application Path: C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe

Report Id:

Error: (11/29/2012 06:39:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/29/2012 06:39:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/29/2012 06:37:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/29/2012 05:45:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/29/2012 05:45:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/29/2012 05:44:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/29/2012 05:44:55 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/28/2012 07:43:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/28/2012 07:43:05 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/30/2012 03:36:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MCLIENT service.

Error: (11/30/2012 00:00:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

Error: (11/30/2012 07:23:13 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (11/30/2012 05:45:01 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{A554D334-BB9F-46EF-A55B-74E696317E04} because another computer on the network has the same name. The server could not start.

Error: (11/30/2012 03:54:36 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (11/29/2012 11:31:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (11/29/2012 09:58:45 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (11/29/2012 09:58:14 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (11/29/2012 07:59:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (11/29/2012 04:29:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPAuto service.


Microsoft Office Sessions:
=========================
Error: (11/30/2012 05:50:31 AM) (Source: Application Hang)(User: )
Description: TWCApp.exe7.5.2.0191401cdce2665adb4f4305C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe

Error: (11/29/2012 06:39:25 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/29/2012 06:39:21 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/29/2012 06:37:15 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/29/2012 05:45:09 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Desktop\WIP\Downloads\esetsmartinstaller_enu.exe

Error: (11/29/2012 05:45:08 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Desktop\WIP\Downloads\esetsmartinstaller_enu.exe

Error: (11/29/2012 05:44:55 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Desktop\WIP\Downloads\esetsmartinstaller_enu.exe

Error: (11/29/2012 05:44:55 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Desktop\WIP\Downloads\esetsmartinstaller_enu(1).exe

Error: (11/28/2012 07:43:23 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Desktop\WIP\Downloads\esetsmartinstaller_enu.exe

Error: (11/28/2012 07:43:05 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Don\Desktop\WIP\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
Date: 2012-11-09 13:36:27.167
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1017\f151008768_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:36:27.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1017\f151008768_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:36:27.071
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1017\f151008768_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:36:27.018
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1017\f151008768_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:34:24.518
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1031\f151584240_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:34:24.470
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1031\f151584240_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:34:24.423
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1031\f151584240_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:34:24.323
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1031\f151584240_TmPfw.exe because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:30:49.146
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1060\f153507632_SfFnWSC.EXE because the set of per-page image hashes could not be found on the system.

Date: 2012-11-09 13:30:49.101
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume10\Restored March 2008 files\Recup 2\recup_dir.1060\f153507632_SfFnWSC.EXE because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

802.11n Wireless LAN Card (Version: 3.02.03.0)
Adobe AIR (Version: 3.4.0.2710)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Alarm++
Alarm++ (Version: 7.05)
Alchemy
AMD Accelerated Video Transcoding (Version: 2.00.0000)
AMD APP SDK Runtime (Version: 10.0.923.1)
AMD Catalyst Install Manager (Version: 8.0.873.0)
AMD Fuel (Version: 2012.0405.2205.37728)
AMD VISION Engine Control Center (Version: 2012.0405.2205.37728)
Apple Software Update (Version: 2.1.1.116)
Application Profiles (Version: 2.0.4532.34673)
ArcadeCandy (Version: ac 1.8.301)
ARO 2012 (Version: 8.0)
Ask Toolbar (Version: 1.15.2.0)
Bandwidth Monitor
Bejeweled 3 (Version: 2.2.0.97)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.2.8188)
Bonjour (Version: 1.0.106)
Bubble Wrap (Version: 1.0.0.0)
Canon MP Navigator 2.2
Canon Utilities Easy-PhotoPrint
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728)
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728)
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728)
ccc-utility64 (Version: 2012.0405.2205.37728)
CCC Help Chinese Standard (Version: 2012.0405.2204.37728)
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728)
CCC Help Czech (Version: 2012.0405.2204.37728)
CCC Help Danish (Version: 2012.0405.2204.37728)
CCC Help Dutch (Version: 2012.0405.2204.37728)
CCC Help English (Version: 2012.0405.2204.37728)
CCC Help Finnish (Version: 2012.0405.2204.37728)
CCC Help French (Version: 2012.0405.2204.37728)
CCC Help German (Version: 2012.0405.2204.37728)
CCC Help Greek (Version: 2012.0405.2204.37728)
CCC Help Hungarian (Version: 2012.0405.2204.37728)
CCC Help Italian (Version: 2012.0405.2204.37728)
CCC Help Japanese (Version: 2012.0405.2204.37728)
CCC Help Korean (Version: 2012.0405.2204.37728)
CCC Help Norwegian (Version: 2012.0405.2204.37728)
CCC Help Polish (Version: 2012.0405.2204.37728)
CCC Help Portuguese (Version: 2012.0405.2204.37728)
CCC Help Russian (Version: 2012.0405.2204.37728)
CCC Help Spanish (Version: 2012.0405.2204.37728)
CCC Help Swedish (Version: 2012.0405.2204.37728)
CCC Help Thai (Version: 2012.0405.2204.37728)
CCC Help Turkish (Version: 2012.0405.2204.37728)
Chuzzle Deluxe (Version: 2.2.0.95)
Cool Timer 4.2
Cradle of Rome 2 (Version: 2.2.0.98)
Cubis Gold 2
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Dora's World Adventure (Version: 2.2.0.95)
DriverTuner 3.1.0.0 (Version: 3.1.0.0)
Easy-WebPrint
Echoes Bundle (Version: 2.2.0.98)
eReg (Version: 1.20.138.34)
ESET Online Scanner v3
Facebook (Version: 1.1.0004)
Farm Frenzy (Version: 2.2.0.98)
Farmscapes (Version: 2.2.0.98)
FATE (Version: 2.2.0.97)
FileMaker Pro 11 (Version: 11.0.3.0)
FileMaker Pro 7 (Version: 7.0.1.0)
Final Drive Fury (Version: 2.2.0.95)
Free Ride Games Player
Gem Smashers (Version: 2.2.0.98)
Google Chrome (Version: 23.0.1271.95)
Google Earth (Version: 6.2.2.6613)
Google Update Helper (Version: 1.3.21.123)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hoyle Card Games (Version: 2.2.0.95)
HP Application Assistant (Version: 1.0.393.3870)
HP Auto (Version: 1.0.12935.3667)
HP Calendar (Version: 5.1.4245.23508)
HP Client Services (Version: 1.1.12938.3539)
HP Clock (Version: 5.1.4244.16367)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Games (Version: 1.0.3.0)
HP LinkUp (Version: 2.01.029)
HP Magic Canvas (Version: 5.1.15.0)
HP Magic Canvas Tutorials (Version: 5.0.0.3)
HP MovieStore (Version: 2.1.096)
HP MovieStore (Version: 2.1.21096.0)
HP Notes (Version: 5.1.4274.30382)
HP Odometer (Version: 2.10.0000)
HP Officejet 6700 Basic Device Software (Version: 28.0.1315.0)
HP Officejet 6700 Help (Version: 140.0.2.2)
HP Officejet 6700 Product Improvement Study (Version: 28.0.1315.0)
HP Remote Solution (Version: 1.1.14.0)
HP RSS (Version: 5.1.4301.21494)
HP Setup (Version: 9.0.15130.3904)
HP Setup Manager (Version: 1.2.15145.3905)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 11.00.0001)
HP TouchSmart Background - Beats (Version: 1.0.1.0)
HP TouchSmart RecipeBox (Version: 3.0.3830.27730)
HP Update (Version: 5.003.003.001)
HP Vision Hardware Diagnostics (Version: 2.12.1.0)
HP Weather (Version: 5.1.4295.16450)
HPDiagnosticCoreDll (Version: 1.0.3.0)
HydraVision (Version: 4.2.222.0)
I.R.I.S. OCR (Version: 12.3.4.0)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.6.0)
JavaFX 2.1.0 (Version: 2.1.0)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Mysteries: The Oracle of Ur Collector's Edition (Version: 2.2.0.110)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 2.0.3)
LabelPrint (Version: 2.5.4507)
LastPass(uninstall only)
Letters from Nowhere 2 (Version: 2.2.0.97)
Lineage Family Tree Software (Version: 7.1)
Lineage Family Tree Software Collaboration Support (Version: 1.10.0010)
Logitech SetPoint 6.32 (Version: 6.32.20)
Luxor HD (Version: 2.2.0.98)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MeFeedia (Version: 1.0.0.1)
Mesh Runtime (Version: 15.4.5722.2)
Metric Converter (Version: 1.0.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MozBackup 1.5.1
Mozilla Firefox 17.0 (x86 en-US) (Version: 17.0)
Mozilla Maintenance Service (Version: 17.0)
Mozilla Thunderbird 17.0 (x86 en-US) (Version: 17.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 20.2.0.19)
Norton Management (Version: 2.1.2.13)
Norton Online Backup (Version: 2.1.17869)
OmniPage SE 2.0 (Version: 2.00.0004)
opensource (Version: 1.0.14960.3876)
PDF-XChange 3
PDF Complete Special Edition (Version: 4.0.65)
Penguins! (Version: 2.2.0.98)
Picasa 3 (Version: 3.8)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Power2Go (Version: 6.1.5706)
PressReader (Version: 5.11.0721.0)
Presto! PageManager 7.15.11
RAIDXpert (Version: 3.3.1540.19)
Rapport (Version: 3.5.1205.17)
Recovery Manager (Version: 5.5.0.4424)
Remote Graphics Receiver (Version: 5.4.5)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Slingo Deluxe (Version: 2.2.0.95)
Spot (Version: 1.0.0.0)
Support.com Toolbar Updater (Version: 1.2.1.23037)
Tap Tap Bear (Version: 1.0.0.0)
The Print Shop 3.0 Fonts (Version: 1.0)
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
The Weather Channel App
Torchlight (Version: 2.2.0.98)
TPS 3.0 Standard (Version: 3.0)
TSHostedAppLauncher (Version: 5.1.15.0)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
White Haven Mysteries Collector's Edition (Version: 2.2.0.98)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (HP Games) (Version: 4.0.5.32)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Software Update
Yahoo! Toolbar
Yontoo 1.10.02 (Version: 1.10.02)
Zinio Reader 4 (Version: 4.2.4164)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 5983.87 MB
Available physical RAM: 3857.19 MB
Total Pagefile: 11965.93 MB
Available Pagefile: 8468.6 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.63 MB

========================= Partitions: =====================================

1 Drive c: (System) (Fixed) (Total:913.91 GB) (Free:830.61 GB) NTFS
2 Drive d: (Documents) (Fixed) (Total:931.51 GB) (Free:587.96 GB) NTFS
9 Drive z: (HP_RECOVERY) (Fixed) (Total:17.19 GB) (Free:2.11 GB) NTFS

========================= Users: ========================================

User accounts for \\DON-HP

Administrator Betty Don
Guest


**** End of log ****


ESETSCAN

C:\Users\Don\AppData\Local\Temp\YontooFFClient.xpi Win32/Adware.Yontoo application deleted - quarantined
C:\Users\Don\Documents\Firefox 16.0.1 (en-US) - 2012-10-15.pcv Win32/Adware.Yontoo application deleted - quarantined
D:\2 Betty\Betty\Application Data\Sun\Java\Deployment\cache\6.0\3\3fd84543-7a22a1c9 Java/TrojanDownloader.OpenStream.NCK trojan deleted - quarantined
D:\2 Betty\Betty\Application Data\Sun\Java\Deployment\cache\6.0\35\1e084623-78270cac Java/TrojanDownloader.OpenStream.NCK trojan deleted - quarantined
D:\Documents & Apps from Dell Dimension 2012 May 4\Windows XP Documents\2 Betty\Betty\Application Data\Sun\Java\Deployment\cache\6.0\3\3fd84543-7a22a1c9 Java/TrojanDownloader.OpenStream.NCK trojan deleted - quarantined
D:\Documents & Apps from Dell Dimension 2012 May 4\Windows XP Documents\2 Betty\Betty\Application Data\Sun\Java\Deployment\cache\6.0\35\1e084623-78270cac Java/TrojanDownloader.OpenStream.NCK trojan deleted - quarantined
D:\Documents & Apps from Dell Dimension 2012 May 4\Windows XP System\Documents & Settings from XP\Betty\Betty\Application Data\Sun\Java\Deployment\cache\6.0\3\3fd84543-7a22a1c9 Java/TrojanDownloader.OpenStream.NCK trojan deleted - quarantined
D:\Documents & Apps from Dell Dimension 2012 May 4\Windows XP System\Documents & Settings from XP\Betty\Betty\Application Data\Sun\Java\Deployment\cache\6.0\35\1e084623-78270cac Java/TrojanDownloader.OpenStream.NCK trojan deleted - quarantined
D:\DON-HP\Backup Set 2012-08-05 190000\Backup Files 2012-08-05 190000\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-08-26 190258\Backup Files 2012-08-26 190258\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-08-26 190258\Backup Files 2012-09-02 190002\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-09-16 190000\Backup Files 2012-09-16 190000\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-04 212648\Backup Files 2012-10-04 212648\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-16 213357\Backup Files 2012-10-16 213357\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-16 213357\Backup Files 2012-10-16 213357\Backup files 3.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-17 075956\Backup Files 2012-10-17 075956\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-17 101926\Backup Files 2012-10-17 101926\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-17 110626\Backup Files 2012-10-17 110626\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-17 110626\Backup Files 2012-10-17 110626\Backup files 2.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-21 190001\Backup Files 2012-10-21 190001\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-21 190001\Backup Files 2012-10-21 190001\Backup files 2.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-28 190001\Backup Files 2012-10-28 190001\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-10-28 190001\Backup Files 2012-10-28 190001\Backup files 2.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-11-18 190000\Backup Files 2012-11-18 190000\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-11-18 190000\Backup Files 2012-11-18 190000\Backup files 2.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-11-22 090148\Backup Files 2012-11-22 090148\Backup files 1.zip Win32/Adware.Yontoo application deleted - quarantined
D:\DON-HP\Backup Set 2012-11-22 090148\Backup Files 2012-11-22 090148\Backup files 2.zip Win32/Adware.Yontoo application deleted - quarantined



BTW ESETSCAN also took nearly 24 hours. Sometimes files would fly by, other times ESETSCAN would just stand still for several minutes or even hours. Occasionally the computer would inexplicably shut down for no apparent reason. Clicking on its window and on Windows Desktop sometimes got it moving again.


ASW_MBR

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-30 18:25:11
-----------------------------
18:25:11.025 OS Version: Windows x64 6.1.7601 Service Pack 1
18:25:11.025 Number of processors: 6 586 0x102
18:25:11.025 ComputerName: DON-HP UserName: Don
18:25:11.040 Initialze error 1 Incorrect function.
18:25:19.115 AVAST engine defs: 12113001
18:26:09.000 The log file has been saved successfully to "C:\Users\Don\Desktop\Bleeping computer\aswMBR.txt"

#6 Dash1730

Dash1730
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 30 November 2012 - 07:43 PM

BTW, I have not closed down ESET yet, and will try to not shut it down accidentally. I'm doing this in case there is anything I need to do with the quarantined files. I don't want to wait 24 hours before for ESET to run again.

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:00 AM

Posted 30 November 2012 - 09:20 PM

Everything in eSET can be removed.

Can yyou rerun aswMBR please.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Dash1730

Dash1730
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 01 December 2012 - 08:45 AM

Everything in eSET can be removed.

Do I have to do anything in manage quarantine first, or
Do I go straight to Delete quarantine?

I'm asking because the first time I ran eSET, I clicked on one of these options (I can't remember which), and I could not go back to this point to select the other option) Net result was I had to rerun eSET which tied up the computer for 24 hours. I don't want to do that again.

Thanks for your help.

#9 Dash1730

Dash1730
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 01 December 2012 - 11:21 PM

boopme,

I assume you took a well deserved Saturday off, so I plowed ahead and deleted everything in quarantine. Windows 7 boot-up was a bit shaky, but it corrected itself with a system restore. And I found FileMaker Pro 11 had to be reinstalled, but it's working fine now. Google searches still assume I live in Australia (I use Mozilla Firefox 15.0). There may be other problems that I haven't discovered yet. It may take a few days before I can inventory everything.

There is the results of rerunning aswMBR a second time:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-01 19:01:41
-----------------------------
19:01:41.935 OS Version: Windows x64 6.1.7601 Service Pack 1
19:01:41.935 Number of processors: 6 586 0x102
19:01:41.936 ComputerName: DON-HP UserName: Don
19:01:42.342 Initialze error 1 Incorrect function.
19:01:54.009 AVAST engine defs: 12113001
19:02:16.295 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000079
19:02:16.296 Disk 0 Vendor: Seagate HP64____ Size: 953674MB BusType: 8
19:02:16.299 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000007a
19:02:16.301 Disk 1 Vendor: Seagate HP64____ Size: 953869MB BusType: 8
19:02:16.328 Disk 0 MBR read successfully
19:02:16.330 Disk 0 MBR scan
19:02:16.338 Disk 0 unknown MBR code
19:02:16.340 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
19:02:16.348 Disk 0 scanning C:\windows\system32\drivers
19:02:16.350 Service scanning
19:02:16.913 Modules scanning
19:02:16.916 Disk 0 trace - called modules:
19:02:16.922 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll ahcix64s.sys
19:02:16.925 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800715f060]
19:02:16.929 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> \Device\00000079[0xfffffa80063d09c0]
19:02:16.933 AVAST engine scan C:\windows
19:02:16.937 AVAST engine scan C:\windows\system32
19:02:16.941 AVAST engine scan C:\windows\system32\drivers
19:02:16.945 AVAST engine scan C:\Users\Don
19:02:16.949 AVAST engine scan C:\ProgramData
19:02:16.953 Scan finished successfully
19:03:50.257 Disk 0 MBR has been saved successfully to "C:\Users\Don\Desktop\Bleeping computer\MBR.dat"
19:03:50.264 The log file has been saved successfully to "C:\Users\Don\Desktop\Bleeping computer\aswMBR.txt"
19:04:05.950 Disk 0 MBR has been saved successfully to "C:\Users\Don\Desktop\Bleeping computer\MBR.dat"
19:04:05.954 The log file has been saved successfully to "C:\Users\Don\Desktop\Bleeping computer\aswMBR 2.txt"




Thanks again for your help.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:00 AM

Posted 02 December 2012 - 08:59 PM

You're welcome and yes I had to be somewhere.

Look at this
http://forums.mozillazine.org/viewtopic.php?f=38&t=437640
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Dash1730

Dash1730
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 04 December 2012 - 09:54 PM

YaaaHOOOO Google has figured out I'm a Texan, not an Australian. Thanks four helping me figure that out.

One final question. I have run Norton Internet Security for over two years I have had virtually no problems, that is until the last 5-6 weeks. I have always used the latest version of Norton Internet Security but nothing else. As a result, I've wasted 20-30 hours trying to recover from this fiasco. I would rather not repeat this experience. Do you have any suggestions?

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:00 AM

Posted 04 December 2012 - 10:36 PM

Ok alot of those online games contain or install spy/adware..It's just part of the free game deal//

I would still run these next then after that is done. Start a new back up as your backed up files were ifected.

ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


Junkware Removal Tool
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Dash1730

Dash1730
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas, Tx
  • Local time:09:00 AM

Posted 06 December 2012 - 09:22 PM

I ran AdwCleaner and Junkware Removal Tool and following is the results from Junkware Removal. Things seemed to be back to normal since Tuesday Dec 4, and then Thursday Google searches began mucking up again. This time most searches get me pictures only, but relevant to the search request. I generally can't get the usual text response. My wife and I have not downloaded any games or anything else since Tuesday, (except downloading fixes for my computer your have directed me to use.) so I don't know how a new malware got downloaded. Any clue?

Here's Junkware's report:

Junkware Removal Tool (JRT) by Thisisu
Version: 3.9.4 (12.06.2012:5)
OS: Windows 7 Home Premium x64
Ran by Don on Thu 12/06/2012 at 20:01:25.20
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{154d932f-dc51-4a4f-9d52-b78b1419d3b4}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{154d932f-dc51-4a4f-9d52-b78b1419d3b4}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{154d932f-dc51-4a4f-9d52-b78b1419d3b4}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ab6bd08c-db6b-4f02-8a22-4bd343e990ff}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{ab6bd08c-db6b-4f02-8a22-4bd343e990ff}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Don\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Don\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Don\appdata\local\visi_coupon"
Successfully deleted: [Folder] "C:\Users\Don\appdata\locallow\ilividtoolbarguid"
Successfully deleted: [Folder] "C:\Users\Don\appdata\locallow\mefeediatest"
Successfully deleted: [Folder] "C:\Program Files (x86)\mefeediatest"
Successfully deleted: [Folder] "C:\Program Files (x86)\search results toolbar"



~~~ FireFox

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\gtffxtbr@gamingwonderland.com
Successfully deleted the following from C:\Users\Don\AppData\Roaming\mozilla\firefox\profiles\cf6ti91e.default\prefs.js

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"gtffxtbr@GamingWonderland.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\GamingWonderland\\\\bar\\\\1.bin\",\
user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,Buzzdock,");
user_pref("extentions.y2layers.installId", "7baedf64-6987-461b-ac8c-4a98dbb075e8");
Successfully deleted the following from C:\Users\Don\AppData\Roaming\mozilla\firefox\profiles\ywzdgr9n.New Profile\prefs.js

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"quickprint@hp.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Hewlett-Packard\\\\SmartPrint\\\\QPExtension\",\



~~~ Event Viewer Logs were cleared

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:00 AM

Posted 06 December 2012 - 10:02 PM

Ok, I think thereis a protected malware on hereand We cannot see it with these tools.. We need a new topic a deeper look. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.

Include this link back to here... http://www.bleepingcomputer.com/forums/topic476450.html/page__pid__2914991#top
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users