Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

softonic virus maybe


  • Please log in to reply
15 replies to this topic

#1 BobConner

BobConner

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 05 December 2012 - 05:01 PM

recently i scanned my laptop with hitman pro and the results showed a suspicious folder or something, it said softonic and there was this directory somewhere S:/, my trial for hitman ran out and apparently you can just keep using 30 days so i hit activate trial and scanned again so i could resolve the issue but nothing come up. now my laptop is acting really strange, running slowly and when i try to play a video file windows media player tells me something is wrong and that windows media player is corrupted. please help me

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:11 AM

Posted 05 December 2012 - 07:45 PM

Hello Bob.. What is your operating system? I would like o try doing a System Restore to a date before this started.

http://www.bleepingcomputer.com/tutorials/?act=search&keyword=System+Restore&x=44&y=25
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 06 December 2012 - 09:50 PM

hello, im running windows 7

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:11 AM

Posted 06 December 2012 - 10:09 PM

Ok,do a System Restore to a date before this started.

How to Do a System Restore in Windows 7

See if it is now at least how it as before you ran Hitman. I do not carefor that tool for reasons as this.


Now if it 's working Run these.

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



>>>>>>

TDSS Alt

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.


>>>>
ADW Cleaner

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

>>>>>>

ESET ONLINE


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 09 December 2012 - 11:00 PM

sorry i have been really busy, i just wanted you to know that im alive and will be able to restore and run these programs tomorrow and let you know how it went, thank you

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:11 AM

Posted 09 December 2012 - 11:16 PM

No problem,we believe in RLCF Real Life Comes First.. I'll look back.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 10 December 2012 - 07:10 PM

MiniToolBox by Farbar Version: 25-11-2012
Ran by Lucas (administrator) on 10-12-2012 at 19:05:21
Running from "C:\Users\Lucas\Desktop\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lucas-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : buffalo.rr.com

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : NB7WDS.COM
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 04-7D-7B-40-35-30
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : buffalo.rr.com
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 9C-B7-0D-22-26-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5408:ca25:3145:c40d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.146(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, December 10, 2012 7:00:54 PM
Lease Expires . . . . . . . . . . : Tuesday, December 11, 2012 7:00:54 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 245151501
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-93-EC-2D-9C-B7-0D-22-26-78
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.buffalo.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.NB7WDS.COM:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4004:803::1000
74.125.228.3
74.125.228.4
74.125.228.5
74.125.228.6
74.125.228.7
74.125.228.8
74.125.228.9
74.125.228.14
74.125.228.0
74.125.228.1
74.125.228.2


Pinging google.com [74.125.228.66] with 32 bytes of data:
Reply from 74.125.228.66: bytes=32 time=52ms TTL=50
Reply from 74.125.228.66: bytes=32 time=37ms TTL=50

Ping statistics for 74.125.228.66:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 52ms, Average = 44ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=184ms TTL=52
Reply from 72.30.38.140: bytes=32 time=90ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 90ms, Maximum = 184ms, Average = 137ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...04 7d 7b 40 35 30 ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...9c b7 0d 22 26 78 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.146 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.146 281
192.168.1.146 255.255.255.255 On-link 192.168.1.146 281
192.168.1.255 255.255.255.255 On-link 192.168.1.146 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.146 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.146 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::5408:ca25:3145:c40d/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/10/2012 07:02:16 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/10/2012 07:01:05 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/10/2012 06:51:15 PM) (Source: Toshiba App Place) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/10/2012 06:50:41 PM) (Source: System Restore) (User: )
Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070005.

Error: (12/10/2012 06:50:04 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: The operation completed successfully
--- End of inner exception stack trace ---
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/10/2012 06:34:48 PM) (Source: Application Hang) (User: )
Description: The program Steam.exe version 1.0.1595.686 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ed0

Start Time: 01cdd72e7df9dcff

Termination Time: 17

Application Path: C:\Program Files (x86)\Steam\Steam.exe

Report Id: 0de27c11-4322-11e2-a4c9-047d7b403530

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)


System errors:
=============
Error: (12/10/2012 07:06:04 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (12/10/2012 07:06:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (12/10/2012 07:01:05 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (12/10/2012 07:01:03 PM) (Source: Service Control Manager) (User: )
Description: The Common Client Job Manager Service service terminated with service-specific error %%-1.

Error: (12/10/2012 07:01:02 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/10/2012 07:00:55 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/10/2012 06:50:04 PM) (Source: Service Control Manager) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (12/10/2012 06:50:00 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (12/10/2012 06:49:58 PM) (Source: Service Control Manager) (User: )
Description: The Common Client Job Manager Service service terminated with service-specific error %%-1.

Error: (12/10/2012 06:49:58 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5


Microsoft Office Sessions:
=========================
Error: (12/10/2012 07:02:16 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/10/2012 07:01:05 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/10/2012 06:51:15 PM) (Source: Toshiba App Place)(User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
at System.Timers.Timer.set_Enabled(Boolean value)
at SnappCloud.ActivationReminder.AraClient.PostInit()
at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (12/10/2012 06:50:41 PM) (Source: System Restore)(User: )
Description: Windows Update0x80070005

Error: (12/10/2012 06:50:04 PM) (Source: BstHdAndroidSvc)(User: )
Description: Service cannot be started. System.SystemException: Cannot create VM ---> System.ComponentModel.Win32Exception: The operation completed successfully
--- End of inner exception stack trace ---
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (12/10/2012 06:34:48 PM) (Source: Application Hang)(User: )
Description: Steam.exe1.0.1595.686ed001cdd72e7df9dcff17C:\Program Files (x86)\Steam\Steam.exe0de27c11-4322-11e2-a4c9-047d7b403530

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/10/2012 06:32:08 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer


=========================== Installed Programs ============================

Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.6.636)
Amazon Links (Version: 2.02)
Apple Application Support (Version: 2.3)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
AVG 2013 (Version: 13.0.2634)
AVG 2013 (Version: 13.0.2793)
AVG 2013 (Version: 2013.0.2793)
AVG Security Toolbar
Bejeweled 3 (Version: 2.2.0.97)
BlueStacks App Player (Version: 0.7.7.813)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.24)
Chuzzle Deluxe (Version: 2.2.0.95)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Combined Community Codec Pack 2011-11-11 (Version: 2011.11.11.0)
Conexant HD Audio (Version: 8.51.1.0)
D3DX10 (Version: 15.4.2368.0902)
DivX Setup (Version: 2.6.1.9)
FATE - The Traitor Soul (Version: 2.2.0.95)
Google Chrome (Version: 23.0.1271.91)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
HitmanPro 3.6 (Version: 3.6.2.174)
iCloud (Version: 2.0.2.187)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 10.7.0.21)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
JavaFX 2.1.1 (Version: 2.1.1)
Jewel Quest: The Sleepless Star - Collector's Edition (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Xbox 360 Accessories 1.2 (Version: 1.20.146.0)
Mozilla Firefox 16.0.2 (x86 en-US) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 16.0.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Notification Center (Version: 0.7.7.813)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Polar Bowler (Version: 2.2.0.95)
QuickTime (Version: 7.73.80.64)
Realtek USB 2.0 Reader Driver (Version: 1.0.0.12)
Realtek WLAN Driver (Version: 2.00.0013)
Skype Launcher (Version: 2.01)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 15.2.11.1)
Team Fortress 2
Tom Clancy's Splinter Cell (Version: 2.2.0.97)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 4.02.02)
Toshiba Book Place (Version: 3.0.9490)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA eco Utility (Version: 1.2.25.64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 4.08.06.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
Toshiba Laptop Checkup (Version: 2.0.10.26)
TOSHIBA Media Controller (Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (Version: 1.0.8.0)
Toshiba Online Backup (Version: 2.0.0.25)
TOSHIBA PC Health Monitor (Version: 1.7.4.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.0)
TOSHIBA Service Station (Version: 2.2.9)
TOSHIBA Sleep Utility (Version: 1.4.2.7)
TOSHIBA Supervisor Password (Version: 4.08.06.00)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Web Camera Application (Version: 2.0.0.19)
TOSHIBA Wireless LAN Indicator (Version: 1.0.3)
ToshibaRegistration (Version: 1.0.4)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Toshiba Games) (Version: 4.0.4.16)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Zuma's Revenge (Version: 2.2.0.97)

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 4043.86 MB
Available physical RAM: 1771.84 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 5528.67 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.32 MB

========================= Partitions: =====================================

1 Drive c: (TI106139W0E) (Fixed) (Total:580.98 GB) (Free:467.38 GB) NTFS

========================= Users: ========================================

User accounts for \\LUCAS-PC

Administrator Guest Lucas


**** End of log ****

#8 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 10 December 2012 - 07:19 PM

19:11:21.0189 1400 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:11:22.0189 1400 ============================================================
19:11:22.0189 1400 Current date / time: 2012/12/10 19:11:22.0189
19:11:22.0189 1400 SystemInfo:
19:11:22.0189 1400
19:11:22.0190 1400 OS Version: 6.1.7601 ServicePack: 1.0
19:11:22.0190 1400 Product type: Workstation
19:11:22.0190 1400 ComputerName: LUCAS-PC
19:11:22.0190 1400 UserName: Lucas
19:11:22.0190 1400 Windows directory: C:\windows
19:11:22.0190 1400 System windows directory: C:\windows
19:11:22.0190 1400 Running under WOW64
19:11:22.0190 1400 Processor architecture: Intel x64
19:11:22.0190 1400 Number of processors: 4
19:11:22.0190 1400 Page size: 0x1000
19:11:22.0190 1400 Boot type: Normal boot
19:11:22.0190 1400 ============================================================
19:11:28.0826 1400 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:11:28.0975 1400 ============================================================
19:11:28.0975 1400 \Device\Harddisk0\DR0:
19:11:28.0979 1400 MBR partitions:
19:11:28.0979 1400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x489F4800
19:11:28.0979 1400 ============================================================
19:11:29.0892 1400 C: <-> \Device\Harddisk0\DR0\Partition1
19:11:29.0892 1400 ============================================================
19:11:29.0892 1400 Initialize success
19:11:29.0892 1400 ============================================================
19:11:54.0623 6348 ============================================================
19:11:54.0623 6348 Scan started
19:11:54.0623 6348 Mode: Manual; TDLFS;
19:11:54.0623 6348 ============================================================
19:12:10.0648 6348 ================ Scan system memory ========================
19:12:10.0648 6348 System memory - ok
19:12:10.0651 6348 ================ Scan services =============================
19:12:13.0622 6348 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
19:12:14.0597 6348 1394ohci - ok
19:12:15.0226 6348 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
19:12:16.0041 6348 ACPI - ok
19:12:16.0340 6348 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
19:12:17.0185 6348 AcpiPmi - ok
19:12:18.0367 6348 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:12:20.0755 6348 AdobeARMservice - ok
19:12:21.0549 6348 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:12:21.0623 6348 AdobeFlashPlayerUpdateSvc - ok
19:12:21.0893 6348 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
19:12:24.0213 6348 adp94xx - ok
19:12:24.0532 6348 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
19:12:25.0602 6348 adpahci - ok
19:12:25.0715 6348 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
19:12:26.0125 6348 adpu320 - ok
19:12:26.0233 6348 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
19:12:26.0236 6348 AeLookupSvc - ok
19:12:26.0399 6348 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
19:12:26.0419 6348 AFD - ok
19:12:26.0552 6348 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
19:12:27.0496 6348 agp440 - ok
19:12:28.0019 6348 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
19:12:28.0023 6348 ALG - ok
19:12:28.0085 6348 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
19:12:29.0165 6348 aliide - ok
19:12:29.0363 6348 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
19:12:29.0383 6348 amdide - ok
19:12:29.0656 6348 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
19:12:30.0103 6348 AmdK8 - ok
19:12:30.0124 6348 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
19:12:31.0423 6348 AmdPPM - ok
19:12:31.0743 6348 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
19:12:33.0254 6348 amdsata - ok
19:12:33.0443 6348 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
19:12:34.0049 6348 amdsbs - ok
19:12:34.0144 6348 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
19:12:34.0145 6348 amdxata - ok
19:12:34.0824 6348 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
19:12:35.0120 6348 AppID - ok
19:12:35.0186 6348 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
19:12:35.0188 6348 AppIDSvc - ok
19:12:35.0278 6348 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
19:12:35.0281 6348 Appinfo - ok
19:12:35.0444 6348 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:12:35.0446 6348 Apple Mobile Device - ok
19:12:35.0582 6348 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
19:12:36.0183 6348 arc - ok
19:12:36.0452 6348 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
19:12:37.0186 6348 arcsas - ok
19:12:37.0237 6348 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:12:37.0239 6348 AsyncMac - ok
19:12:37.0495 6348 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:12:37.0585 6348 atapi - ok
19:12:37.0952 6348 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:12:37.0960 6348 AudioEndpointBuilder - ok
19:12:37.0972 6348 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:12:37.0977 6348 AudioSrv - ok
19:12:40.0559 6348 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:12:40.0662 6348 AVGIDSAgent - ok
19:12:40.0797 6348 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
19:12:40.0800 6348 AVGIDSDriver - ok
19:12:41.0003 6348 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
19:12:41.0007 6348 AVGIDSHA - ok
19:12:41.0239 6348 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
19:12:41.0518 6348 Avgldx64 - ok
19:12:42.0248 6348 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\windows\system32\DRIVERS\avgloga.sys
19:12:42.0434 6348 Avgloga - ok
19:12:42.0775 6348 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
19:12:42.0912 6348 Avgmfx64 - ok
19:12:43.0513 6348 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
19:12:43.0520 6348 Avgrkx64 - ok
19:12:43.0956 6348 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
19:12:43.0959 6348 Avgtdia - ok
19:12:44.0060 6348 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\windows\system32\drivers\avgtpx64.sys
19:12:44.0061 6348 avgtp - ok
19:12:44.0257 6348 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:12:44.0274 6348 avgwd - ok
19:12:44.0380 6348 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:12:44.0382 6348 AxInstSV - ok
19:12:44.0591 6348 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
19:12:45.0780 6348 b06bdrv - ok
19:12:46.0244 6348 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:12:49.0779 6348 b57nd60a - ok
19:12:50.0005 6348 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:12:50.0006 6348 BDESVC - ok
19:12:50.0758 6348 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:12:52.0736 6348 Beep - ok
19:12:54.0751 6348 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:12:55.0314 6348 BFE - ok
19:12:56.0831 6348 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
19:12:57.0092 6348 BITS - ok
19:12:57.0486 6348 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:12:59.0878 6348 blbdrive - ok
19:13:02.0555 6348 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:13:02.0559 6348 Bonjour Service - ok
19:13:03.0803 6348 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:13:04.0112 6348 bowser - ok
19:13:05.0182 6348 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
19:13:05.0712 6348 BrFiltLo - ok
19:13:06.0226 6348 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
19:13:08.0508 6348 BrFiltUp - ok
19:13:09.0741 6348 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:13:10.0026 6348 Browser - ok
19:13:11.0634 6348 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:13:16.0428 6348 Brserid - ok
19:13:16.0448 6348 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:13:17.0872 6348 BrSerWdm - ok
19:13:17.0918 6348 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:13:18.0758 6348 BrUsbMdm - ok
19:13:18.0952 6348 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:13:19.0102 6348 BrUsbSer - ok
19:13:24.0155 6348 [ A9C4AEE6AC10D41BB815468D2E734045 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
19:13:24.0568 6348 BstHdAndroidSvc - ok
19:13:25.0165 6348 [ EAE75499461AE856330EBDB3489DB1E9 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
19:13:25.0498 6348 BstHdDrv - ok
19:13:25.0878 6348 [ CD96992A52B454CDBB77E56F9F7FA151 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
19:13:26.0035 6348 BstHdLogRotatorSvc - ok
19:13:26.0077 6348 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
19:13:27.0421 6348 BTHMODEM - ok
19:13:27.0654 6348 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:13:27.0656 6348 bthserv - ok
19:13:27.0709 6348 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:13:27.0711 6348 cdfs - ok
19:13:27.0789 6348 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
19:13:28.0356 6348 cdrom - ok
19:13:28.0750 6348 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:13:28.0752 6348 CertPropSvc - ok
19:13:28.0798 6348 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
19:13:29.0402 6348 circlass - ok
19:13:29.0523 6348 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:13:29.0528 6348 CLFS - ok
19:13:29.0940 6348 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:13:32.0030 6348 clr_optimization_v2.0.50727_32 - ok
19:13:32.0310 6348 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:13:34.0389 6348 clr_optimization_v2.0.50727_64 - ok
19:13:34.0781 6348 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:13:34.0914 6348 clr_optimization_v4.0.30319_32 - ok
19:13:35.0736 6348 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:13:35.0739 6348 clr_optimization_v4.0.30319_64 - ok
19:13:35.0903 6348 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:13:36.0144 6348 CmBatt - ok
19:13:36.0369 6348 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:13:36.0885 6348 cmdide - ok
19:13:37.0038 6348 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
19:13:37.0045 6348 CNG - ok
19:13:38.0436 6348 [ 66847C979893A11CFCC2280E772D7EA1 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
19:13:38.0516 6348 CnxtHdAudService - ok
19:13:38.0792 6348 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
19:13:38.0795 6348 Compbatt - ok
19:13:38.0824 6348 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
19:13:40.0123 6348 CompositeBus - ok
19:13:40.0231 6348 COMSysApp - ok
19:13:40.0329 6348 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
19:13:40.0454 6348 crcdisk - ok
19:13:40.0696 6348 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
19:13:40.0699 6348 CryptSvc - ok
19:13:41.0013 6348 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:13:41.0023 6348 cvhsvc - ok
19:13:41.0190 6348 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:13:41.0434 6348 DcomLaunch - ok
19:13:41.0738 6348 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:13:41.0747 6348 defragsvc - ok
19:13:41.0827 6348 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:13:41.0832 6348 DfsC - ok
19:13:42.0031 6348 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:13:42.0040 6348 Dhcp - ok
19:13:42.0082 6348 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:13:42.0085 6348 discache - ok
19:13:42.0184 6348 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
19:13:42.0187 6348 Disk - ok
19:13:42.0268 6348 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:13:42.0273 6348 Dnscache - ok
19:13:42.0429 6348 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:13:42.0437 6348 dot3svc - ok
19:13:42.0478 6348 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:13:42.0483 6348 DPS - ok
19:13:42.0551 6348 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:13:42.0927 6348 drmkaud - ok
19:13:43.0059 6348 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:13:44.0126 6348 DXGKrnl - ok
19:13:44.0176 6348 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:13:44.0181 6348 EapHost - ok
19:13:44.0614 6348 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
19:13:44.0990 6348 ebdrv - ok
19:13:45.0039 6348 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
19:13:45.0043 6348 EFS - ok
19:13:45.0798 6348 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:13:45.0870 6348 ehRecvr - ok
19:13:46.0183 6348 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:13:46.0269 6348 ehSched - ok
19:13:46.0621 6348 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
19:13:46.0987 6348 elxstor - ok
19:13:46.0996 6348 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:13:47.0112 6348 ErrDev - ok
19:13:47.0718 6348 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:13:47.0861 6348 EventSystem - ok
19:13:47.0997 6348 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:13:48.0421 6348 exfat - ok
19:13:48.0463 6348 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:13:48.0470 6348 fastfat - ok
19:13:48.0622 6348 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:13:48.0639 6348 Fax - ok
19:13:48.0735 6348 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
19:13:48.0968 6348 fdc - ok
19:13:49.0046 6348 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:13:49.0049 6348 fdPHost - ok
19:13:49.0063 6348 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:13:49.0067 6348 FDResPub - ok
19:13:49.0130 6348 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:13:49.0134 6348 FileInfo - ok
19:13:49.0150 6348 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:13:49.0153 6348 Filetrace - ok
19:13:49.0227 6348 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
19:13:49.0664 6348 flpydisk - ok
19:13:49.0737 6348 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:13:49.0745 6348 FltMgr - ok
19:13:50.0186 6348 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
19:13:50.0317 6348 FontCache - ok
19:13:50.0667 6348 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:13:50.0671 6348 FontCache3.0.0.0 - ok
19:13:50.0718 6348 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:13:50.0721 6348 FsDepends - ok
19:13:50.0803 6348 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:13:50.0806 6348 Fs_Rec - ok
19:13:50.0909 6348 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:13:50.0916 6348 fvevol - ok
19:13:50.0962 6348 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
19:13:51.0725 6348 gagp30kx - ok
19:13:52.0545 6348 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:13:54.0344 6348 GamesAppService - ok
19:13:54.0388 6348 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
19:13:54.0391 6348 GEARAspiWDM - ok
19:13:54.0689 6348 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:13:54.0725 6348 gpsvc - ok
19:13:55.0037 6348 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:13:55.0042 6348 gupdate - ok
19:13:55.0088 6348 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:13:55.0091 6348 gupdatem - ok
19:13:55.0405 6348 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:13:55.0411 6348 gusvc - ok
19:13:55.0479 6348 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:13:55.0765 6348 hcw85cir - ok
19:13:56.0019 6348 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:13:56.0389 6348 HdAudAddService - ok
19:13:56.0498 6348 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
19:13:56.0502 6348 HDAudBus - ok
19:13:56.0548 6348 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
19:13:57.0112 6348 HidBatt - ok
19:13:57.0774 6348 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
19:13:58.0152 6348 HidBth - ok
19:13:58.0187 6348 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
19:13:58.0417 6348 HidIr - ok
19:13:58.0520 6348 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
19:13:58.0525 6348 hidserv - ok
19:13:58.0707 6348 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
19:13:59.0099 6348 HidUsb - ok
19:13:59.0964 6348 [ 44F92C1F913E582BEF9CAC66443C6230 ] hitmanpro36 C:\windows\system32\drivers\hitmanpro36.sys
19:13:59.0967 6348 hitmanpro36 - ok
19:14:00.0113 6348 [ 874073073B79FF7161AA66F809B05137 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
19:14:00.0117 6348 HitmanProScheduler - ok
19:14:00.0165 6348 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:14:00.0170 6348 hkmsvc - ok
19:14:00.0202 6348 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:14:00.0210 6348 HomeGroupListener - ok
19:14:00.0272 6348 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:14:00.0280 6348 HomeGroupProvider - ok
19:14:00.0349 6348 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:14:00.0571 6348 HpSAMD - ok
19:14:00.0676 6348 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:14:00.0685 6348 HTTP - ok
19:14:00.0739 6348 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:14:00.0742 6348 hwpolicy - ok
19:14:00.0790 6348 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
19:14:01.0001 6348 i8042prt - ok
19:14:01.0090 6348 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
19:14:01.0100 6348 iaStor - ok
19:14:01.0181 6348 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:14:01.0398 6348 iaStorV - ok
19:14:01.0731 6348 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:14:03.0434 6348 IDriverT - ok
19:14:04.0063 6348 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:14:05.0509 6348 idsvc - ok
19:14:08.0795 6348 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:14:09.0112 6348 igfx - ok
19:14:09.0345 6348 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
19:14:09.0923 6348 iirsp - ok
19:14:10.0136 6348 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
19:14:10.0156 6348 IKEEXT - ok
19:14:10.0477 6348 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
19:14:10.0486 6348 IntcDAud - ok
19:14:10.0535 6348 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:14:10.0746 6348 intelide - ok
19:14:10.0806 6348 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:14:10.0809 6348 intelppm - ok
19:14:10.0950 6348 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:14:10.0956 6348 IPBusEnum - ok
19:14:11.0183 6348 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:14:12.0038 6348 IpFilterDriver - ok
19:14:12.0072 6348 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:14:12.0397 6348 IPMIDRV - ok
19:14:12.0442 6348 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:14:12.0597 6348 IPNAT - ok
19:14:13.0559 6348 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:14:13.0574 6348 iPod Service - ok
19:14:13.0699 6348 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:14:13.0702 6348 IRENUM - ok
19:14:13.0721 6348 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:14:13.0905 6348 isapnp - ok
19:14:13.0978 6348 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:14:14.0058 6348 iScsiPrt - ok
19:14:14.0103 6348 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
19:14:14.0330 6348 kbdclass - ok
19:14:14.0380 6348 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
19:14:14.0766 6348 kbdhid - ok
19:14:14.0809 6348 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
19:14:14.0813 6348 KeyIso - ok
19:14:14.0839 6348 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:14:14.0844 6348 KSecDD - ok
19:14:14.0911 6348 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:14:14.0916 6348 KSecPkg - ok
19:14:15.0010 6348 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:14:15.0387 6348 ksthunk - ok
19:14:15.0664 6348 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:14:16.0043 6348 KtmRm - ok
19:14:16.0171 6348 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
19:14:16.0175 6348 L1C - ok
19:14:16.0269 6348 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
19:14:16.0279 6348 LanmanServer - ok
19:14:16.0430 6348 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:14:16.0438 6348 LanmanWorkstation - ok
19:14:16.0598 6348 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:14:16.0603 6348 lltdio - ok
19:14:16.0699 6348 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:14:17.0110 6348 lltdsvc - ok
19:14:17.0211 6348 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:14:17.0340 6348 lmhosts - ok
19:14:17.0713 6348 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:14:17.0721 6348 LMS - ok
19:14:17.0809 6348 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
19:14:18.0187 6348 LSI_FC - ok
19:14:18.0242 6348 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
19:14:18.0422 6348 LSI_SAS - ok
19:14:18.0535 6348 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
19:14:18.0725 6348 LSI_SAS2 - ok
19:14:18.0818 6348 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
19:14:18.0973 6348 LSI_SCSI - ok
19:14:19.0012 6348 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:14:19.0017 6348 luafv - ok
19:14:19.0490 6348 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
19:14:19.0493 6348 MBAMProtector - ok
19:14:19.0765 6348 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:14:19.0842 6348 MBAMScheduler - ok
19:14:19.0936 6348 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:14:19.0959 6348 MBAMService - ok
19:14:20.0067 6348 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:14:20.0245 6348 Mcx2Svc - ok
19:14:20.0442 6348 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
19:14:20.0806 6348 megasas - ok
19:14:21.0073 6348 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
19:14:21.0603 6348 MegaSR - ok
19:14:21.0720 6348 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
19:14:21.0723 6348 MEIx64 - ok
19:14:21.0805 6348 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:14:21.0810 6348 MMCSS - ok
19:14:21.0889 6348 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:14:22.0103 6348 Modem - ok
19:14:22.0137 6348 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:14:22.0139 6348 monitor - ok
19:14:22.0222 6348 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:14:22.0448 6348 mouclass - ok
19:14:22.0532 6348 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:14:22.0706 6348 mouhid - ok
19:14:22.0823 6348 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:14:22.0826 6348 mountmgr - ok
19:14:22.0936 6348 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:14:22.0942 6348 MozillaMaintenance - ok
19:14:22.0994 6348 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:14:23.0805 6348 mpio - ok
19:14:23.0923 6348 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:14:23.0927 6348 mpsdrv - ok
19:14:24.0046 6348 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:14:24.0066 6348 MpsSvc - ok
19:14:24.0120 6348 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:14:24.0287 6348 MRxDAV - ok
19:14:24.0434 6348 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:14:24.0439 6348 mrxsmb - ok
19:14:24.0481 6348 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:14:24.0488 6348 mrxsmb10 - ok
19:14:24.0563 6348 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:14:24.0567 6348 mrxsmb20 - ok
19:14:24.0594 6348 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
19:14:24.0596 6348 msahci - ok
19:14:24.0624 6348 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:14:24.0689 6348 msdsm - ok
19:14:24.0745 6348 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:14:25.0728 6348 MSDTC - ok
19:14:26.0095 6348 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:14:26.0468 6348 Msfs - ok
19:14:26.0505 6348 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:14:26.0506 6348 mshidkmdf - ok
19:14:26.0528 6348 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:14:26.0529 6348 msisadrv - ok
19:14:26.0599 6348 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:14:27.0455 6348 MSiSCSI - ok
19:14:27.0462 6348 msiserver - ok
19:14:27.0809 6348 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:14:27.0969 6348 MSKSSRV - ok
19:14:28.0242 6348 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:14:28.0931 6348 MSPCLOCK - ok
19:14:29.0055 6348 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:14:29.0206 6348 MSPQM - ok
19:14:29.0596 6348 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:14:29.0730 6348 MsRPC - ok
19:14:29.0910 6348 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
19:14:29.0911 6348 mssmbios - ok
19:14:30.0176 6348 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:14:30.0962 6348 MSTEE - ok
19:14:31.0021 6348 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
19:14:31.0895 6348 MTConfig - ok
19:14:31.0979 6348 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:14:32.0069 6348 Mup - ok
19:14:32.0475 6348 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:14:32.0488 6348 napagent - ok
19:14:32.0570 6348 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:14:32.0579 6348 NativeWifiP - ok
19:14:32.0789 6348 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
19:14:32.0834 6348 NDIS - ok
19:14:32.0925 6348 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:14:33.0097 6348 NdisCap - ok
19:14:33.0211 6348 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:14:33.0744 6348 NdisTapi - ok
19:14:33.0774 6348 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:14:33.0777 6348 Ndisuio - ok
19:14:33.0854 6348 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:14:33.0917 6348 NdisWan - ok
19:14:33.0992 6348 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:14:34.0180 6348 NDProxy - ok
19:14:34.0289 6348 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:14:34.0450 6348 NetBIOS - ok
19:14:34.0514 6348 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:14:34.0521 6348 NetBT - ok
19:14:34.0578 6348 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
19:14:34.0582 6348 Netlogon - ok
19:14:34.0747 6348 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:14:34.0758 6348 Netman - ok
19:14:34.0865 6348 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:14:34.0878 6348 netprofm - ok
19:14:34.0919 6348 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:14:35.0728 6348 NetTcpPortSharing - ok
19:14:35.0796 6348 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
19:14:36.0025 6348 nfrd960 - ok
19:14:36.0108 6348 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
19:14:36.0118 6348 NlaSvc - ok
19:14:36.0209 6348 Norton PC Checkup Application Launcher - ok
19:14:36.0259 6348 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:14:36.0427 6348 Npfs - ok
19:14:36.0484 6348 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:14:36.0489 6348 nsi - ok
19:14:36.0571 6348 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:14:36.0574 6348 nsiproxy - ok
19:14:36.0978 6348 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:14:37.0076 6348 Ntfs - ok
19:14:37.0230 6348 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:14:37.0478 6348 Null - ok
19:14:37.0697 6348 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:14:37.0960 6348 nvraid - ok
19:14:38.0133 6348 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:14:38.0610 6348 nvstor - ok
19:14:38.0785 6348 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:14:39.0361 6348 nv_agp - ok
19:14:39.0769 6348 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:14:40.0525 6348 ohci1394 - ok
19:14:41.0168 6348 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:14:41.0173 6348 ose - ok
19:14:43.0034 6348 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:15:03.0223 6348 osppsvc - ok
19:15:03.0681 6348 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:15:03.0685 6348 p2pimsvc - ok
19:15:03.0768 6348 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:15:03.0781 6348 p2psvc - ok
19:15:04.0389 6348 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
19:15:04.0877 6348 Parport - ok
19:15:04.0936 6348 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:15:04.0937 6348 partmgr - ok
19:15:05.0021 6348 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:15:05.0025 6348 PcaSvc - ok
19:15:05.0202 6348 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
19:15:05.0351 6348 PCCUJobMgr - ok
19:15:05.0721 6348 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:15:05.0841 6348 pci - ok
19:15:05.0934 6348 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
19:15:05.0936 6348 pciide - ok
19:15:06.0274 6348 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
19:15:06.0377 6348 pcmcia - ok
19:15:06.0498 6348 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:15:06.0499 6348 pcw - ok
19:15:06.0817 6348 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:15:06.0847 6348 PEAUTH - ok
19:15:07.0218 6348 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:15:07.0220 6348 PerfHost - ok
19:15:07.0324 6348 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
19:15:07.0789 6348 PGEffect - ok
19:15:08.0231 6348 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:15:08.0288 6348 pla - ok
19:15:08.0539 6348 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:15:08.0545 6348 PlugPlay - ok
19:15:08.0656 6348 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:15:08.0658 6348 PNRPAutoReg - ok
19:15:08.0747 6348 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:15:08.0751 6348 PNRPsvc - ok
19:15:08.0935 6348 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:15:08.0942 6348 PolicyAgent - ok
19:15:08.0994 6348 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:15:08.0997 6348 Power - ok
19:15:09.0074 6348 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:15:09.0234 6348 PptpMiniport - ok
19:15:09.0421 6348 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
19:15:09.0648 6348 Processor - ok
19:15:09.0737 6348 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:15:09.0741 6348 ProfSvc - ok
19:15:09.0804 6348 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:15:09.0881 6348 ProtectedStorage - ok
19:15:10.0140 6348 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:15:10.0142 6348 Psched - ok
19:15:10.0224 6348 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
19:15:10.0294 6348 QIOMem - ok
19:15:10.0478 6348 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
19:15:10.0745 6348 ql2300 - ok
19:15:10.0853 6348 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
19:15:11.0275 6348 ql40xx - ok
19:15:11.0490 6348 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:15:11.0499 6348 QWAVE - ok
19:15:11.0606 6348 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:15:11.0610 6348 QWAVEdrv - ok
19:15:11.0686 6348 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:15:11.0729 6348 RasAcd - ok
19:15:11.0869 6348 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:15:11.0997 6348 RasAgileVpn - ok
19:15:12.0043 6348 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:15:12.0047 6348 RasAuto - ok
19:15:12.0098 6348 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:15:12.0159 6348 Rasl2tp - ok
19:15:12.0260 6348 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:15:12.0266 6348 RasMan - ok
19:15:12.0360 6348 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:15:12.0450 6348 RasPppoe - ok
19:15:12.0504 6348 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:15:12.0612 6348 RasSstp - ok
19:15:12.0668 6348 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:15:12.0737 6348 rdbss - ok
19:15:12.0803 6348 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
19:15:12.0911 6348 rdpbus - ok
19:15:12.0924 6348 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:15:12.0926 6348 RDPCDD - ok
19:15:12.0950 6348 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:15:12.0952 6348 RDPENCDD - ok
19:15:12.0993 6348 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:15:12.0995 6348 RDPREFMP - ok
19:15:13.0048 6348 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:15:13.0485 6348 RDPWD - ok
19:15:13.0786 6348 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:15:13.0885 6348 rdyboost - ok
19:15:14.0019 6348 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:15:14.0025 6348 RemoteAccess - ok
19:15:14.0085 6348 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:15:14.0093 6348 RemoteRegistry - ok
19:15:14.0123 6348 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:15:14.0128 6348 RpcEptMapper - ok
19:15:14.0169 6348 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:15:14.0172 6348 RpcLocator - ok
19:15:14.0256 6348 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
19:15:14.0267 6348 RpcSs - ok
19:15:14.0317 6348 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:15:14.0322 6348 rspndr - ok
19:15:14.0367 6348 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
19:15:14.0667 6348 RSUSBSTOR - ok
19:15:14.0705 6348 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
19:15:14.0714 6348 RSUSBVSTOR - ok
19:15:14.0870 6348 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
19:15:14.0896 6348 RTL8192Ce - ok
19:15:14.0916 6348 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
19:15:14.0919 6348 SamSs - ok
19:15:14.0962 6348 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:15:15.0028 6348 sbp2port - ok
19:15:15.0100 6348 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:15:15.0108 6348 SCardSvr - ok
19:15:15.0162 6348 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:15:15.0350 6348 scfilter - ok
19:15:15.0536 6348 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:15:15.0660 6348 Schedule - ok
19:15:15.0741 6348 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:15:15.0744 6348 SCPolicySvc - ok
19:15:15.0778 6348 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:15:15.0787 6348 SDRSVC - ok
19:15:15.0869 6348 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:15:15.0872 6348 secdrv - ok
19:15:15.0917 6348 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:15:15.0923 6348 seclogon - ok
19:15:15.0971 6348 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
19:15:15.0977 6348 SENS - ok
19:15:16.0073 6348 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:15:16.0078 6348 SensrSvc - ok
19:15:16.0158 6348 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
19:15:16.0253 6348 Serenum - ok
19:15:16.0294 6348 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
19:15:16.0383 6348 Serial - ok
19:15:16.0505 6348 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
19:15:16.0805 6348 sermouse - ok
19:15:16.0858 6348 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:15:16.0863 6348 SessionEnv - ok
19:15:16.0883 6348 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:15:17.0030 6348 sffdisk - ok
19:15:17.0062 6348 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:15:17.0533 6348 sffp_mmc - ok
19:15:17.0551 6348 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:15:17.0620 6348 sffp_sd - ok
19:15:17.0718 6348 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
19:15:17.0798 6348 sfloppy - ok
19:15:17.0937 6348 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
19:15:17.0955 6348 Sftfs - ok
19:15:18.0288 6348 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:15:18.0326 6348 sftlist - ok
19:15:18.0382 6348 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
19:15:18.0386 6348 Sftplay - ok
19:15:18.0443 6348 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
19:15:18.0445 6348 Sftredir - ok
19:15:18.0469 6348 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
19:15:18.0471 6348 Sftvol - ok
19:15:18.0526 6348 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:15:18.0528 6348 sftvsa - ok
19:15:18.0559 6348 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:15:18.0564 6348 SharedAccess - ok
19:15:18.0616 6348 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:15:18.0622 6348 ShellHWDetection - ok
19:15:18.0663 6348 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
19:15:18.0727 6348 SiSRaid2 - ok
19:15:18.0748 6348 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
19:15:18.0901 6348 SiSRaid4 - ok
19:15:18.0959 6348 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:15:19.0010 6348 Smb - ok
19:15:19.0070 6348 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:15:19.0075 6348 SNMPTRAP - ok
19:15:19.0238 6348 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:15:19.0488 6348 spldr - ok
19:15:19.0590 6348 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:15:19.0611 6348 Spooler - ok
19:15:19.0850 6348 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:15:19.0951 6348 sppsvc - ok
19:15:19.0969 6348 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:15:19.0972 6348 sppuinotify - ok
19:15:20.0023 6348 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:15:20.0029 6348 srv - ok
19:15:20.0060 6348 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:15:20.0066 6348 srv2 - ok
19:15:20.0169 6348 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
19:15:20.0275 6348 SrvHsfHDA - ok
19:15:20.0364 6348 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
19:15:20.0675 6348 SrvHsfV92 - ok
19:15:20.0817 6348 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
19:15:21.0009 6348 SrvHsfWinac - ok
19:15:21.0082 6348 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:15:21.0086 6348 srvnet - ok
19:15:21.0534 6348 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:15:21.0543 6348 SSDPSRV - ok
19:15:21.0571 6348 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:15:21.0577 6348 SstpSvc - ok
19:15:22.0530 6348 Steam Client Service - ok
19:15:22.0574 6348 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
19:15:22.0629 6348 stexstor - ok
19:15:22.0761 6348 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:15:22.0778 6348 stisvc - ok
19:15:22.0819 6348 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
19:15:22.0869 6348 swenum - ok
19:15:22.0926 6348 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:15:22.0936 6348 swprv - ok
19:15:23.0067 6348 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:15:23.0097 6348 SynTP - ok
19:15:23.0391 6348 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:15:23.0476 6348 SysMain - ok
19:15:23.0516 6348 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:15:23.0520 6348 TabletInputService - ok
19:15:23.0529 6348 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:15:23.0536 6348 TapiSrv - ok
19:15:23.0559 6348 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:15:23.0562 6348 TBS - ok
19:15:23.0687 6348 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:15:23.0718 6348 Tcpip - ok
19:15:23.0881 6348 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:15:23.0907 6348 TCPIP6 - ok
19:15:23.0944 6348 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:15:23.0947 6348 tcpipreg - ok
19:15:24.0007 6348 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
19:15:24.0009 6348 tdcmdpst - ok
19:15:24.0040 6348 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:15:24.0114 6348 TDPIPE - ok
19:15:24.0166 6348 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:15:24.0298 6348 TDTCP - ok
19:15:24.0388 6348 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:15:24.0622 6348 tdx - ok
19:15:24.0696 6348 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
19:15:24.0918 6348 TermDD - ok
19:15:25.0094 6348 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:15:25.0113 6348 TermService - ok
19:15:25.0484 6348 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:15:25.0490 6348 Themes - ok
19:15:25.0523 6348 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:15:25.0527 6348 THREADORDER - ok
19:15:25.0641 6348 [ F120967184A27E927052E8DDBB727851 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
19:15:25.0644 6348 TMachInfo - ok
19:15:25.0752 6348 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
19:15:25.0759 6348 TODDSrv - ok
19:15:26.0006 6348 [ CDC97FA5C42B07FB0D4600E17C32F582 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
19:15:26.0062 6348 TosCoSrv - ok
19:15:26.0310 6348 [ D0F868A67CB4D817A3F7ABEF8C42F49C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
19:15:26.0317 6348 TOSHIBA eco Utility Service - ok
19:15:26.0415 6348 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
19:15:26.0420 6348 TOSHIBA HDD SSD Alert Service - ok
19:15:26.0515 6348 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
19:15:26.0527 6348 tos_sps64 - ok
19:15:26.0713 6348 [ D65C6B0C070534336B72005391B6168A ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
19:15:26.0728 6348 TPCHSrv - ok
19:15:26.0797 6348 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:15:26.0804 6348 TrkWks - ok
19:15:26.0897 6348 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:15:26.0901 6348 TrustedInstaller - ok
19:15:26.0943 6348 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:15:26.0947 6348 tssecsrv - ok
19:15:27.0046 6348 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:15:27.0149 6348 TsUsbFlt - ok
19:15:27.0257 6348 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
19:15:27.0327 6348 TsUsbGD - ok
19:15:27.0369 6348 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:15:27.0439 6348 tunnel - ok
19:15:27.0559 6348 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
19:15:27.0562 6348 TVALZ - ok
19:15:27.0622 6348 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
19:15:27.0625 6348 TVALZFL - ok
19:15:27.0686 6348 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
19:15:27.0764 6348 uagp35 - ok
19:15:27.0853 6348 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:15:28.0009 6348 udfs - ok
19:15:28.0046 6348 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:15:28.0052 6348 UI0Detect - ok
19:15:28.0086 6348 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:15:28.0269 6348 uliagpkx - ok
19:15:28.0350 6348 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
19:15:28.0444 6348 umbus - ok
19:15:28.0475 6348 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
19:15:28.0616 6348 UmPass - ok
19:15:28.0999 6348 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:15:29.0059 6348 UNS - ok
19:15:29.0149 6348 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:15:29.0161 6348 upnphost - ok
19:15:29.0192 6348 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:15:29.0255 6348 usbccgp - ok
19:15:29.0281 6348 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:15:29.0357 6348 usbcir - ok
19:15:29.0386 6348 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
19:15:29.0493 6348 usbehci - ok
19:15:29.0733 6348 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:15:29.0943 6348 usbhub - ok
19:15:29.0968 6348 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
19:15:30.0056 6348 usbohci - ok
19:15:30.0094 6348 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
19:15:30.0215 6348 usbprint - ok
19:15:30.0284 6348 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:15:30.0288 6348 USBSTOR - ok
19:15:30.0336 6348 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:15:30.0390 6348 usbuhci - ok
19:15:30.0441 6348 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
19:15:30.0513 6348 usbvideo - ok
19:15:30.0535 6348 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:15:30.0542 6348 UxSms - ok
19:15:30.0585 6348 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
19:15:30.0588 6348 VaultSvc - ok
19:15:30.0636 6348 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:15:30.0639 6348 vdrvroot - ok
19:15:30.0727 6348 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:15:30.0743 6348 vds - ok
19:15:30.0839 6348 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:15:30.0888 6348 vga - ok
19:15:30.0911 6348 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:15:30.0962 6348 VgaSave - ok
19:15:31.0023 6348 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:15:31.0074 6348 vhdmp - ok
19:15:31.0079 6348 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:15:31.0105 6348 viaide - ok
19:15:31.0178 6348 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:15:31.0182 6348 volmgr - ok
19:15:31.0250 6348 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:15:31.0260 6348 volmgrx - ok
19:15:31.0302 6348 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:15:31.0307 6348 volsnap - ok
19:15:31.0394 6348 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
19:15:31.0442 6348 vsmraid - ok
19:15:31.0672 6348 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:15:31.0726 6348 VSS - ok
19:15:31.0990 6348 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
19:15:32.0009 6348 vToolbarUpdater12.2.0 - ok
19:15:32.0250 6348 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
19:15:32.0264 6348 vToolbarUpdater13.2.0 - ok
19:15:32.0386 6348 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:15:32.0488 6348 vwifibus - ok
19:15:32.0528 6348 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:15:32.0601 6348 vwififlt - ok
19:15:32.0675 6348 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:15:32.0688 6348 W32Time - ok
19:15:32.0730 6348 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
19:15:32.0797 6348 WacomPen - ok
19:15:32.0834 6348 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:15:32.0909 6348 WANARP - ok
19:15:32.0925 6348 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:15:32.0930 6348 Wanarpv6 - ok
19:15:33.0059 6348 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:15:33.0086 6348 WatAdminSvc - ok
19:15:33.0214 6348 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:15:33.0247 6348 wbengine - ok
19:15:33.0278 6348 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:15:33.0287 6348 WbioSrvc - ok
19:15:33.0317 6348 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:15:33.0329 6348 wcncsvc - ok
19:15:33.0339 6348 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:15:33.0345 6348 WcsPlugInService - ok
19:15:33.0386 6348 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
19:15:33.0389 6348 Wd - ok
19:15:33.0484 6348 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:15:33.0502 6348 Wdf01000 - ok
19:15:33.0550 6348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:15:33.0557 6348 WdiServiceHost - ok
19:15:33.0566 6348 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:15:33.0572 6348 WdiSystemHost - ok
19:15:33.0666 6348 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
19:15:33.0676 6348 WebClient - ok
19:15:33.0702 6348 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:15:33.0712 6348 Wecsvc - ok
19:15:33.0757 6348 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:15:33.0764 6348 wercplsupport - ok
19:15:33.0811 6348 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:15:33.0817 6348 WerSvc - ok
19:15:33.0904 6348 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:15:33.0937 6348 WfpLwf - ok
19:15:33.0988 6348 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:15:34.0076 6348 WIMMount - ok
19:15:34.0187 6348 WinDefend - ok
19:15:34.0197 6348 WinHttpAutoProxySvc - ok
19:15:34.0317 6348 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:15:34.0324 6348 Winmgmt - ok
19:15:34.0509 6348 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:15:34.0600 6348 WinRM - ok
19:15:34.0772 6348 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:15:34.0794 6348 Wlansvc - ok
19:15:34.0966 6348 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:15:34.0970 6348 wlcrasvc - ok
19:15:35.0330 6348 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:15:35.0420 6348 wlidsvc - ok
19:15:35.0541 6348 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
19:15:35.0542 6348 WmiAcpi - ok
19:15:35.0599 6348 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:15:35.0606 6348 wmiApSrv - ok
19:15:35.0672 6348 WMPNetworkSvc - ok
19:15:35.0782 6348 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:15:35.0788 6348 WPCSvc - ok
19:15:35.0925 6348 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:15:35.0933 6348 WPDBusEnum - ok
19:15:35.0957 6348 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:15:35.0960 6348 ws2ifsl - ok
19:15:36.0046 6348 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
19:15:36.0053 6348 wscsvc - ok
19:15:36.0061 6348 WSearch - ok
19:15:36.0293 6348 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:15:36.0378 6348 wuauserv - ok
19:15:36.0429 6348 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:15:36.0433 6348 WudfPf - ok
19:15:36.0544 6348 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:15:36.0550 6348 WUDFRd - ok
19:15:36.0678 6348 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:15:36.0686 6348 wudfsvc - ok
19:15:36.0763 6348 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
19:15:36.0773 6348 WwanSvc - ok
19:15:36.0824 6348 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
19:15:36.0948 6348 xusb21 - ok
19:15:37.0009 6348 ================ Scan global ===============================
19:15:37.0043 6348 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:15:37.0104 6348 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
19:15:37.0372 6348 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\windows\system32\winsrv.dll
19:15:37.0429 6348 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:15:37.0464 6348 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:15:37.0474 6348 [Global] - ok
19:15:37.0475 6348 ================ Scan MBR ==================================
19:15:37.0489 6348 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
19:15:38.0232 6348 \Device\Harddisk0\DR0 - ok
19:15:38.0233 6348 ================ Scan VBR ==================================
19:15:38.0274 6348 [ 4EB1E2B90BED742042FAA8A67B61B3EC ] \Device\Harddisk0\DR0\Partition1
19:15:38.0277 6348 \Device\Harddisk0\DR0\Partition1 - ok
19:15:38.0280 6348 ============================================================
19:15:38.0281 6348 Scan finished
19:15:38.0281 6348 ============================================================
19:15:38.0302 2804 Detected object count: 0
19:15:38.0302 2804 Actual detected object count: 0

#9 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 10 December 2012 - 07:27 PM

# AdwCleaner v2.100 - Logfile created 12/10/2012 at 19:22:48
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Lucas - LUCAS-PC
# Boot Mode : Normal
# Running from : C:\Users\Lucas\Desktop\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Users\Lucas\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Lucas\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Lucas\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\Profiles\awqpus4h.default\prefs.js

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.34");
Deleted : user_pref("avg.install.userHPSettings", "hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=[...]
Deleted : user_pref("browser.startup.homepage", "hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=13[...]

-\\ Google Chrome v23.0.1271.91

File : C:\Users\Lucas\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5862 octets] - [03/09/2012 19:12:19]
AdwCleaner[S2].txt - [5579 octets] - [10/12/2012 19:22:48]

########## EOF - C:\AdwCleaner[S2].txt - [5639 octets] ##########

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:11 AM

Posted 10 December 2012 - 08:50 PM

After you post the ESET log.

A toolbar may have been added to your IE, Firefox or Google Chrome browser, please follow these steps to check if so.

First uninstall it,if it's here.
Click Start,Panel, Programs,Add/Uninstall a Program (for windows 7) Look for the suspect program.
Click it to remove. And then continue with these steps.


Check if it is an Add-on/extension.

In IE:

Click Tools,Manage Add-ons,choose the added suspected toolbar and then remove it. Highlight it and select appropriate button. (Remove/Disable).

Shut down and then reopen the browser to see if all's good.


In Firefox:

Click tools,add-ons to remove the related add on,

Click on the managifying glass search icon as shown below to select manage search engines and then choose the suspect item and remove it.

Then go to Tools,Options,General tab,reset the startup homepage or just change it to whichever you like.

Shut down and then reopen the browser to see if all's good.


In Google Chrome:

Click Wrench icon, and then navigate to Tools-extensions, and then choose the related extension and click on the small recycle bin icon to remove the toolbar.

Then again click the wrench icon, click on Settings, on the search area, click on manage search engines and then choose the suspect item and remove it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 10 December 2012 - 09:01 PM

everytime i scan with eset it just gets stuck at 99 percents, not frozen, but just wont finish.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:11 AM

Posted 10 December 2012 - 10:13 PM

Lets try this one.
Please run the F-Secure Online Scanner
Follow the Instruction here for installation.
Accept the License Agreement.
Once the ActiveX installs,Click Full System Scan
Once the download completes, the scan will begin automatically.
The scan will take some time to finish, so please be patient.
When the scan completes, click the Automatic cleaning (recommended) button.
Click the Show Report button and Copy&Paste the entire report in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 10 December 2012 - 11:19 PM

Scanning Report
Monday, December 10, 2012 22:30:29 - 23:17:19

Computer name: LUCAS-PC
Scanning type: Scan system for malware, spyware and rootkits
Target: C:\ Q:\
10 malware found
Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\42\49E2BAEA-2B2ADC6B (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\20\651EAED4-18FAEC4B (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\19\79089613-58AC196D (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\18\15B58312-4DC2D13B (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\31\473F0F5F-50B03FC0 (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\4D1B348F-3DD85F7A (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\14\27FD0D4E-3E359874 (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\13\72F6D10D-1937B04A (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\11\7EA1B54B-3EF91942 (Renamed & Submitted)

Exploit:Java/CVE-2012-4681.H (virus)

C:\USERS\LUCAS\APPDATA\LOCALLOW\SUN\JAVA\DEPLOYMENT\CACHE\6.0\15\BE516CF-6683E0AC (Renamed & Submitted)

Statistics
Scanned:

Files: 148125
System: 5659
Not scanned: 72

Actions:

Disinfected: 0
Renamed: 10
Deleted: 0
Not cleaned: 0
Submitted: 10

Files not scanned:

C:\HIBERFIL.SYS
C:\PAGEFILE.SYS
C:\WINDOWS\SYSWOW64\LOG.TXT
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTDIAGLOG.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-APPLICATION.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-SECURITY.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTSTEAM EVENT TRACING.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTEVENTLOG-SYSTEM.ETL
C:\WINDOWS\SYSTEM32\LOGFILES\WMI\RTBACKUP\ETWRTUBPM.ETL
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG1
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG2
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SAM
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\REGBACK\SYSTEM
C:\WINDOWS\SYSTEM32\CATROOT2\EDB.LOG
C:\WINDOWS\SYSTEM32\CATROOT2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\CATDB
C:\WINDOWS\SYSTEM32\CATROOT2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\CATDB
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG1
C:\WINDOWS\SERVICEPROFILES\NETWORKSERVICE\NTUSER.DAT.LOG2
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG1
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\NTUSER.DAT.LOG2
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\ROAMING\PEERNETWORKING\B5F38B41AFD7D5CD45E98B3F038BB807DB6766E2.HOMEGROUPCLASSIFIER\02BF0D253C016E8477607F0BF1DF90E6\GROUPING\DB.MDB
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\ROAMING\PEERNETWORKING\B5F38B41AFD7D5CD45E98B3F038BB807DB6766E2.HOMEGROUPCLASSIFIER\02BF0D253C016E8477607F0BF1DF90E6\GROUPING\EDB.LOG
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\ROAMING\PEERNETWORKING\B5F38B41AFD7D5CD45E98B3F038BB807DB6766E2.HOMEGROUPCLASSIFIER\02BF0D253C016E8477607F0BF1DF90E6\GROUPING\TMP.EDB
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\LASTALIVE0.DAT
C:\WINDOWS\SERVICEPROFILES\LOCALSERVICE\APPDATA\LOCAL\LASTALIVE1.DAT
C:\WINDOWS\MICROSOFT.NET\NGENSERVICE_PRI3_LOCK.DAT
C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\NGENROOTSTORELOCK.DAT
C:\USERS\LUCAS\NTUSER.DAT
C:\USERS\LUCAS\NTUSER.DAT.LOG1
C:\USERS\LUCAS\NTUSER.DAT.LOG2
C:\USERS\LUCAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AWQPUS4H.DEFAULT\PARENT.LOCK
C:\USERS\LUCAS\APPDATA\LOCAL\TOSHIBA\FLASHCARDS\BRIGHTNESS.TXT
C:\USERS\LUCAS\APPDATA\LOCAL\TOSHIBA\FLASHCARDS\LOG.TXT
C:\USERS\LUCAS\APPDATA\LOCAL\TEMP\HSPERFDATA_LUCAS\1472
C:\USERS\LUCAS\APPDATA\LOCAL\TEMP\HSPERFDATA_LUCAS\6848
C:\USERS\LUCAS\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT
C:\USERS\LUCAS\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG1
C:\USERS\LUCAS\APPDATA\LOCAL\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG2
C:\SYSTEM VOLUME INFORMATION\MOUNTPOINTMANAGERREMOTEDATABASE
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE.LOG1
C:\SYSTEM VOLUME INFORMATION\SYSCACHE.HVE.LOG2
C:\SYSTEM VOLUME INFORMATION\{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{1C04AA36-4329-11E2-ABA7-047D7B403530}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{707D568B-2204-11E2-89C0-047D7B403530}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{9E870A72-4321-11E2-A4C9-047D7B403530}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{C9C95E40-3A1D-11E2-A321-047D7B403530}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\SYSTEM VOLUME INFORMATION\{DE61CE12-2F8A-11E2-A038-047D7B403530}{3808876B-C176-4E48-B7AE-04046E6CC752}
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\MSS.LOG
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\MSSTMP.LOG
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\TMP.EDB
C:\PROGRAMDATA\MICROSOFT\SEARCH\DATA\APPLICATIONS\WINDOWS\WINDOWS.EDB
C:\PROGRAMDATA\MICROSOFT\APPLICATION VIRTUALIZATION CLIENT\SOFTGRID CLIENT\SFTFS.FSD
C:\PROGRAMDATA\MICROSOFT\APPLICATION VIRTUALIZATION CLIENT\SOFTGRID CLIENT\SFTFS.FSG

Options
Scanning engines:

Scanning options:

Scan all files
Use advanced heuristics

Copyright 1998-2009 Product support | Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name. This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,404 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:11 AM

Posted 11 December 2012 - 12:59 PM

Hello you look clean.
When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder (C:\Documents and Settings\username\Application Data\Sun\Java\Deployment\cache) for quick execution later and better performance. Malicious applets are also stored in the Java cache directory and your anti-virus may detect them and provide alerts. For more specific information about Java exploits, please refer to Virus found in the Java cache directory.

Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality. As a precaution, I recommend clearing the entire cache to ensure everything is cleaned out:



Run TFC by OT (Temp File Cleaner)
Please download TFC by Old Timer and save it to your desktop.
alternate download link

Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 BobConner

BobConner
  • Topic Starter

  • Members
  • 86 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 13 December 2012 - 01:18 PM

i competed everything,and it seems there are no problems.
thank you for your time and effort, i appreciate it :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users