Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keep getting Blue Screens, Computer lagging, High CPU


  • This topic is locked This topic is locked
21 replies to this topic

#1 this is mak

this is mak

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 23 December 2012 - 11:25 PM

Hi Experts,

Looking for some help if possible. Keep getting Blue Screens and then system restarts. Happens at random times, sometimes while browsing the net, using photoshop, windows media player... No idea why. Computer is also randomly lagging and very slow with 100% or very high cpu and gets very hot. If I close all browser windows or programs it usually corrects itself within 5 minutes, sometimes I have to restart computer. I use Chrome and recently have been having lots of issues with 100% cpu. However, other times I can be on it for 5+ hours and it is fine. Understand its a busy time of the year, any help would be greatly appreciated. Thanks, Mak.

Here is the blue screen info:

Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 3081

Files that help describe the problem
122112-63679-01.dmp
sysdata.xml
WERInternalMetadata.xml

View a temporary copy of these files
Warning: If a virus or other security threat caused the problem, opening a copy of the files could harm your computer.

Extra information about the problem
BCCode: 124
BCP1: 0000000000000000
BCP2: FFFFFA8007462028
BCP3: 00000000BA000000
BCP4: 0000000000400405
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1
_______________________________________________________________________________________________

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Mak at 14:57:40 on 2012-12-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3894.2374 [GMT 11:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\DatacardService\DCService.exe
C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\WUDFHost.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files (x86)\Optus Mobile Broadband\Optus Mobile Broadband.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Users\Mak\AppData\Local\Temp\uttAA17.tmp.exe
C:\Users\Mak\AppData\Local\Temp\utt1632.tmp.exe
C:\Users\Mak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mak\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://au.yahoo.com/
uURLSearchHooks: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - <orphaned>
dURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: NXIECatcher Class: {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files (x86)\Xi\NetXfer\NXIEHelper.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - <orphaned>
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Yahoo!7 Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
TB: NetXfer: {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files (x86)\Xi\NetXfer\NXToolBar.dll
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: Interfaces\{26D8B297-4561-4D77-BD91-117BAD1412C4} : NameServer = 123.200.191.17 123.200.191.18
TCP: Interfaces\{2B8F8622-A179-4EA0-95E1-1E6DDE242005} : DHCPNameServer = 172.27.0.1
TCP: Interfaces\{2B8F8622-A179-4EA0-95E1-1E6DDE242005}\14962707F627470264275656027596D26496 : DHCPNameServer = 192.168.19.1
TCP: Interfaces\{2B8F8622-A179-4EA0-95E1-1E6DDE242005}\16D6162796 : DHCPNameServer = 10.10.0.1
TCP: Interfaces\{2B8F8622-A179-4EA0-95E1-1E6DDE242005}\16D61627960266275656 : DHCPNameServer = 10.10.0.1
TCP: Interfaces\{2B8F8622-A179-4EA0-95E1-1E6DDE242005}\751647562776164756 : DHCPNameServer = 172.27.0.1
TCP: Interfaces\{2B8F8622-A179-4EA0-95E1-1E6DDE242005}\D454C424F45525E4540214942505F42545 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{3971EAEB-AE11-43B1-BCE8-9927EE6F8C24} : DHCPNameServer = 203.21.113.40 203.21.112.40
TCP: Interfaces\{EA01A804-AB33-4D07-AF60-212CD01BC996} : NameServer = 123.200.191.17 123.200.191.18
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Windows\SysWOW64\guard32.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 161.58.195.155 tempdomainname.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\
FF - prefs.js: browser.startup.homepage - hxxp://au.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\extensions\firedownload@mozilla.org\components\firedownload.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Mak\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-6-12 28504]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-7-3 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-7-22 370288]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2010-6-4 584056]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2010-6-1 38144]
R1 DVMIO;DeviceVM IO Service;C:\Windows\System32\drivers\dvmio.sys [2010-1-30 20056]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2012-8-19 913792]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-5-2 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-3-28 203264]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-7-22 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-7-22 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-11-30 44808]
R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-8-19 229376]
R2 DvmMDES;DeviceVM Meta Data Export Service;C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-2-9 338168]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2009-12-17 102968]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-5-21 103992]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-1-19 20480]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-19 399432]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-9 2320920]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-10-13 116240]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2009-7-23 256000]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-18 56344]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2011-5-2 86016]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-27 151936]
R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-3-28 10610400]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2010-7-30 25928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-19 676936]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2011-5-2 117248]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-13 206072]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-11 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-24 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-4-9 232992]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-4-9 295424]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.sys [2010-9-20 16392]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-10-24 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
S3 V0260VID;Live! Cam Vista IM;C:\Windows\System32\drivers\V0260Vid.sys [2010-8-3 189664]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-7-22 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-11 389120]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-12-23 12:09:41 -------- d-----w- C:\Users\Mak\AppData\Local\{FB5BBA1D-53AA-488C-B28A-10C52F9D21E3}
2012-12-23 00:27:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-12-23 00:27:02 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-12-23 00:25:47 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-12-23 00:25:40 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-12-23 00:25:36 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-12-23 00:25:19 194560 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2012-12-23 00:25:14 548864 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2012-12-23 00:25:10 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-12-23 00:25:08 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-12-23 00:24:42 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-12-23 00:24:38 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-12-23 00:24:04 387584 ----a-w- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2012-12-23 00:24:02 499200 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll
2012-12-23 00:23:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-12-23 00:23:53 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2012-12-23 00:21:01 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-23 00:20:59 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-23 00:20:52 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-23 00:20:47 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-23 00:11:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-12-23 00:11:52 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-12-23 00:11:34 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-12-23 00:08:49 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-12-23 00:08:48 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-12-22 23:59:26 -------- d-----w- C:\Users\Mak\AppData\Local\{25DB1F26-C4AF-401A-B6B9-B4793801EC51}
2012-12-22 09:19:13 -------- d-----w- C:\Users\Mak\AppData\Local\{086A2228-AF81-48E6-8FFD-B226A5B953AB}
2012-12-21 14:36:37 -------- d-----w- C:\Users\Mak\AppData\Local\{1C9933F8-40B8-4EAF-994F-6DA0F48013CC}
2012-12-21 00:46:15 -------- d-----w- C:\Users\Mak\AppData\Local\{ECD43818-73F6-4D55-8347-B79388AC0C2A}
2012-12-20 04:25:36 -------- d-----w- C:\Users\Mak\AppData\Local\{28964AC0-C731-446B-8B56-ADB741B76F97}
2012-12-18 22:29:30 -------- d-----w- C:\Users\Mak\AppData\Local\{D0065D7B-6C97-4AFC-A378-F50C80B6461A}
2012-12-18 00:13:29 -------- d-----w- C:\Users\Mak\AppData\Local\{72AB8F56-25BB-4D84-81EE-ECB9FFBB72D0}
2012-12-17 00:45:38 -------- d-----w- C:\Users\Mak\AppData\Local\{BBF56A8A-9053-462B-AE69-8AD7632BC15C}
2012-12-16 00:58:26 -------- d-----w- C:\Users\Mak\AppData\Local\{0FD5A962-C4F4-4ED6-BA9B-1F6C55E0C0B8}
2012-12-15 07:21:06 -------- d-----w- C:\Users\Mak\AppData\Local\{8B169921-4FF0-4468-8429-D6A81E15458F}
2012-12-14 14:49:27 -------- d-----w- C:\Users\Mak\AppData\Local\{912CEF86-0D65-484E-A54B-1BCCE980C0CF}
2012-12-11 23:02:21 -------- d-----w- C:\Users\Mak\AppData\Local\{280DDE8C-8275-442D-A921-4FCFF7ABE6A1}
2012-12-10 23:22:49 -------- d-----w- C:\Users\Mak\AppData\Local\{9C238F5B-B27F-4B3F-BD25-E13CF8F8B9E2}
2012-12-09 22:40:28 -------- d-----w- C:\Users\Mak\AppData\Local\{6303F333-C5FE-4B8E-B1EE-D8B75A5841FF}
2012-12-08 04:44:21 -------- d-----w- C:\Users\Mak\AppData\Local\{0D01D2A9-E075-4605-A7C3-A28016E8B404}
2012-12-07 13:16:11 -------- d-----w- C:\Users\Mak\AppData\Local\{124FF442-C39E-49A8-B7B0-2EC1E4486BA5}
2012-12-06 01:45:19 -------- d-----w- C:\Users\Mak\AppData\Local\{487341E0-7FC5-49EC-948F-06968EFB98B5}
2012-12-04 06:02:44 -------- d-----w- C:\Users\Mak\AppData\Local\{64FBFDAA-CE88-4F3D-AD0C-B376C75806D6}
2012-12-03 18:33:31 -------- d-----w- C:\temp
2012-12-03 10:56:11 -------- d-----w- C:\Users\Mak\AppData\Local\{9F0CC1CF-C431-4844-A1C0-048083C65E4E}
2012-12-02 04:45:59 -------- d-----w- C:\Users\Mak\AppData\Local\{66CA8950-FF6C-4F77-8F91-42782527E103}
2012-12-01 09:24:53 -------- d-----w- C:\Users\Mak\AppData\Local\{6E16C32E-9FBE-4911-814A-11020C00F459}
2012-11-30 03:56:28 -------- d-----w- C:\Users\Mak\AppData\Local\{40B04C41-43BD-4F1F-9E2B-E475899F0123}
2012-11-30 03:54:37 -------- d-----w- C:\Users\Mak\AppData\Local\{90426CBA-C30E-480B-A6C0-CA7323796153}
2012-11-29 15:47:19 -------- d-----w- C:\Users\Mak\AppData\Local\{28D97C93-FC9C-4E7E-AF14-E39F0D4C2D58}
2012-11-29 15:15:58 -------- d-----r- C:\Program Files (x86)\Skype
2012-11-29 02:53:56 -------- d-----w- C:\Users\Mak\AppData\Local\{760FF40A-C1A0-4F65-9CD7-D014F117A557}
2012-11-28 14:53:32 -------- d-----w- C:\Users\Mak\AppData\Local\{7B1DD130-3652-44B8-87FE-25C902253B39}
2012-11-27 16:39:19 -------- d-----w- C:\Users\Mak\AppData\Local\{245D0ACF-1C3F-4281-8A56-6BCCAFFFA0EF}
2012-11-26 22:40:30 -------- d-----w- C:\Users\Mak\AppData\Local\{6271BCF7-0C1E-45DB-81CF-F8CEDAED4D0F}
2012-11-26 01:44:39 -------- d-----w- C:\Users\Mak\AppData\Local\{C906BF29-0895-417A-9552-BE07742A988C}
2012-11-25 04:32:20 -------- d-----w- C:\Users\Mak\AppData\Local\{1B088A13-E444-4B3E-8EC2-3C996ECF9418}
.
==================== Find3M ====================
.
2012-11-29 15:09:44 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-29 15:09:44 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-07 23:38:00 38144 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2012-11-07 23:37:59 584056 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys
2012-11-07 23:37:57 22736 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2012-11-07 23:37:36 41240 ----a-w- C:\Windows\System32\cmdcsr.dll
2012-11-07 23:37:34 301264 ----a-w- C:\Windows\SysWow64\guard32.dll
2012-11-07 23:37:31 390392 ----a-w- C:\Windows\System32\guard64.dll
2012-11-06 00:19:22 177976 ----a-w- C:\Windows\System32\SynTPCo14.dll
2012-10-30 22:51:55 984144 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-10-30 22:51:55 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-10-30 22:51:07 41224 ----a-w- C:\Windows\avastSS.scr
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-15 15:59:28 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-29 08:54:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
.
============= FINISH: 15:00:58.42 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 24 December 2012 - 08:28 AM

Hello,

Welcome to the forum.

Please refrain from doing any fix or making any changes to the system from now on until we are done unless you decide you can do the rest on your own. Thank you.

We will check for hidden malware infection first.

  • Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Plug the flashdrive into the infected PC.
  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.

    Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html


    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt


    Select Command Prompt

    Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
[/list]

#3 this is mak

this is mak
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 25 December 2012 - 09:07 PM

Hi Farbar,

Thanks for taking the time to help, really appreciate it.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2012 01
Ran by SYSTEM at 26-12-2012 12:36:32
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [451072 2010-01-18] (Hewlett-Packard Company)
HKLM\...\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden [363064 2009-12-16] (Hewlett-Packard)
HKLM\...\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h [9577680 2012-11-07] (COMODO)
HKLM\...\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [611896 2010-01-20] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2010-09-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-02] (Sun Microsystems, Inc.)
HKU\Default\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-01-27] ()
HKU\Default User\...\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-01-27] ()
AppInit_DLLs: C:\Windows\system32\guard64.dll
Tcpip\..\Interfaces\{26D8B297-4561-4D77-BD91-117BAD1412C4}: [NameServer]123.200.191.17 123.200.191.18
Tcpip\..\Interfaces\{EA01A804-AB33-4D07-AF60-212CD01BC996}: [NameServer]123.200.191.17 123.200.191.18

==================== Services (Whitelisted) ===================

2 AdvancedSystemCareService5; C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [913792 2012-05-25] (IObit)
2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [44808 2012-10-30] (AVAST Software)
2 cmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [2828408 2012-11-07] (COMODO)
2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()
2 DvmMDES; "C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe" [338168 2010-02-08] (DeviceVM, Inc.)
2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
2 MBAMScheduler; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) =====================

2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [28504 2012-03-06] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3678720 2012-06-19] (Qualcomm Atheros Communications, Inc.)
1 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [584056 2012-11-07] (COMODO)
1 cmdHlp; C:\Windows\System32\Drivers\cmdHlp.sys [38144 2012-11-07] (COMODO)
1 DVMIO; C:\Windows\System32\Drivers\DVMIO.sys [20056 2010-01-29] (DeviceVM, Inc.)
3 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
1 inspect; C:\Windows\System32\Drivers\inspect.sys [94288 2012-11-07] (COMODO)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [25928 2012-09-29] (Malwarebytes Corporation)
3 V0260VID; C:\Windows\System32\Drivers\V0260VID.sys [189664 2007-07-17] (Creative Technology Ltd.)
3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [x]
3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-12-25 17:21 - 2012-12-25 17:22 - 01462827 ____A (Farbar) C:\Users\Mak\Downloads\FRST64.exe
2012-12-25 16:06 - 2012-12-25 16:07 - 00000000 ____D C:\Users\Mak\AppData\Local\{959442F9-38FF-4109-A6F2-9F261C76D4AA}
2012-12-24 14:35 - 2012-12-24 14:35 - 00000000 ____D C:\Users\Mak\AppData\Local\{D64CD5A1-2D1F-4043-B81A-D7F4F58240F0}
2012-12-24 00:01 - 2012-12-25 16:03 - 00000504 ____A C:\Windows\setupact.log
2012-12-24 00:01 - 2012-12-24 00:01 - 00000000 ____A C:\Windows\setuperr.log
2012-12-23 23:23 - 2012-12-23 23:23 - 00000000 ____D C:\Users\Mak\AppData\Local\{F01BD94E-4205-499A-A22C-F7F8FC0C3737}
2012-12-23 20:01 - 2012-12-23 20:01 - 00015342 ____A C:\Users\Mak\Desktop\attach.txt
2012-12-23 20:01 - 2012-12-23 20:00 - 00027646 ____A C:\Users\Mak\Desktop\dds.txt
2012-12-23 19:53 - 2012-12-23 19:54 - 00688992 ____R (Swearware) C:\Users\Mak\Desktop\dds.com
2012-12-23 04:09 - 2012-12-23 04:09 - 00000000 ____D C:\Users\Mak\AppData\Local\{FB5BBA1D-53AA-488C-B28A-10C52F9D21E3}
2012-12-22 23:20 - 2012-12-23 05:40 - 00000113 ____A C:\Users\Mak\Desktop\New Text Document.txt
2012-12-22 16:27 - 2012-11-13 21:52 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-22 16:27 - 2012-11-13 17:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-22 16:26 - 2012-11-13 22:02 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-22 16:26 - 2012-11-13 21:57 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-12-22 16:26 - 2012-11-13 21:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-22 16:26 - 2012-11-13 21:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-22 16:26 - 2012-11-13 17:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-12-22 16:26 - 2012-11-13 17:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-12-22 16:26 - 2012-11-13 17:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-12-22 16:26 - 2012-11-13 17:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-12-22 16:26 - 2012-11-13 17:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-12-22 16:25 - 2012-11-13 22:11 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-22 16:25 - 2012-11-13 22:04 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-22 16:25 - 2012-11-13 22:04 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-22 16:25 - 2012-11-13 22:02 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-12-22 16:25 - 2012-11-13 21:55 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-22 16:25 - 2012-11-13 17:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-12-22 16:25 - 2012-11-13 17:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-22 16:25 - 2012-11-13 17:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-22 16:25 - 2012-11-13 17:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-22 16:24 - 2012-11-13 21:59 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-22 16:24 - 2012-11-13 21:58 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-22 16:24 - 2012-11-13 21:57 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-12-22 16:24 - 2012-11-13 21:55 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-22 16:24 - 2012-11-13 18:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-12-22 16:24 - 2012-11-13 17:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-22 16:24 - 2012-11-13 17:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-12-22 16:24 - 2012-11-13 17:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-22 16:23 - 2012-11-13 18:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-22 16:22 - 2012-11-13 23:06 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-22 16:22 - 2012-11-13 22:32 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-22 16:22 - 2012-11-13 18:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-22 16:21 - 2012-12-16 06:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-22 16:20 - 2012-12-16 09:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-22 16:20 - 2012-12-16 06:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-22 16:20 - 2012-12-16 06:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-22 16:11 - 2012-11-21 19:26 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-22 16:11 - 2012-11-08 21:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-22 16:11 - 2012-11-08 20:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-22 16:09 - 2012-10-04 09:46 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-12-22 16:09 - 2012-10-04 09:46 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-12-22 16:09 - 2012-10-04 09:46 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-12-22 16:09 - 2012-10-04 09:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-12-22 16:09 - 2012-10-04 09:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-12-22 16:09 - 2012-10-04 09:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-12-22 16:09 - 2012-10-04 09:41 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 09:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:47 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-12-22 16:09 - 2012-10-04 08:47 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-12-22 16:09 - 2012-10-04 08:47 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 08:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 07:21 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-12-22 16:09 - 2012-10-04 06:46 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-12-22 16:09 - 2012-10-04 06:46 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-12-22 16:09 - 2012-10-04 06:46 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-12-22 16:09 - 2012-10-04 06:46 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-12-22 16:09 - 2012-10-04 06:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 06:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 06:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-22 16:09 - 2012-10-04 06:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-12-22 16:08 - 2012-11-01 21:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-22 16:08 - 2012-11-01 21:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-22 15:59 - 2012-12-22 15:59 - 00000000 ____D C:\Users\Mak\AppData\Local\{25DB1F26-C4AF-401A-B6B9-B4793801EC51}
2012-12-22 01:19 - 2012-12-22 01:19 - 00000000 ____D C:\Users\Mak\AppData\Local\{086A2228-AF81-48E6-8FFD-B226A5B953AB}
2012-12-21 06:36 - 2012-12-21 06:36 - 00000000 ____D C:\Users\Mak\AppData\Local\{1C9933F8-40B8-4EAF-994F-6DA0F48013CC}
2012-12-20 17:22 - 2012-12-20 17:23 - 00000000 ____D C:\Users\Mak\Desktop\New folder (4)
2012-12-20 16:46 - 2012-12-20 16:46 - 00000000 ____D C:\Users\Mak\AppData\Local\{ECD43818-73F6-4D55-8347-B79388AC0C2A}
2012-12-19 20:25 - 2012-12-19 20:25 - 00000000 ____D C:\Users\Mak\AppData\Local\{28964AC0-C731-446B-8B56-ADB741B76F97}
2012-12-18 14:29 - 2012-12-18 14:29 - 00000000 ____D C:\Users\Mak\AppData\Local\{D0065D7B-6C97-4AFC-A378-F50C80B6461A}
2012-12-17 16:13 - 2012-12-17 16:13 - 00000000 ____D C:\Users\Mak\AppData\Local\{72AB8F56-25BB-4D84-81EE-ECB9FFBB72D0}
2012-12-16 17:33 - 2012-12-24 14:29 - 00000324 ____A C:\Windows\Tasks\HPCeeScheduleForMak.job
2012-12-16 16:45 - 2012-12-16 16:45 - 00000000 ____D C:\Users\Mak\AppData\Local\{BBF56A8A-9053-462B-AE69-8AD7632BC15C}
2012-12-15 16:58 - 2012-12-15 16:58 - 00000000 ____D C:\Users\Mak\AppData\Local\{0FD5A962-C4F4-4ED6-BA9B-1F6C55E0C0B8}
2012-12-14 23:21 - 2012-12-14 23:21 - 00000000 ____D C:\Users\Mak\AppData\Local\{8B169921-4FF0-4468-8429-D6A81E15458F}
2012-12-14 06:49 - 2012-12-14 06:49 - 00000000 ____D C:\Users\Mak\AppData\Local\{912CEF86-0D65-484E-A54B-1BCCE980C0CF}
2012-12-11 15:02 - 2012-12-11 15:02 - 00000000 ____D C:\Users\Mak\AppData\Local\{280DDE8C-8275-442D-A921-4FCFF7ABE6A1}
2012-12-10 15:22 - 2012-12-10 15:23 - 00000000 ____D C:\Users\Mak\AppData\Local\{9C238F5B-B27F-4B3F-BD25-E13CF8F8B9E2}
2012-12-09 14:40 - 2012-12-09 14:40 - 00000000 ____D C:\Users\Mak\AppData\Local\{6303F333-C5FE-4B8E-B1EE-D8B75A5841FF}
2012-12-07 20:44 - 2012-12-07 20:44 - 00000000 ____D C:\Users\Mak\AppData\Local\{0D01D2A9-E075-4605-A7C3-A28016E8B404}
2012-12-07 05:16 - 2012-12-07 05:16 - 00000000 ____D C:\Users\Mak\AppData\Local\{124FF442-C39E-49A8-B7B0-2EC1E4486BA5}
2012-12-05 17:45 - 2012-12-05 17:45 - 00000000 ____D C:\Users\Mak\AppData\Local\{487341E0-7FC5-49EC-948F-06968EFB98B5}
2012-12-03 22:02 - 2012-12-03 22:02 - 00000000 ____D C:\Users\Mak\AppData\Local\{64FBFDAA-CE88-4F3D-AD0C-B376C75806D6}
2012-12-03 02:56 - 2012-12-03 02:56 - 00000000 ____D C:\Users\Mak\AppData\Local\{9F0CC1CF-C431-4844-A1C0-048083C65E4E}
2012-12-01 20:45 - 2012-12-01 20:46 - 00000000 ____D C:\Users\Mak\AppData\Local\{66CA8950-FF6C-4F77-8F91-42782527E103}
2012-12-01 01:24 - 2012-12-01 01:25 - 00000000 ____D C:\Users\Mak\AppData\Local\{6E16C32E-9FBE-4911-814A-11020C00F459}
2012-11-29 19:56 - 2012-11-29 19:56 - 00000000 ____D C:\Users\Mak\AppData\Local\{40B04C41-43BD-4F1F-9E2B-E475899F0123}
2012-11-29 19:54 - 2012-11-29 19:54 - 00000000 ____D C:\Users\Mak\AppData\Local\{90426CBA-C30E-480B-A6C0-CA7323796153}
2012-11-29 07:47 - 2012-11-29 07:47 - 00000000 ____D C:\Users\Mak\AppData\Local\{28D97C93-FC9C-4E7E-AF14-E39F0D4C2D58}
2012-11-29 07:15 - 2012-11-29 07:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-11-29 07:06 - 2012-11-29 07:11 - 19337216 ____A C:\Users\Mak\Downloads\SkypeSetup_5.10.0.116.msi
2012-11-28 18:53 - 2012-11-28 18:54 - 00000000 ____D C:\Users\Mak\AppData\Local\{760FF40A-C1A0-4F65-9CD7-D014F117A557}
2012-11-28 06:53 - 2012-11-28 06:53 - 00000000 ____D C:\Users\Mak\AppData\Local\{7B1DD130-3652-44B8-87FE-25C902253B39}
2012-11-27 08:39 - 2012-11-27 08:39 - 00000000 ____D C:\Users\Mak\AppData\Local\{245D0ACF-1C3F-4281-8A56-6BCCAFFFA0EF}
2012-11-26 14:40 - 2012-11-26 14:40 - 00000000 ____D C:\Users\Mak\AppData\Local\{6271BCF7-0C1E-45DB-81CF-F8CEDAED4D0F}


==================== One Month Modified Files and Folders =======

2012-12-25 17:28 - 2012-11-04 21:11 - 01942898 ____A C:\Windows\WindowsUpdate.log
2012-12-25 17:26 - 2012-08-18 01:08 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4152141627-3958311766-2650807989-1000UA.job
2012-12-25 17:22 - 2012-12-25 17:21 - 01462827 ____A (Farbar) C:\Users\Mak\Downloads\FRST64.exe
2012-12-25 17:21 - 2009-07-13 21:13 - 00779306 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-25 16:10 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-25 16:10 - 2009-07-13 20:45 - 00023248 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-25 16:07 - 2012-12-25 16:06 - 00000000 ____D C:\Users\Mak\AppData\Local\{959442F9-38FF-4109-A6F2-9F261C76D4AA}
2012-12-25 16:03 - 2012-12-24 00:01 - 00000504 ____A C:\Windows\setupact.log
2012-12-25 16:03 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-24 14:35 - 2012-12-24 14:35 - 00000000 ____D C:\Users\Mak\AppData\Local\{D64CD5A1-2D1F-4043-B81A-D7F4F58240F0}
2012-12-24 14:29 - 2012-12-16 17:33 - 00000324 ____A C:\Windows\Tasks\HPCeeScheduleForMak.job
2012-12-24 00:01 - 2012-12-24 00:01 - 00000000 ____A C:\Windows\setuperr.log
2012-12-23 23:23 - 2012-12-23 23:23 - 00000000 ____D C:\Users\Mak\AppData\Local\{F01BD94E-4205-499A-A22C-F7F8FC0C3737}
2012-12-23 20:26 - 2012-08-18 01:08 - 00000848 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4152141627-3958311766-2650807989-1000Core.job
2012-12-23 20:01 - 2012-12-23 20:01 - 00015342 ____A C:\Users\Mak\Desktop\attach.txt
2012-12-23 20:00 - 2012-12-23 20:01 - 00027646 ____A C:\Users\Mak\Desktop\dds.txt
2012-12-23 19:54 - 2012-12-23 19:53 - 00688992 ____R (Swearware) C:\Users\Mak\Desktop\dds.com
2012-12-23 19:54 - 2010-11-15 21:36 - 00000000 ____D C:\Windows\Minidump
2012-12-23 19:38 - 2010-07-28 01:51 - 00000000 ____D C:\Users\Mak\AppData\Roaming\uTorrent
2012-12-23 19:36 - 2012-11-21 20:47 - 00000000 ____D C:\Users\Mak\Desktop\new movies
2012-12-23 17:11 - 2010-07-21 05:31 - 00000000 ____D C:\users\Mak
2012-12-23 10:53 - 2012-08-18 17:20 - 00000000 ____D C:\Users\All Users\IObit
2012-12-23 10:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing
2012-12-23 10:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-12-23 10:51 - 2010-07-29 22:42 - 00000000 ____D C:\Users\Mak\AppData\Roaming\Skype
2012-12-23 10:45 - 2011-05-10 20:24 - 00000000 ____D C:\Users\All Users\Recovery
2012-12-23 05:40 - 2012-12-22 23:20 - 00000113 ____A C:\Users\Mak\Desktop\New Text Document.txt
2012-12-23 04:09 - 2012-12-23 04:09 - 00000000 ____D C:\Users\Mak\AppData\Local\{FB5BBA1D-53AA-488C-B28A-10C52F9D21E3}
2012-12-22 20:24 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-12-22 18:23 - 2009-07-13 20:45 - 05262536 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-22 16:35 - 2010-07-21 20:22 - 67413224 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-12-22 16:35 - 2010-02-28 07:03 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-22 16:24 - 2011-03-27 18:20 - 00001456 ____A C:\Users\Mak\AppData\Local\Adobe Save for Web 12.0 Prefs
2012-12-22 15:59 - 2012-12-22 15:59 - 00000000 ____D C:\Users\Mak\AppData\Local\{25DB1F26-C4AF-401A-B6B9-B4793801EC51}
2012-12-22 01:19 - 2012-12-22 01:19 - 00000000 ____D C:\Users\Mak\AppData\Local\{086A2228-AF81-48E6-8FFD-B226A5B953AB}
2012-12-21 06:36 - 2012-12-21 06:36 - 00000000 ____D C:\Users\Mak\AppData\Local\{1C9933F8-40B8-4EAF-994F-6DA0F48013CC}
2012-12-20 17:23 - 2012-12-20 17:22 - 00000000 ____D C:\Users\Mak\Desktop\New folder (4)
2012-12-20 17:22 - 2012-11-01 15:50 - 00000000 ____D C:\Users\Mak\Desktop\facebook to upload
2012-12-20 17:17 - 2010-11-25 23:55 - 00000000 ____D C:\Users\Mak\Documents\ACID Pro 7.0 Projects
2012-12-20 17:00 - 2012-09-22 21:01 - 00000000 ____D C:\Users\Mak\Desktop\New folder (2)
2012-12-20 16:46 - 2012-12-20 16:46 - 00000000 ____D C:\Users\Mak\AppData\Local\{ECD43818-73F6-4D55-8347-B79388AC0C2A}
2012-12-19 20:25 - 2012-12-19 20:25 - 00000000 ____D C:\Users\Mak\AppData\Local\{28964AC0-C731-446B-8B56-ADB741B76F97}
2012-12-18 14:29 - 2012-12-18 14:29 - 00000000 ____D C:\Users\Mak\AppData\Local\{D0065D7B-6C97-4AFC-A378-F50C80B6461A}
2012-12-17 16:13 - 2012-12-17 16:13 - 00000000 ____D C:\Users\Mak\AppData\Local\{72AB8F56-25BB-4D84-81EE-ECB9FFBB72D0}
2012-12-16 16:45 - 2012-12-16 16:45 - 00000000 ____D C:\Users\Mak\AppData\Local\{BBF56A8A-9053-462B-AE69-8AD7632BC15C}
2012-12-16 09:11 - 2012-12-22 16:20 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 06:45 - 2012-12-22 16:20 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 06:13 - 2012-12-22 16:21 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-16 06:13 - 2012-12-22 16:20 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-15 16:58 - 2012-12-15 16:58 - 00000000 ____D C:\Users\Mak\AppData\Local\{0FD5A962-C4F4-4ED6-BA9B-1F6C55E0C0B8}
2012-12-14 23:21 - 2012-12-14 23:21 - 00000000 ____D C:\Users\Mak\AppData\Local\{8B169921-4FF0-4468-8429-D6A81E15458F}
2012-12-14 06:49 - 2012-12-14 06:49 - 00000000 ____D C:\Users\Mak\AppData\Local\{912CEF86-0D65-484E-A54B-1BCCE980C0CF}
2012-12-11 15:02 - 2012-12-11 15:02 - 00000000 ____D C:\Users\Mak\AppData\Local\{280DDE8C-8275-442D-A921-4FCFF7ABE6A1}
2012-12-10 15:23 - 2012-12-10 15:22 - 00000000 ____D C:\Users\Mak\AppData\Local\{9C238F5B-B27F-4B3F-BD25-E13CF8F8B9E2}
2012-12-10 15:22 - 2012-03-01 00:19 - 00000000 ____D C:\Users\Mak\AppData\Local\Windows Live
2012-12-09 21:02 - 2012-09-25 03:00 - 00000000 ____D C:\Program Files (x86)\Replay Video Capture
2012-12-09 14:40 - 2012-12-09 14:40 - 00000000 ____D C:\Users\Mak\AppData\Local\{6303F333-C5FE-4B8E-B1EE-D8B75A5841FF}
2012-12-07 20:44 - 2012-12-07 20:44 - 00000000 ____D C:\Users\Mak\AppData\Local\{0D01D2A9-E075-4605-A7C3-A28016E8B404}
2012-12-07 05:16 - 2012-12-07 05:16 - 00000000 ____D C:\Users\Mak\AppData\Local\{124FF442-C39E-49A8-B7B0-2EC1E4486BA5}
2012-12-05 17:45 - 2012-12-05 17:45 - 00000000 ____D C:\Users\Mak\AppData\Local\{487341E0-7FC5-49EC-948F-06968EFB98B5}
2012-12-03 22:02 - 2012-12-03 22:02 - 00000000 ____D C:\Users\Mak\AppData\Local\{64FBFDAA-CE88-4F3D-AD0C-B376C75806D6}
2012-12-03 02:56 - 2012-12-03 02:56 - 00000000 ____D C:\Users\Mak\AppData\Local\{9F0CC1CF-C431-4844-A1C0-048083C65E4E}
2012-12-01 20:46 - 2012-12-01 20:45 - 00000000 ____D C:\Users\Mak\AppData\Local\{66CA8950-FF6C-4F77-8F91-42782527E103}
2012-12-01 01:25 - 2012-12-01 01:24 - 00000000 ____D C:\Users\Mak\AppData\Local\{6E16C32E-9FBE-4911-814A-11020C00F459}
2012-11-30 07:10 - 2012-11-25 20:14 - 00000000 ____D C:\Users\Mak\Desktop\Patrick Wolf B Sides Playlist
2012-11-29 19:56 - 2012-11-29 19:56 - 00000000 ____D C:\Users\Mak\AppData\Local\{40B04C41-43BD-4F1F-9E2B-E475899F0123}
2012-11-29 19:54 - 2012-11-29 19:54 - 00000000 ____D C:\Users\Mak\AppData\Local\{90426CBA-C30E-480B-A6C0-CA7323796153}
2012-11-29 07:47 - 2012-11-29 07:47 - 00000000 ____D C:\Users\Mak\AppData\Local\{28D97C93-FC9C-4E7E-AF14-E39F0D4C2D58}
2012-11-29 07:16 - 2010-07-29 22:42 - 00000000 ____D C:\Users\All Users\Skype
2012-11-29 07:15 - 2012-11-29 07:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-11-29 07:11 - 2012-11-29 07:06 - 19337216 ____A C:\Users\Mak\Downloads\SkypeSetup_5.10.0.116.msi
2012-11-29 07:10 - 2010-02-28 07:38 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-29 07:09 - 2012-06-11 22:41 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-29 07:09 - 2011-06-17 04:25 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-11-29 05:58 - 2010-07-21 19:26 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-28 18:54 - 2012-11-28 18:53 - 00000000 ____D C:\Users\Mak\AppData\Local\{760FF40A-C1A0-4F65-9CD7-D014F117A557}
2012-11-28 06:53 - 2012-11-28 06:53 - 00000000 ____D C:\Users\Mak\AppData\Local\{7B1DD130-3652-44B8-87FE-25C902253B39}
2012-11-27 08:39 - 2012-11-27 08:39 - 00000000 ____D C:\Users\Mak\AppData\Local\{245D0ACF-1C3F-4281-8A56-6BCCAFFFA0EF}
2012-11-26 15:14 - 2012-11-13 15:37 - 00000000 ____D C:\Users\Mak\Downloads\breaking bad
2012-11-26 14:40 - 2012-11-26 14:40 - 00000000 ____D C:\Users\Mak\AppData\Local\{6271BCF7-0C1E-45DB-81CF-F8CEDAED4D0F}


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-11-28 07:03:09
Restore point made on: 2012-11-29 07:13:17
Restore point made on: 2012-11-29 07:14:50
Restore point made on: 2012-11-29 07:15:46
Restore point made on: 2012-12-09 18:20:47
Restore point made on: 2012-12-16 18:47:55
Restore point made on: 2012-12-22 01:33:43
Restore point made on: 2012-12-22 16:12:47

==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 3893.86 MB
Available physical RAM: 3170.53 MB
Total Pagefile: 3892.01 MB
Available Pagefile: 3167.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:444.52 GB) (Free:101.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive e: (RECOVERY) (Fixed) (Total:20.94 GB) (Free:3.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
5 Drive h: (USB STICK) (Removable) (Total:7.42 GB) (Free:0.09 GB) FAT32
6 Drive i: (Optus Mobile) (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
9 Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 7620 MB 0 B
Disk 2 No Media 0 B 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 199 MB 1024 KB
Partition 2 Primary 444 GB 200 MB
Partition 3 Primary 20 GB 444 GB
Partition 4 Primary 103 MB 465 GB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y SYSTEM NTFS Partition 199 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 444 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E RECOVERY NTFS Partition 20 GB Healthy

=========================================================

Disk: 0
Partition 4
Type : 0C
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F HP_TOOLS FAT32 Partition 103 MB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7616 MB 64 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 H USB STICK FAT32 Removable 7616 MB Healthy

=========================================================

Last Boot: 2012-12-25 04:33

==================== End Of Log =============================

#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 25 December 2012 - 09:26 PM

There seems no sign of any serious infection. We don't see any memory.dmp file made while the error log shows that such a file is made. We will run another tool to rule out MBR infection and at the same time wet the system to make mini dump files. In case you faced with a new BSOD please let me know.


  • Please uninstall Advanced System Care 5 as it might interfere with our fixes.
  • Please check and if needed set Windows to create mini crash dumps:
    • Go to Start => Right-click Computer and select Properties.
    • On the left pane select "Advanced system settings".
    • Under "startup and Recovery" press "Settings...".
    • Under "system failure":

      • "Write an event to the system log" should be selected.
      • "Automatically restart" should be unselected.
      • Under "Write debugging information" it should be set to "Small memory dump(256 KB)"
    • click "OK".
  • Please download TDSSKiller.zip and and extract it.
    • Run TDSSKiller.exe.
    • Click Start scan.
    • When it is finished the utility outputs a list of detected objects with description.
      The utility automatically selects an action (Cure or Delete) for malicious objects.
      The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
    • Let reboot if needed and tell me if the tool needed a reboot.
    • Click on Report and post the contents of the text file that will open.

      Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.
  • Please download MiniToolBox and save it to your desktop and run it.

    Checkmark following checkboxes:
    • List last 10 Event Viewer log
    • List installed programs.
    • List Devices (only check the box and let the default radio button as it is).
    • List Restore Points.
    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.


#5 this is mak

this is mak
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 25 December 2012 - 11:46 PM

Hi Farbar,

I followed all your instructions. TDSSKILLER did not need a reboot.


15:37:19.0445 5068 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:37:21.0408 5068 ============================================================
15:37:21.0408 5068 Current date / time: 2012/12/26 15:37:21.0408
15:37:21.0408 5068 SystemInfo:
15:37:21.0408 5068
15:37:21.0408 5068 OS Version: 6.1.7601 ServicePack: 1.0
15:37:21.0408 5068 Product type: Workstation
15:37:21.0409 5068 ComputerName: LAPTOP
15:37:21.0409 5068 UserName: Mak
15:37:21.0409 5068 Windows directory: C:\Windows
15:37:21.0409 5068 System windows directory: C:\Windows
15:37:21.0409 5068 Running under WOW64
15:37:21.0409 5068 Processor architecture: Intel x64
15:37:21.0409 5068 Number of processors: 4
15:37:21.0409 5068 Page size: 0x1000
15:37:21.0409 5068 Boot type: Normal boot
15:37:21.0409 5068 ============================================================
15:37:22.0067 5068 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:37:22.0087 5068 ============================================================
15:37:22.0087 5068 \Device\Harddisk0\DR0:
15:37:22.0088 5068 MBR partitions:
15:37:22.0088 5068 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
15:37:22.0088 5068 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3790C000
15:37:22.0088 5068 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37970000, BlocksNum 0x29E2000
15:37:22.0088 5068 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x3A352000, BlocksNum 0x33830
15:37:22.0088 5068 ============================================================
15:37:22.0111 5068 C: <-> \Device\Harddisk0\DR0\Partition2
15:37:22.0155 5068 D: <-> \Device\Harddisk0\DR0\Partition3
15:37:22.0166 5068 E: <-> \Device\Harddisk0\DR0\Partition4
15:37:22.0166 5068 ============================================================
15:37:22.0166 5068 Initialize success
15:37:22.0166 5068 ============================================================
15:39:19.0011 0760 ============================================================
15:39:19.0011 0760 Scan started
15:39:19.0011 0760 Mode: Manual;
15:39:19.0011 0760 ============================================================
15:39:19.0310 0760 ================ Scan system memory ========================
15:39:19.0310 0760 System memory - ok
15:39:19.0310 0760 ================ Scan services =============================
15:39:19.0495 0760 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:39:19.0500 0760 1394ohci - ok
15:39:19.0545 0760 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
15:39:19.0546 0760 Accelerometer - ok
15:39:19.0605 0760 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:39:19.0610 0760 ACPI - ok
15:39:19.0666 0760 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:39:19.0667 0760 AcpiPmi - ok
15:39:19.0719 0760 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:39:19.0727 0760 adp94xx - ok
15:39:19.0795 0760 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:39:19.0801 0760 adpahci - ok
15:39:19.0835 0760 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:39:19.0839 0760 adpu320 - ok
15:39:19.0885 0760 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:39:19.0887 0760 AeLookupSvc - ok
15:39:19.0947 0760 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
15:39:19.0949 0760 AESTFilters - ok
15:39:20.0005 0760 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:39:20.0013 0760 AFD - ok
15:39:20.0053 0760 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:39:20.0055 0760 agp440 - ok
15:39:20.0082 0760 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:39:20.0084 0760 ALG - ok
15:39:20.0097 0760 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:39:20.0099 0760 aliide - ok
15:39:20.0150 0760 [ 48619A29F9C9C3CFEB66718DD03D8057 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:39:20.0153 0760 AMD External Events Utility - ok
15:39:20.0178 0760 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:39:20.0180 0760 amdide - ok
15:39:20.0221 0760 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:39:20.0223 0760 AmdK8 - ok
15:39:20.0428 0760 [ 06BF0785DE714637EBA9BB1084B28626 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:39:20.0537 0760 amdkmdag - ok
15:39:20.0589 0760 [ 2DEC3274589FF6889AB05ADCEEB0F642 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:39:20.0592 0760 amdkmdap - ok
15:39:20.0640 0760 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:39:20.0642 0760 AmdPPM - ok
15:39:20.0686 0760 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:39:20.0689 0760 amdsata - ok
15:39:20.0749 0760 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:39:20.0753 0760 amdsbs - ok
15:39:20.0788 0760 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:39:20.0789 0760 amdxata - ok
15:39:20.0842 0760 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:39:20.0844 0760 AppID - ok
15:39:20.0895 0760 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:39:20.0897 0760 AppIDSvc - ok
15:39:20.0944 0760 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:39:20.0946 0760 Appinfo - ok
15:39:21.0058 0760 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:39:21.0060 0760 Apple Mobile Device - ok
15:39:21.0095 0760 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:39:21.0098 0760 arc - ok
15:39:21.0128 0760 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:39:21.0130 0760 arcsas - ok
15:39:21.0263 0760 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:39:21.0265 0760 aspnet_state - ok
15:39:21.0292 0760 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:39:21.0293 0760 aswFsBlk - ok
15:39:21.0346 0760 [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
15:39:21.0347 0760 aswKbd - ok
15:39:21.0362 0760 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:39:21.0364 0760 aswMonFlt - ok
15:39:21.0375 0760 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:39:21.0376 0760 aswRdr - ok
15:39:21.0408 0760 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:39:21.0418 0760 aswSnx - ok
15:39:21.0436 0760 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:39:21.0441 0760 aswSP - ok
15:39:21.0453 0760 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:39:21.0455 0760 aswTdi - ok
15:39:21.0471 0760 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:39:21.0473 0760 AsyncMac - ok
15:39:21.0514 0760 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:39:21.0515 0760 atapi - ok
15:39:21.0630 0760 [ B4421D8CDADC441F76BA39532A3E3414 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:39:21.0682 0760 athr - ok
15:39:21.0717 0760 [ D048E78B8B6416A0A5A18843867C9973 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:39:21.0719 0760 AtiHDAudioService - ok
15:39:21.0738 0760 [ FB7602C5C508BE281368AAE0B61B51C6 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:39:21.0742 0760 AtiHdmiService - ok
15:39:21.0796 0760 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:39:21.0807 0760 AudioEndpointBuilder - ok
15:39:21.0821 0760 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:39:21.0829 0760 AudioSrv - ok
15:39:21.0892 0760 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
15:39:21.0893 0760 avast! Antivirus - ok
15:39:21.0940 0760 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:39:21.0943 0760 AxInstSV - ok
15:39:21.0980 0760 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:39:21.0989 0760 b06bdrv - ok
15:39:22.0018 0760 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:39:22.0023 0760 b57nd60a - ok
15:39:22.0059 0760 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:39:22.0062 0760 BDESVC - ok
15:39:22.0077 0760 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:39:22.0079 0760 Beep - ok
15:39:22.0134 0760 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:39:22.0146 0760 BFE - ok
15:39:22.0218 0760 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:39:22.0235 0760 BITS - ok
15:39:22.0255 0760 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:39:22.0257 0760 blbdrive - ok
15:39:22.0291 0760 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:39:22.0296 0760 Bonjour Service - ok
15:39:22.0335 0760 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:39:22.0337 0760 bowser - ok
15:39:22.0367 0760 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:39:22.0368 0760 BrFiltLo - ok
15:39:22.0396 0760 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:39:22.0397 0760 BrFiltUp - ok
15:39:22.0448 0760 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:39:22.0451 0760 Browser - ok
15:39:22.0481 0760 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:39:22.0486 0760 Brserid - ok
15:39:22.0508 0760 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:39:22.0510 0760 BrSerWdm - ok
15:39:22.0541 0760 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:39:22.0542 0760 BrUsbMdm - ok
15:39:22.0577 0760 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:39:22.0578 0760 BrUsbSer - ok
15:39:22.0606 0760 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:39:22.0608 0760 BTHMODEM - ok
15:39:22.0635 0760 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:39:22.0638 0760 bthserv - ok
15:39:22.0666 0760 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:39:22.0668 0760 cdfs - ok
15:39:22.0726 0760 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:39:22.0729 0760 cdrom - ok
15:39:22.0784 0760 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:39:22.0787 0760 CertPropSvc - ok
15:39:22.0815 0760 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:39:22.0817 0760 circlass - ok
15:39:22.0844 0760 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:39:22.0850 0760 CLFS - ok
15:39:22.0895 0760 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:39:22.0898 0760 clr_optimization_v2.0.50727_32 - ok
15:39:22.0940 0760 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:39:22.0943 0760 clr_optimization_v2.0.50727_64 - ok
15:39:22.0989 0760 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:39:22.0992 0760 clr_optimization_v4.0.30319_32 - ok
15:39:23.0008 0760 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:39:23.0010 0760 clr_optimization_v4.0.30319_64 - ok
15:39:23.0038 0760 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:39:23.0040 0760 CmBatt - ok
15:39:23.0140 0760 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
15:39:23.0167 0760 cmdAgent - ok
15:39:23.0203 0760 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
15:39:23.0209 0760 cmdGuard - ok
15:39:23.0226 0760 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
15:39:23.0227 0760 cmdHlp - ok
15:39:23.0272 0760 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:39:23.0274 0760 cmdide - ok
15:39:23.0330 0760 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:39:23.0338 0760 CNG - ok
15:39:23.0364 0760 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:39:23.0365 0760 Compbatt - ok
15:39:23.0373 0760 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:39:23.0375 0760 CompositeBus - ok
15:39:23.0380 0760 COMSysApp - ok
15:39:23.0398 0760 CpqDfw - ok
15:39:23.0419 0760 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:39:23.0421 0760 crcdisk - ok
15:39:23.0467 0760 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:39:23.0471 0760 CryptSvc - ok
15:39:23.0527 0760 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:39:23.0540 0760 DcomLaunch - ok
15:39:23.0617 0760 [ 3B604417EBAE4E1E66E6ABD8CC55FD76 ] DCService.exe C:\ProgramData\DatacardService\DCService.exe
15:39:23.0620 0760 DCService.exe - ok
15:39:23.0641 0760 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:39:23.0647 0760 defragsvc - ok
15:39:23.0687 0760 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:39:23.0689 0760 DfsC - ok
15:39:23.0702 0760 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:39:23.0709 0760 Dhcp - ok
15:39:23.0730 0760 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:39:23.0731 0760 discache - ok
15:39:23.0741 0760 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:39:23.0743 0760 Disk - ok
15:39:23.0795 0760 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:39:23.0799 0760 Dnscache - ok
15:39:23.0846 0760 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:39:23.0852 0760 dot3svc - ok
15:39:23.0900 0760 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:39:23.0905 0760 DPS - ok
15:39:23.0914 0760 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:39:23.0915 0760 drmkaud - ok
15:39:23.0935 0760 [ A298AEA9FCA253E7EFF040A08C7C6376 ] DVMIO C:\Windows\system32\DRIVERS\dvmio.sys
15:39:23.0936 0760 DVMIO - ok
15:39:24.0009 0760 [ 291A3DEE24999EE4618ED0C7A9A8DB7A ] DvmMDES C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe
15:39:24.0013 0760 DvmMDES - ok
15:39:24.0077 0760 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:39:24.0088 0760 DXGKrnl - ok
15:39:24.0116 0760 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:39:24.0121 0760 EapHost - ok
15:39:24.0212 0760 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:39:24.0260 0760 ebdrv - ok
15:39:24.0303 0760 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:39:24.0307 0760 EFS - ok
15:39:24.0380 0760 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:39:24.0391 0760 ehRecvr - ok
15:39:24.0421 0760 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:39:24.0424 0760 ehSched - ok
15:39:24.0463 0760 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:39:24.0471 0760 elxstor - ok
15:39:24.0488 0760 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:39:24.0489 0760 ErrDev - ok
15:39:24.0533 0760 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:39:24.0542 0760 EventSystem - ok
15:39:24.0590 0760 [ D83EB7ADE99D99A4CD6568AC1261D35E ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
15:39:24.0595 0760 ewusbnet - ok
15:39:24.0623 0760 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
15:39:24.0626 0760 ew_hwusbdev - ok
15:39:24.0653 0760 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:39:24.0657 0760 exfat - ok
15:39:24.0675 0760 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:39:24.0679 0760 fastfat - ok
15:39:24.0740 0760 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:39:24.0753 0760 Fax - ok
15:39:24.0777 0760 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:39:24.0779 0760 fdc - ok
15:39:24.0799 0760 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:39:24.0801 0760 fdPHost - ok
15:39:24.0814 0760 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:39:24.0818 0760 FDResPub - ok
15:39:24.0832 0760 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:39:24.0834 0760 FileInfo - ok
15:39:24.0849 0760 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:39:24.0851 0760 Filetrace - ok
15:39:24.0879 0760 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:39:24.0881 0760 flpydisk - ok
15:39:24.0901 0760 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:39:24.0906 0760 FltMgr - ok
15:39:24.0965 0760 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:39:24.0983 0760 FontCache - ok
15:39:25.0053 0760 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:39:25.0056 0760 FontCache3.0.0.0 - ok
15:39:25.0087 0760 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:39:25.0089 0760 FsDepends - ok
15:39:25.0133 0760 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:39:25.0135 0760 Fs_Rec - ok
15:39:25.0182 0760 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:39:25.0187 0760 fvevol - ok
15:39:25.0202 0760 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:39:25.0205 0760 gagp30kx - ok
15:39:25.0305 0760 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:39:25.0310 0760 GamesAppService - ok
15:39:25.0362 0760 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:39:25.0363 0760 GEARAspiWDM - ok
15:39:25.0429 0760 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:39:25.0443 0760 gpsvc - ok
15:39:25.0467 0760 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:39:25.0469 0760 hcw85cir - ok
15:39:25.0520 0760 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:39:25.0526 0760 HdAudAddService - ok
15:39:25.0563 0760 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:39:25.0565 0760 HDAudBus - ok
15:39:25.0609 0760 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:39:25.0611 0760 HECIx64 - ok
15:39:25.0651 0760 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:39:25.0653 0760 HidBatt - ok
15:39:25.0703 0760 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:39:25.0706 0760 HidBth - ok
15:39:25.0728 0760 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:39:25.0730 0760 HidIr - ok
15:39:25.0754 0760 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:39:25.0757 0760 hidserv - ok
15:39:25.0771 0760 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:39:25.0773 0760 HidUsb - ok
15:39:25.0814 0760 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:39:25.0819 0760 hkmsvc - ok
15:39:25.0871 0760 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:39:25.0878 0760 HomeGroupListener - ok
15:39:25.0931 0760 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:39:25.0939 0760 HomeGroupProvider - ok
15:39:25.0992 0760 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:39:25.0994 0760 HP Support Assistant Service - ok
15:39:26.0066 0760 [ A2DE0A67C77EBC6DFAD3D55232790ADD ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
15:39:26.0068 0760 HP Wireless Assistant Service - ok
15:39:26.0116 0760 [ C958976C7DAAF47084A33EBBC6E28B84 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:39:26.0118 0760 HPDrvMntSvc.exe - ok
15:39:26.0135 0760 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
15:39:26.0136 0760 hpdskflt - ok
15:39:26.0193 0760 [ 09FBD4C4DB2FD84B9AB1C5BFDCC95559 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:39:26.0202 0760 hpqwmiex - ok
15:39:26.0250 0760 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:39:26.0253 0760 HpSAMD - ok
15:39:26.0282 0760 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
15:39:26.0285 0760 hpsrv - ok
15:39:26.0328 0760 [ B6492D01712A22FF3FEA25A999DBD321 ] HPWMISVC C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
15:39:26.0329 0760 HPWMISVC - ok
15:39:26.0382 0760 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:39:26.0394 0760 HTTP - ok
15:39:26.0436 0760 [ 09AF4D7563EFC283BEDDDAFE60FAF168 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
15:39:26.0438 0760 huawei_enumerator - ok
15:39:26.0467 0760 [ 6E05228393CD614B983568EC40C262C3 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
15:39:26.0470 0760 hwdatacard - ok
15:39:26.0510 0760 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:39:26.0511 0760 hwpolicy - ok
15:39:26.0520 0760 hwusbfake - ok
15:39:26.0564 0760 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:39:26.0567 0760 i8042prt - ok
15:39:26.0601 0760 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:39:26.0607 0760 iaStor - ok
15:39:26.0674 0760 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:39:26.0681 0760 iaStorV - ok
15:39:26.0757 0760 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:39:26.0771 0760 idsvc - ok
15:39:27.0026 0760 [ 1BE8D9CA4F2363B8E8015621878E0043 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:39:27.0241 0760 igfx - ok
15:39:27.0260 0760 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:39:27.0262 0760 iirsp - ok
15:39:27.0323 0760 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:39:27.0337 0760 IKEEXT - ok
15:39:27.0365 0760 [ 36FDF367A1DABFF903E2214023D71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
15:39:27.0368 0760 Impcd - ok
15:39:27.0403 0760 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
15:39:27.0404 0760 inspect - ok
15:39:27.0421 0760 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:39:27.0423 0760 intelide - ok
15:39:27.0662 0760 [ 1BE8D9CA4F2363B8E8015621878E0043 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
15:39:27.0862 0760 intelkmd - ok
15:39:27.0887 0760 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:39:27.0888 0760 intelppm - ok
15:39:27.0917 0760 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:39:27.0921 0760 IPBusEnum - ok
15:39:27.0964 0760 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:39:27.0967 0760 IpFilterDriver - ok
15:39:28.0019 0760 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:39:28.0030 0760 iphlpsvc - ok
15:39:28.0076 0760 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:39:28.0079 0760 IPMIDRV - ok
15:39:28.0107 0760 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:39:28.0110 0760 IPNAT - ok
15:39:28.0191 0760 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:39:28.0205 0760 iPod Service - ok
15:39:28.0220 0760 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:39:28.0222 0760 IRENUM - ok
15:39:28.0234 0760 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:39:28.0236 0760 isapnp - ok
15:39:28.0257 0760 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:39:28.0263 0760 iScsiPrt - ok
15:39:28.0280 0760 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:39:28.0282 0760 kbdclass - ok
15:39:28.0292 0760 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:39:28.0294 0760 kbdhid - ok
15:39:28.0303 0760 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:39:28.0307 0760 KeyIso - ok
15:39:28.0350 0760 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:39:28.0352 0760 KSecDD - ok
15:39:28.0405 0760 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:39:28.0408 0760 KSecPkg - ok
15:39:28.0430 0760 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:39:28.0431 0760 ksthunk - ok
15:39:28.0460 0760 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:39:28.0470 0760 KtmRm - ok
15:39:28.0516 0760 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:39:28.0525 0760 LanmanServer - ok
15:39:28.0574 0760 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:39:28.0582 0760 LanmanWorkstation - ok
15:39:28.0622 0760 [ 07B1888209C54B675FFCCBDE9F06D2C6 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:39:28.0624 0760 LightScribeService - ok
15:39:28.0643 0760 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:39:28.0645 0760 lltdio - ok
15:39:28.0688 0760 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:39:28.0696 0760 lltdsvc - ok
15:39:28.0716 0760 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:39:28.0720 0760 lmhosts - ok
15:39:28.0776 0760 [ 7485FBCEF9136F530953575E2977859D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
15:39:28.0779 0760 LMS - ok
15:39:28.0806 0760 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:39:28.0809 0760 LSI_FC - ok
15:39:28.0837 0760 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:39:28.0840 0760 LSI_SAS - ok
15:39:28.0865 0760 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:39:28.0867 0760 LSI_SAS2 - ok
15:39:28.0889 0760 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:39:28.0892 0760 LSI_SCSI - ok
15:39:28.0917 0760 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:39:28.0920 0760 luafv - ok
15:39:28.0968 0760 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:39:28.0969 0760 MBAMProtector - ok
15:39:29.0009 0760 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:39:29.0014 0760 MBAMScheduler - ok
15:39:29.0066 0760 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:39:29.0074 0760 MBAMService - ok
15:39:29.0123 0760 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:39:29.0128 0760 Mcx2Svc - ok
15:39:29.0157 0760 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:39:29.0160 0760 megasas - ok
15:39:29.0189 0760 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:39:29.0195 0760 MegaSR - ok
15:39:29.0224 0760 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:39:29.0229 0760 MMCSS - ok
15:39:29.0250 0760 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:39:29.0251 0760 Modem - ok
15:39:29.0295 0760 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:39:29.0297 0760 monitor - ok
15:39:29.0346 0760 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:39:29.0347 0760 mouclass - ok
15:39:29.0378 0760 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:39:29.0380 0760 mouhid - ok
15:39:29.0435 0760 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:39:29.0437 0760 mountmgr - ok
15:39:29.0468 0760 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:39:29.0471 0760 MozillaMaintenance - ok
15:39:29.0490 0760 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:39:29.0494 0760 mpio - ok
15:39:29.0511 0760 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:39:29.0514 0760 mpsdrv - ok
15:39:29.0572 0760 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:39:29.0589 0760 MpsSvc - ok
15:39:29.0634 0760 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:39:29.0637 0760 MRxDAV - ok
15:39:29.0688 0760 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:39:29.0691 0760 mrxsmb - ok
15:39:29.0746 0760 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:39:29.0752 0760 mrxsmb10 - ok
15:39:29.0768 0760 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:39:29.0771 0760 mrxsmb20 - ok
15:39:29.0811 0760 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:39:29.0813 0760 msahci - ok
15:39:29.0831 0760 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:39:29.0835 0760 msdsm - ok
15:39:29.0851 0760 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:39:29.0857 0760 MSDTC - ok
15:39:29.0888 0760 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:39:29.0890 0760 Msfs - ok
15:39:29.0906 0760 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:39:29.0907 0760 mshidkmdf - ok
15:39:29.0921 0760 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:39:29.0922 0760 msisadrv - ok
15:39:29.0948 0760 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:39:29.0954 0760 MSiSCSI - ok
15:39:29.0961 0760 msiserver - ok
15:39:29.0978 0760 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:39:29.0979 0760 MSKSSRV - ok
15:39:29.0997 0760 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:39:29.0999 0760 MSPCLOCK - ok
15:39:30.0013 0760 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:39:30.0014 0760 MSPQM - ok
15:39:30.0068 0760 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:39:30.0074 0760 MsRPC - ok
15:39:30.0122 0760 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:39:30.0123 0760 mssmbios - ok
15:39:30.0130 0760 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:39:30.0132 0760 MSTEE - ok
15:39:30.0163 0760 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:39:30.0165 0760 MTConfig - ok
15:39:30.0184 0760 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:39:30.0186 0760 Mup - ok
15:39:30.0252 0760 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:39:30.0264 0760 napagent - ok
15:39:30.0318 0760 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:39:30.0324 0760 NativeWifiP - ok
15:39:30.0383 0760 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:39:30.0398 0760 NDIS - ok
15:39:30.0420 0760 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:39:30.0422 0760 NdisCap - ok
15:39:30.0437 0760 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:39:30.0439 0760 NdisTapi - ok
15:39:30.0488 0760 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:39:30.0490 0760 Ndisuio - ok
15:39:30.0537 0760 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:39:30.0540 0760 NdisWan - ok
15:39:30.0590 0760 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:39:30.0592 0760 NDProxy - ok
15:39:30.0647 0760 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:39:30.0648 0760 NetBIOS - ok
15:39:30.0703 0760 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:39:30.0707 0760 NetBT - ok
15:39:30.0728 0760 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:39:30.0732 0760 Netlogon - ok
15:39:30.0758 0760 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:39:30.0767 0760 Netman - ok
15:39:30.0812 0760 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:30.0816 0760 NetMsmqActivator - ok
15:39:30.0823 0760 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:30.0826 0760 NetPipeActivator - ok
15:39:30.0853 0760 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:39:30.0865 0760 netprofm - ok
15:39:30.0877 0760 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:30.0880 0760 NetTcpActivator - ok
15:39:30.0887 0760 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:30.0890 0760 NetTcpPortSharing - ok
15:39:31.0024 0760 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
15:39:31.0105 0760 netw5v64 - ok
15:39:31.0135 0760 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:39:31.0138 0760 nfrd960 - ok
15:39:31.0187 0760 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:39:31.0195 0760 NlaSvc - ok
15:39:31.0221 0760 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:39:31.0223 0760 Npfs - ok
15:39:31.0248 0760 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:39:31.0253 0760 nsi - ok
15:39:31.0261 0760 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:39:31.0262 0760 nsiproxy - ok
15:39:31.0341 0760 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:39:31.0366 0760 Ntfs - ok
15:39:31.0378 0760 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:39:31.0380 0760 Null - ok
15:39:31.0427 0760 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:39:31.0431 0760 nvraid - ok
15:39:31.0445 0760 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:39:31.0449 0760 nvstor - ok
15:39:31.0501 0760 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:39:31.0504 0760 nv_agp - ok
15:39:31.0589 0760 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:39:31.0597 0760 odserv - ok
15:39:31.0621 0760 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:39:31.0624 0760 ohci1394 - ok
15:39:31.0643 0760 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:39:31.0646 0760 ose - ok
15:39:31.0687 0760 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:39:31.0696 0760 p2pimsvc - ok
15:39:31.0723 0760 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:39:31.0734 0760 p2psvc - ok
15:39:31.0758 0760 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:39:31.0761 0760 Parport - ok
15:39:31.0808 0760 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:39:31.0810 0760 partmgr - ok
15:39:31.0822 0760 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:39:31.0830 0760 PcaSvc - ok
15:39:31.0891 0760 [ 81B5E63131090879AD6EF9F32109B88D ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:39:31.0893 0760 pccsmcfd - ok
15:39:31.0912 0760 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:39:31.0915 0760 pci - ok
15:39:31.0966 0760 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:39:31.0968 0760 pciide - ok
15:39:31.0992 0760 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:39:31.0997 0760 pcmcia - ok
15:39:32.0017 0760 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:39:32.0018 0760 pcw - ok
15:39:32.0047 0760 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:39:32.0058 0760 PEAUTH - ok
15:39:32.0140 0760 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:39:32.0144 0760 PerfHost - ok
15:39:32.0237 0760 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:39:32.0262 0760 pla - ok
15:39:32.0317 0760 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:39:32.0329 0760 PlugPlay - ok
15:39:32.0345 0760 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:39:32.0351 0760 PNRPAutoReg - ok
15:39:32.0370 0760 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:39:32.0378 0760 PNRPsvc - ok
15:39:32.0410 0760 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:39:32.0420 0760 PolicyAgent - ok
15:39:32.0448 0760 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:39:32.0457 0760 Power - ok
15:39:32.0507 0760 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:39:32.0510 0760 PptpMiniport - ok
15:39:32.0537 0760 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:39:32.0539 0760 Processor - ok
15:39:32.0592 0760 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:39:32.0600 0760 ProfSvc - ok
15:39:32.0637 0760 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:39:32.0640 0760 ProtectedStorage - ok
15:39:32.0695 0760 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:39:32.0698 0760 Psched - ok
15:39:32.0781 0760 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:39:32.0804 0760 ql2300 - ok
15:39:32.0822 0760 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:39:32.0826 0760 ql40xx - ok
15:39:32.0857 0760 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:39:32.0866 0760 QWAVE - ok
15:39:32.0889 0760 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:39:32.0890 0760 QWAVEdrv - ok
15:39:32.0910 0760 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:39:32.0912 0760 RasAcd - ok
15:39:32.0924 0760 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:39:32.0925 0760 RasAgileVpn - ok
15:39:32.0945 0760 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:39:32.0951 0760 RasAuto - ok
15:39:32.0997 0760 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:33.0001 0760 Rasl2tp - ok
15:39:33.0063 0760 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:39:33.0074 0760 RasMan - ok
15:39:33.0093 0760 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:33.0095 0760 RasPppoe - ok
15:39:33.0107 0760 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:39:33.0110 0760 RasSstp - ok
15:39:33.0157 0760 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:39:33.0163 0760 rdbss - ok
15:39:33.0183 0760 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:39:33.0185 0760 rdpbus - ok
15:39:33.0202 0760 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:33.0204 0760 RDPCDD - ok
15:39:33.0222 0760 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:39:33.0223 0760 RDPENCDD - ok
15:39:33.0237 0760 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:39:33.0239 0760 RDPREFMP - ok
15:39:33.0290 0760 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:39:33.0292 0760 RdpVideoMiniport - ok
15:39:33.0334 0760 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:39:33.0339 0760 RDPWD - ok
15:39:33.0385 0760 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:39:33.0389 0760 rdyboost - ok
15:39:33.0423 0760 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:39:33.0428 0760 RemoteAccess - ok
15:39:33.0459 0760 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:39:33.0467 0760 RemoteRegistry - ok
15:39:33.0519 0760 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:39:33.0521 0760 RimUsb - ok
15:39:33.0545 0760 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:39:33.0552 0760 RpcEptMapper - ok
15:39:33.0570 0760 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:39:33.0574 0760 RpcLocator - ok
15:39:33.0627 0760 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:39:33.0639 0760 RpcSs - ok
15:39:33.0659 0760 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:39:33.0661 0760 rspndr - ok
15:39:33.0688 0760 [ 907C4464381B5EBDFDC60F6C7D0DEDFC ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:39:33.0694 0760 RSUSBSTOR - ok
15:39:33.0728 0760 [ 777FC2C418465404E3D8A290DC247D24 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:39:33.0733 0760 RTL8167 - ok
15:39:33.0746 0760 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:39:33.0750 0760 SamSs - ok
15:39:33.0798 0760 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:39:33.0801 0760 sbp2port - ok
15:39:33.0836 0760 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:39:33.0844 0760 SCardSvr - ok
15:39:33.0890 0760 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:39:33.0892 0760 scfilter - ok
15:39:33.0959 0760 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:39:33.0981 0760 Schedule - ok
15:39:34.0027 0760 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:39:34.0029 0760 SCPolicySvc - ok
15:39:34.0054 0760 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:39:34.0057 0760 sdbus - ok
15:39:34.0103 0760 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:39:34.0111 0760 SDRSVC - ok
15:39:34.0147 0760 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:39:34.0149 0760 secdrv - ok
15:39:34.0201 0760 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:39:34.0206 0760 seclogon - ok
15:39:34.0232 0760 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:39:34.0238 0760 SENS - ok
15:39:34.0258 0760 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:39:34.0263 0760 SensrSvc - ok
15:39:34.0281 0760 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:39:34.0283 0760 Serenum - ok
15:39:34.0302 0760 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:39:34.0305 0760 Serial - ok
15:39:34.0320 0760 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:39:34.0322 0760 sermouse - ok
15:39:34.0370 0760 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:39:34.0377 0760 ServiceLayer - ok
15:39:34.0453 0760 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:39:34.0460 0760 SessionEnv - ok
15:39:34.0508 0760 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:39:34.0510 0760 sffdisk - ok
15:39:34.0534 0760 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:39:34.0536 0760 sffp_mmc - ok
15:39:34.0553 0760 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:39:34.0555 0760 sffp_sd - ok
15:39:34.0575 0760 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:39:34.0576 0760 sfloppy - ok
15:39:34.0638 0760 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:39:34.0646 0760 SharedAccess - ok
15:39:34.0680 0760 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:39:34.0691 0760 ShellHWDetection - ok
15:39:34.0718 0760 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:39:34.0721 0760 SiSRaid2 - ok
15:39:34.0748 0760 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:39:34.0751 0760 SiSRaid4 - ok
15:39:34.0800 0760 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:39:34.0802 0760 SkypeUpdate - ok
15:39:34.0829 0760 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:39:34.0832 0760 Smb - ok
15:39:34.0870 0760 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:39:34.0876 0760 SNMPTRAP - ok
15:39:34.0893 0760 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:39:34.0895 0760 spldr - ok
15:39:34.0951 0760 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:39:34.0962 0760 Spooler - ok
15:39:35.0079 0760 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:39:35.0119 0760 sppsvc - ok
15:39:35.0160 0760 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:39:35.0167 0760 sppuinotify - ok
15:39:35.0220 0760 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:39:35.0228 0760 srv - ok
15:39:35.0252 0760 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:39:35.0260 0760 srv2 - ok
15:39:35.0296 0760 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
15:39:35.0302 0760 SrvHsfHDA - ok
15:39:35.0345 0760 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
15:39:35.0369 0760 SrvHsfV92 - ok
15:39:35.0406 0760 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
15:39:35.0418 0760 SrvHsfWinac - ok
15:39:35.0461 0760 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:39:35.0465 0760 srvnet - ok
15:39:35.0498 0760 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:39:35.0507 0760 SSDPSRV - ok
15:39:35.0522 0760 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:39:35.0529 0760 SstpSvc - ok
15:39:35.0625 0760 [ B00068BA94F5F306911B14B425AAEB56 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
15:39:35.0629 0760 STacSV - ok
15:39:35.0665 0760 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:39:35.0667 0760 stexstor - ok
15:39:35.0694 0760 [ DA40D9C9CCB9836D6ABD1706935A2277 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:39:35.0702 0760 STHDA - ok
15:39:35.0764 0760 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:39:35.0779 0760 stisvc - ok
15:39:35.0830 0760 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:39:35.0831 0760 swenum - ok
15:39:35.0916 0760 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:39:35.0925 0760 SwitchBoard - ok
15:39:35.0962 0760 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:39:35.0976 0760 swprv - ok
15:39:36.0044 0760 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:39:36.0049 0760 SynTP - ok
15:39:36.0140 0760 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:39:36.0172 0760 SysMain - ok
15:39:36.0221 0760 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:39:36.0229 0760 TabletInputService - ok
15:39:36.0252 0760 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:39:36.0263 0760 TapiSrv - ok
15:39:36.0294 0760 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:39:36.0301 0760 TBS - ok
15:39:36.0389 0760 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:39:36.0419 0760 Tcpip - ok
15:39:36.0457 0760 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:39:36.0478 0760 TCPIP6 - ok
15:39:36.0505 0760 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:39:36.0507 0760 tcpipreg - ok
15:39:36.0533 0760 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:39:36.0535 0760 TDPIPE - ok
15:39:36.0589 0760 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:39:36.0591 0760 TDTCP - ok
15:39:36.0650 0760 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:39:36.0653 0760 tdx - ok
15:39:36.0712 0760 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:39:36.0714 0760 TermDD - ok
15:39:36.0791 0760 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:39:36.0807 0760 TermService - ok
15:39:36.0843 0760 [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
15:39:36.0845 0760 TFsExDisk - ok
15:39:36.0878 0760 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:39:36.0885 0760 Themes - ok
15:39:36.0917 0760 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:39:36.0921 0760 THREADORDER - ok
15:39:36.0941 0760 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:39:36.0949 0760 TrkWks - ok
15:39:37.0020 0760 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:39:37.0023 0760 TrustedInstaller - ok
15:39:37.0078 0760 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:37.0080 0760 tssecsrv - ok
15:39:37.0126 0760 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:39:37.0128 0760 TsUsbFlt - ok
15:39:37.0178 0760 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:39:37.0181 0760 tunnel - ok
15:39:37.0211 0760 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:39:37.0214 0760 uagp35 - ok
15:39:37.0268 0760 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:39:37.0275 0760 udfs - ok
15:39:37.0322 0760 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:39:37.0329 0760 UI0Detect - ok
15:39:37.0350 0760 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:39:37.0353 0760 uliagpkx - ok
15:39:37.0402 0760 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:39:37.0404 0760 umbus - ok
15:39:37.0427 0760 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:39:37.0429 0760 UmPass - ok
15:39:37.0549 0760 [ 765F2DD351BA064F657751D8D75E58C0 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
15:39:37.0573 0760 UNS - ok
15:39:37.0601 0760 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:39:37.0613 0760 upnphost - ok
15:39:37.0659 0760 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:39:37.0662 0760 USBAAPL64 - ok
15:39:37.0706 0760 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:39:37.0709 0760 usbccgp - ok
15:39:37.0753 0760 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:39:37.0757 0760 usbcir - ok
15:39:37.0776 0760 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:39:37.0778 0760 usbehci - ok
15:39:37.0797 0760 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:39:37.0803 0760 usbhub - ok
15:39:37.0818 0760 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:39:37.0820 0760 usbohci - ok
15:39:37.0854 0760 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:39:37.0857 0760 usbprint - ok
15:39:37.0882 0760 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:39:37.0884 0760 usbscan - ok
15:39:37.0936 0760 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:37.0939 0760 USBSTOR - ok
15:39:37.0957 0760 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:39:37.0960 0760 usbuhci - ok
15:39:37.0982 0760 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:39:37.0986 0760 usbvideo - ok
15:39:38.0020 0760 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:39:38.0027 0760 UxSms - ok
15:39:38.0078 0760 [ 49834961FCF5480F41496CE284E2B462 ] V0260VID C:\Windows\system32\DRIVERS\V0260Vid.sys
15:39:38.0083 0760 V0260VID - ok
15:39:38.0104 0760 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:39:38.0108 0760 VaultSvc - ok
15:39:38.0127 0760 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:39:38.0129 0760 vdrvroot - ok
15:39:38.0185 0760 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:39:38.0198 0760 vds - ok
15:39:38.0231 0760 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:38.0234 0760 vga - ok
15:39:38.0260 0760 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:39:38.0262 0760 VgaSave - ok
15:39:38.0317 0760 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:39:38.0322 0760 vhdmp - ok
15:39:38.0362 0760 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:39:38.0364 0760 viaide - ok
15:39:38.0382 0760 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:39:38.0384 0760 volmgr - ok
15:39:38.0433 0760 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:39:38.0439 0760 volmgrx - ok
15:39:38.0467 0760 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:39:38.0472 0760 volsnap - ok
15:39:38.0492 0760 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:39:38.0496 0760 vsmraid - ok
15:39:38.0616 0760 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:39:38.0638 0760 VSS - ok
15:39:38.0672 0760 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:39:38.0674 0760 vwifibus - ok
15:39:38.0709 0760 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:39:38.0712 0760 vwififlt - ok
15:39:38.0783 0760 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:39:38.0795 0760 W32Time - ok
15:39:38.0876 0760 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:39:38.0879 0760 WacomPen - ok
15:39:38.0917 0760 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:39:38.0920 0760 WANARP - ok
15:39:38.0937 0760 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:39:38.0939 0760 Wanarpv6 - ok
15:39:39.0016 0760 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:39:39.0034 0760 WatAdminSvc - ok
15:39:39.0122 0760 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:39:39.0150 0760 wbengine - ok
15:39:39.0199 0760 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:39:39.0208 0760 WbioSrvc - ok
15:39:39.0261 0760 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:39:39.0273 0760 wcncsvc - ok
15:39:39.0295 0760 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:39:39.0302 0760 WcsPlugInService - ok
15:39:39.0333 0760 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:39:39.0334 0760 Wd - ok
15:39:39.0399 0760 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:39:39.0411 0760 Wdf01000 - ok
15:39:39.0435 0760 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:39:39.0442 0760 WdiServiceHost - ok
15:39:39.0454 0760 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:39:39.0461 0760 WdiSystemHost - ok
15:39:39.0521 0760 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:39:39.0532 0760 WebClient - ok
15:39:39.0592 0760 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:39:39.0602 0760 Wecsvc - ok
15:39:39.0632 0760 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:39:39.0640 0760 wercplsupport - ok
15:39:39.0671 0760 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:39:39.0679 0760 WerSvc - ok
15:39:39.0708 0760 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:39:39.0710 0760 WfpLwf - ok
15:39:39.0735 0760 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:39:39.0738 0760 WIMMount - ok
15:39:39.0754 0760 WinDefend - ok
15:39:39.0779 0760 WinHttpAutoProxySvc - ok
15:39:39.0813 0760 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:39:39.0817 0760 Winmgmt - ok
15:39:39.0905 0760 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:39:39.0941 0760 WinRM - ok
15:39:39.0997 0760 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:39:39.0999 0760 WinUsb - ok
15:39:40.0040 0760 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:39:40.0058 0760 Wlansvc - ok
15:39:40.0170 0760 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:39:40.0194 0760 wlidsvc - ok
15:39:40.0241 0760 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:39:40.0242 0760 WmiAcpi - ok
15:39:40.0286 0760 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:39:40.0291 0760 wmiApSrv - ok
15:39:40.0320 0760 WMPNetworkSvc - ok
15:39:40.0344 0760 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:39:40.0351 0760 WPCSvc - ok
15:39:40.0405 0760 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:39:40.0413 0760 WPDBusEnum - ok
15:39:40.0441 0760 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:39:40.0443 0760 ws2ifsl - ok
15:39:40.0468 0760 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:39:40.0476 0760 wscsvc - ok
15:39:40.0486 0760 WSearch - ok
15:39:40.0585 0760 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:39:40.0627 0760 wuauserv - ok
15:39:40.0685 0760 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:39:40.0688 0760 WudfPf - ok
15:39:40.0704 0760 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:39:40.0709 0760 WUDFRd - ok
15:39:40.0746 0760 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:39:40.0754 0760 wudfsvc - ok
15:39:40.0796 0760 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:39:40.0806 0760 WwanSvc - ok
15:39:40.0912 0760 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:39:40.0919 0760 YahooAUService - ok
15:39:40.0959 0760 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
15:39:40.0966 0760 yukonw7 - ok
15:39:41.0025 0760 ================ Scan global ===============================
15:39:41.0064 0760 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:39:41.0110 0760 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:39:41.0125 0760 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
15:39:41.0140 0760 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:39:41.0170 0760 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:39:41.0177 0760 [Global] - ok
15:39:41.0178 0760 ================ Scan MBR ==================================
15:39:41.0190 0760 [ 4EFEF8B7FAB6C43E381B91862448A667 ] \Device\Harddisk0\DR0
15:39:41.0407 0760 \Device\Harddisk0\DR0 - ok
15:39:41.0408 0760 ================ Scan VBR ==================================
15:39:41.0412 0760 [ CFCFE52B3B8F379D7E2F3712BD65F4AE ] \Device\Harddisk0\DR0\Partition1
15:39:41.0414 0760 \Device\Harddisk0\DR0\Partition1 - ok
15:39:41.0422 0760 [ BA15120A1EBB46D2294D98403CEC8B49 ] \Device\Harddisk0\DR0\Partition2
15:39:41.0424 0760 \Device\Harddisk0\DR0\Partition2 - ok
15:39:41.0452 0760 [ DBAC66E05B268563BB37D98A48840F1F ] \Device\Harddisk0\DR0\Partition3
15:39:41.0454 0760 \Device\Harddisk0\DR0\Partition3 - ok
15:39:41.0474 0760 [ DB8AB8166F45B3CE85C56E0E8186C9D5 ] \Device\Harddisk0\DR0\Partition4
15:39:41.0475 0760 \Device\Harddisk0\DR0\Partition4 - ok
15:39:41.0476 0760 ============================================================
15:39:41.0476 0760 Scan finished
15:39:41.0476 0760 ============================================================
15:39:41.0491 3360 Detected object count: 0
15:39:41.0491 3360 Actual detected object count: 0

______________________________________________________________________________________________

MiniToolBox by Farbar Version: 25-11-2012
Ran by Mak (administrator) on 26-12-2012 at 15:42:07
Running from "C:\Users\Mak\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/23/2012 11:15:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Faulting module name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Exception code: 0xc0000005
Fault offset: 0x0000000000013088
Faulting process id: 0x96c
Faulting application start time: 0xSynTPEnh.exe0
Faulting application path: SynTPEnh.exe1
Faulting module path: SynTPEnh.exe2
Report Id: SynTPEnh.exe3

Error: (12/22/2012 08:42:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Faulting module name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Exception code: 0xc0000005
Fault offset: 0x0000000000013088
Faulting process id: 0x8f4
Faulting application start time: 0xSynTPEnh.exe0
Faulting application path: SynTPEnh.exe1
Faulting module path: SynTPEnh.exe2
Report Id: SynTPEnh.exe3

Error: (12/20/2012 03:26:41 PM) (Source: Application Hang) (User: )
Description: The program wlmail.exe version 15.4.3555.308 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1088

Start Time: 01cdde69ee905e7b

Termination Time: 0

Application Path: C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

Report Id: 6b00001d-4a5d-11e2-8bd3-001e101fb45e

Error: (11/30/2012 02:11:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: Updater.exe, version: 5.10.1.44067, time stamp: 0x5000146c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00bf00c4
Faulting process id: 0xaf8
Faulting application start time: 0xUpdater.exe0
Faulting application path: Updater.exe1
Faulting module path: Updater.exe2
Report Id: Updater.exe3

Error: (11/30/2012 02:13:53 AM) (Source: MsiInstaller) (User: Laptop)
Description: Product: Skype™ 5.10 -- A later version of Skype™ 5.10 is already installed.

Error: (11/25/2012 05:47:46 PM) (Source: RasClient) (User: )
Description: CoId={5782AEAB-8E87-4B24-8A41-0E6AEC0EFACC}: The user Laptop\Mak dialed a connection named virgin which has failed. The error code returned on failure is 633.

Error: (11/25/2012 05:47:42 PM) (Source: RasClient) (User: )
Description: CoId={56BF8704-97C3-43DC-9469-BD90EFE79274}: The user Laptop\Mak dialed a connection named virgin which has failed. The error code returned on failure is 633.

Error: (11/19/2012 05:28:13 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 12.0.0.4493 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f50

Start Time: 01cdc61e372d9ffb

Termination Time: 71

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 461e2bc1-3212-11e2-bf03-001e101f2500

Error: (11/15/2012 04:21:33 PM) (Source: Application Error) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Faulting module name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Exception code: 0xc0000005
Fault offset: 0x0000000000013088
Faulting process id: 0xadc
Faulting application start time: 0xSynTPEnh.exe0
Faulting application path: SynTPEnh.exe1
Faulting module path: SynTPEnh.exe2
Report Id: SynTPEnh.exe3

Error: (11/15/2012 11:44:14 AM) (Source: Application Error) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Faulting module name: SynTPEnh.exe, version: 15.3.29.0, time stamp: 0x4e97a6f5
Exception code: 0xc0000005
Fault offset: 0x0000000000013088
Faulting process id: 0xb0c
Faulting application start time: 0xSynTPEnh.exe0
Faulting application path: SynTPEnh.exe1
Faulting module path: SynTPEnh.exe2
Report Id: SynTPEnh.exe3


System errors:
=============
Error: (12/26/2012 00:41:13 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (12/26/2012 00:40:43 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (12/24/2012 10:55:07 AM) (Source: Microsoft-Windows-WHEA-Logger) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.

Reported by component: Processor Core
Error Source: 3
Error Type: 6
Processor ID: 0

The details view of this entry contains further information.

Error: (12/24/2012 10:54:36 AM) (Source: BugCheck) (User: )
Description: 0x00000124 (0x0000000000000000, 0xfffffa8007486028, 0x00000000ba000000, 0x0000000000400405)C:\Windows\MEMORY.DMP122412-18735-01

Error: (12/24/2012 10:54:27 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:52:30 AM on ?24/?12/?2012 was unexpected.

Error: (12/23/2012 01:21:51 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:39:53 AM on ?23/?12/?2012 was unexpected.

Error: (12/23/2012 11:34:13 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/23/2012 10:59:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB2753842).

Error: (12/23/2012 10:59:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2761465).

Error: (12/23/2012 10:59:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800f0816: Security Update for Windows 7 for x64-based Systems (KB2770660).


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-07-05 16:52:04.248
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-05 16:52:04.060
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-05 16:52:03.889
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-05 16:52:03.733
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-05 16:50:58.219
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-05 16:50:58.063
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-05 16:50:57.891
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-07-05 16:50:57.720
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-04-13 11:02:48.050
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-02-03 11:07:10.755
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system (Version: 12.0.6612.1000)
7-Zip 4.65
ACID Pro 7.0 (Version: 7.0.641)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Dreamweaver CS5 (Version: 11.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.5.502.110)
Adobe Illustrator CS5 (Version: 15.0)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.4.4 MUI (Version: 9.4.4)
Adobe Shockwave Player (Version: 11.5.1.601)
Agatha Christie - Death on the Nile (Version: 2.2.0.82)
AMP Font Viewer
Angry Birds Rio (Version: 1.2.2)
Angry Birds Seasons (Version: 2.1.0)
Angry Birds Space (Version: 1.0.0)
Antares Autotune VST v5.09
Any Video Converter 3.4.0
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.790.0)
µTorrent (Version: 2.0.3)
Audacity 1.3.12 (Unicode)
avast! Free Antivirus (Version: 7.0.1474.0)
Bejeweled 2 Deluxe (Version: 2.2.0.82)
Blackhawk Striker 2 (Version: 2.2.0.82)
Blasterball 3 (Version: 2.2.0.82)
Bonjour (Version: 3.0.0.10)
Bus Driver (Version: 2.2.0.82)
Canon Easy-PhotoPrint EX
Canon MOV Decoder (Version: 1.5.0.7)
Canon MOV Encoder (Version: 1.3.1.3)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.4.1.9)
Canon MP Navigator EX 4.0
Canon MP280 series MP Drivers
Canon My Printer
Canon Solution Menu EX
Canon Utilities Digital Photo Professional 3.8 (Version: 3.8.1.0)
Canon Utilities EOS Utility (Version: 2.8.1.0)
Canon Utilities PhotoStitch (Version: 3.1.22.46)
Canon Utilities Picture Style Editor (Version: 1.7.0.0)
Canon Utilities WFT Utility (Version: 3.5.1.1)
Canon Utilities ZoomBrowser EX (Version: 6.5.1.15)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.3.0.4)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0909.1412.23625)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0909.1412.23625)
Catalyst Control Center InstallProxy (Version: 2010.0122.858.16002)
Catalyst Control Center InstallProxy (Version: 2010.0909.1412.23625)
Catalyst Control Center Localization All (Version: 2010.0909.1412.23625)
ccc-core-static (Version: 2010.0909.1412.23625)
ccc-utility64 (Version: 2010.0909.1412.23625)
CCC Help Chinese Standard (Version: 2010.0909.1411.23625)
CCC Help Chinese Traditional (Version: 2010.0909.1411.23625)
CCC Help Czech (Version: 2010.0909.1411.23625)
CCC Help Danish (Version: 2010.0909.1411.23625)
CCC Help Dutch (Version: 2010.0909.1411.23625)
CCC Help English (Version: 2010.0909.1411.23625)
CCC Help Finnish (Version: 2010.0909.1411.23625)
CCC Help French (Version: 2010.0909.1411.23625)
CCC Help German (Version: 2010.0909.1411.23625)
CCC Help Greek (Version: 2010.0909.1411.23625)
CCC Help Hungarian (Version: 2010.0909.1411.23625)
CCC Help Italian (Version: 2010.0909.1411.23625)
CCC Help Japanese (Version: 2010.0909.1411.23625)
CCC Help Korean (Version: 2010.0909.1411.23625)
CCC Help Norwegian (Version: 2010.0909.1411.23625)
CCC Help Polish (Version: 2010.0909.1411.23625)
CCC Help Portuguese (Version: 2010.0909.1411.23625)
CCC Help Russian (Version: 2010.0909.1411.23625)
CCC Help Spanish (Version: 2010.0909.1411.23625)
CCC Help Swedish (Version: 2010.0909.1411.23625)
CCC Help Thai (Version: 2010.0909.1411.23625)
CCC Help Turkish (Version: 2010.0909.1411.23625)
CCleaner (Version: 2.34)
Chuzzle Deluxe (Version: 2.2.0.82)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Combined Community Codec Pack 2009-09-09 (Version: 2009.09.09.0)
COMODO Internet Security (Version: 4.1.19277.920)
Core FTP LE 2.1
Creative Live! Cam Vista IM Driver (1.11.02.00)
CyberLink DVD Suite (Version: 7.0.2527)
D3DX10 (Version: 15.4.2368.0902)
DFX for Windows Media Player (Version: 9.304.0.0)
DiskAid 5.14 (Version: 5.14)
DivX Setup (Version: 2.3.0.20)
Dora's Carnival Adventure (Version: 2.2.0.82)
DVD Menu Pack for HP MediaSmart Video (Version: 4.0.3715)
Dziobas Rar Player 0.009.51
Easy Button & Menu Maker 2.1 (Version: 2.1)
EasyRotator Wizard (Version: 1.0.85)
Escape Rosecliff Island (Version: 2.2.0.82)
ESU for Microsoft Windows 7 (Version: 1.0.0)
Faerie Solitaire (Version: 2.2.0.82)
FAQGenie 1.3.1
FATE (Version: 2.2.0.82)
FileZilla Client 3.5.2 (Version: 3.5.2)
Freecorder 5 (Version: 5.11)
Google Chrome (Version: 23.0.1271.97)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.4.10144.3282)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP DVB-T TV Tuner 8.0.64.43 (Version: 8.0.64.43)
HP Games (Version: 1.0.2.5)
HP MediaSmart DVD (Version: 4.0.3727)
HP MediaSmart Internet TV (Version: 3.2.2513)
HP MediaSmart Movies and TV (Version: 1.0.0.10)
HP MediaSmart Music (Version: 4.0.3722)
HP MediaSmart Photo (Version: 4.0.3722)
HP MediaSmart SmartMenu (Version: 3.1.1.12)
HP MediaSmart Video (Version: 4.0.3722)
HP MediaSmart Webcam (Version: 4.0.2511)
HP Photo Creations (Version: 1.0.0.2261)
HP Quick Launch (Version: 1.0.18)
HP QuickWeb Installer (Version: 1.2.9.1)
HP Setup (Version: 1.2.3988.3281)
HP Software Framework (Version: 4.1.6.1)
HP Support Assistant (Version: 6.1.12.1)
HP Tone Control (Version: 2.0.2)
HP Update (Version: 5.001.000.014)
HP User Guides 0176 (Version: 1.01.0000)
HP Wireless Assistant (Version: 4.0.3.2)
IDT Audio (Version: 1.0.6292.0)
Image Resizer Powertoy Clone for Windows (64 bit) (Version: 2.1)
ImgBurn (Version: 2.5.6.0)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.2.1001)
Intel® Turbo Boost Technology Driver (Version: 01.00.01.1002)
iTunes (Version: 10.7.0.21)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 29 (Version: 6.0.290)
Jewel Quest 3 (Version: 2.2.0.82)
JPEG to PDF 1.0
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2515)
LightScribe System Software (Version: 1.18.16.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.1.54.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 1.00.0000)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Miro Video Converter (Version: 0.8.0)
Movie Theme Pack for HP MediaSmart Video (Version: 4.0.3715)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
Mp3tag v2.49 (Version: v2.49)
MSN Toolbar Platform (Version: 4.0.0369.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetTransport 2.96c.620
ninemsn Toolbar (Version: 4.0.0369.0)
OpenOffice.org 3.2 (Version: 3.2.9502)
Optus Mobile Broadband (Version: 16.002.10.01.432)
PC Connectivity Solution (Version: 8.15.0.0)
PDF Settings CS5 (Version: 10.0)
Penguins! (Version: 2.2.0.82)
Photo Story 3 for Windows (Version: 3.0.1115.11)
PhotoFilmStrip 1.5.0 (Version: 1.5.0)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.82)
Poker Superstars III (Version: 2.2.0.82)
Polar Bowler (Version: 2.2.0.82)
Polar Golfer (Version: 2.2.0.82)
Power2Go (Version: 6.1.3715)
PowerDirector (Version: 8.0.2514)
PX Profile Update (Version: 1.00.1.)
QuickTime (Version: 7.69.80.9)
Real Alternative 2.0.2 (Version: 2.0.2)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.11.1127.2009)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30111)
Recovery Manager (Version: 5.5.2512)
Replay Video Capture (Version: 4.2)
Safari (Version: 5.34.57.2)
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio (Version: 1.00.0000)
Samsung New PC Studio USB Driver Installer (Version: 1.00.0000)
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver (Version: 6.83.6.2.1)
Skype™ 5.10 (Version: 5.10.116)
SoftStylus (Version: 2.2.126.2)
SpywareBlaster 4.6 (Version: 4.6.0)
Synaptics Pointing Device Driver (Version: 15.3.29.0)
TMPGEnc 4.0 XPress (Version: 4.7.7.307)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
UScreenCapture (x64) (Version: 2.0.0)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Virtual DJ - Atomix Productions
Virtual Families (Version: 2.2.0.82)
Virtual Villagers - The Secret City (Version: 2.2.0.82)
VirtualDJ Home FREE (Version: 7.0.5)
VLC media player 2.0.3 (Version: 2.0.3)
VobSub v2.23 (Remove Only)
VST Bridge 1.1
Weeny Free PDF Merger 1.0
WildTangent Games App (HP Games) (Version: 4.0.5.14)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) (Version: 10/12/2007 6.85.4.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WordBiz version 1.8 (Version: 1.8)
Yahoo! Detect
Yahoo! Messenger
Yahoo! Software Update
Yahoo!7 Toolbar
Zuma's Revenge (Version: 2.2.0.82)
Zuma's Revenge! (Version: 1.0)
Zuma Deluxe (Version: 2.2.0.95)
Zuma Deluxe RA

========================= Devices: ================================

========================= Restore Points ==================================

28-11-2012 15:02:49 Windows Update
29-11-2012 15:12:53 Installed Skype™ 5.10
29-11-2012 15:14:39 Removed Skype™ 6.0
29-11-2012 15:15:33 Installed Skype™ 5.10
10-12-2012 02:20:05 Scheduled Checkpoint
17-12-2012 02:46:55 Scheduled Checkpoint
22-12-2012 09:32:43 Windows Update
23-12-2012 00:12:23 Windows Update

**** End of log ****

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 26 December 2012 - 06:28 AM

Hi mak,

Well done.

We see no sign of malware. There are a couple of random errors, no consistency in them. We do some routine maintenance and wait for the next BSOD. The following scans might take a while.

  • Please download AdwCleaner and save it to your desktop.
    • Close all open programs.
    • Double click on AdwCleaner.exe to run it.
    • Click on Delete and confirm the prompt.
    • After it is finished the computer will be restarted. A text file will open after the restart.
    • Please post the content of that log to your reply.
    • A copy of the log will be saved at C:\AdwCleaner[S1].txt.
  • You may download both x32 and x64 versions of Java from http://www.java.com/en/download/manual.jsp

    Uninstall the following older Java:

    Java™ 6 Update 17
    Java™ 6 Update 20
    Java™ 6 Update 29
    Java 7 Update 9


    Then install the downloaded Java versions.
  • To Clear the Java Runtime Environment (JRE) cache, do this:
    • Click Start > Settings > Control Panel.
    • Double-click the Java icon.
      -The Java Control Panel appears.
    • Click "Settings" under Temporary Internet Files.
      -The Temporary Files Settings dialog box appears.
    • Click "Delete Files".
      -The Delete Temporary Files dialog box appears.
      -There are three options on this window to clear the cache.
    • Make sure all the options are checked.
    • Click "OK" on Delete Temporary Files window.
      -Note: This deletes all the Downloaded Applications and Applets from the cache.
    • Click "OK" on Temporary Files Settings window.
    • Close the Java Control Panel.
    You can also view these instructions along with screenshots here.
  • Run CCleaner (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked except for saved passwords.
    Under Application tab all the boxes could be checked except any option to remove saved passwords.
  • Run command Prompt as Administrator. To do that:
    Go to Start and type cmd.exe in the Search box.
    It gives you cmd.exe in the upper part. Right-click cmd.exe and select "Run As Administrator".
    Copy the following command, right-click in the open Command prompt window and select Paste:

    sfc /scannow

    Press Enter. Wait until the scan is done.
  • Please follow the instruction on How to use CHKDSK and use the graphical method to schedule a scan. Restart and let the scan to be run fully.
  • Defragment your hard drive:
    • Go to start. Select All Programs.
    • Click Accessories then System Tools.
    • Click Disk Defragmenter.
    • Select derive C and click Defragment disk.


#7 this is mak

this is mak
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 27 December 2012 - 12:35 AM

Hey Farbar,

Followed all of your instructions...

sfc/scannow came back with: Windows Resource Protection did not find any integrity violtaions.


# AdwCleaner v2.103 - Logfile created 12/27/2012 at 10:56:10
# Updated 25/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Mak - LAPTOP
# Boot Mode : Normal
# Running from : C:\Users\Mak\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\Mak\AppData\Local\Conduit
Folder Deleted : C:\Users\Mak\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Mak\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mak\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\CT1060933
Folder Deleted : C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}
Folder Deleted : C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (en-US)

File : C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\prefs.js

C:\Users\Mak\AppData\Roaming\Mozilla\Firefox\Profiles\5iuexxwd.default\user.js ... Deleted !

Deleted : user_pref("CT1060933.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT1060933.1000082.state", "{\"state\":\"stopped\",\"text\":\"KFOG\",\"description\":\"KFO[...]
Deleted : user_pref("CT1060933.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT1060933.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT1060933.FirstTime", "true");
Deleted : user_pref("CT1060933.FirstTimeFF3", "true");
Deleted : user_pref("CT1060933.UserID", "UN46392766533566154");
Deleted : user_pref("CT1060933.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT1060933.autoDisableScopes", -1);
Deleted : user_pref("CT1060933.cb_experience_000", "1");
Deleted : user_pref("CT1060933.cbcountry_001", "AU");
Deleted : user_pref("CT1060933.cbfirsttime", "Fri Jul 27 2012 09:55:51 GMT+1000 (AUS Eastern Standard Time)");
Deleted : user_pref("CT1060933.defaultSearch", "false");
Deleted : user_pref("CT1060933.embeddedsData", "[{\"appId\":\"128280995260143876\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT1060933.enableAlerts", "false");
Deleted : user_pref("CT1060933.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT1060933.firstTimeDialogOpened", "true");
Deleted : user_pref("CT1060933.fixPageNotFoundError", "true");
Deleted : user_pref("CT1060933.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT1060933.fixUrls", true);
Deleted : user_pref("CT1060933.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT1060933.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT1060933.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT1060933.isNewTabEnabled", true);
Deleted : user_pref("CT1060933.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT1060933.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT1060933.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Deleted : user_pref("CT1060933.openThankYouPage", "false");
Deleted : user_pref("CT1060933.openUninstallPage", "true");
Deleted : user_pref("CT1060933.search.searchAppId", "128280995260143876");
Deleted : user_pref("CT1060933.search.searchCount", "1");
Deleted : user_pref("CT1060933.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT1060933.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT1060933.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT1060933.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT1060933.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT1060933.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT1060933.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1343346945113");
Deleted : user_pref("CT1060933.serviceLayer_services_appTracking_lastUpdate", "1343346949075");
Deleted : user_pref("CT1060933.serviceLayer_services_appsMetadata_lastUpdate", "1343883101082");
Deleted : user_pref("CT1060933.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1343346948047");
Deleted : user_pref("CT1060933.serviceLayer_services_login_10.10.20.14_lastUpdate", "1345798454500");
Deleted : user_pref("CT1060933.serviceLayer_services_login_10.10.27.6_lastUpdate", "1348493089348");
Deleted : user_pref("CT1060933.serviceLayer_services_optimizer_lastUpdate", "1343346945402");
Deleted : user_pref("CT1060933.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1343346948136");
Deleted : user_pref("CT1060933.serviceLayer_services_searchAPI_lastUpdate", "1343883101578");
Deleted : user_pref("CT1060933.serviceLayer_services_serviceMap_lastUpdate", "1348493088327");
Deleted : user_pref("CT1060933.serviceLayer_services_toolbarContextMenu_lastUpdate", "1343346947990");
Deleted : user_pref("CT1060933.serviceLayer_services_toolbarSettings_lastUpdate", "1348493088482");
Deleted : user_pref("CT1060933.serviceLayer_services_translation_lastUpdate", "1348493088799");
Deleted : user_pref("CT1060933.settingsINI", true);
Deleted : user_pref("CT1060933.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT1060933.smartbar.CTID", "CT1060933");
Deleted : user_pref("CT1060933.smartbar.Uninstall", "0");
Deleted : user_pref("CT1060933.smartbar.isHidden", true);
Deleted : user_pref("CT1060933.smartbar.toolbarName", "Freecorder ");
Deleted : user_pref("CT1060933.startPage", "false");
Deleted : user_pref("CT1060933.toolbarBornServerTime", "27-7-2012");
Deleted : user_pref("CT1060933.toolbarCurrentServerTime", "24-9-2012");
Deleted : user_pref("CT1060933.toolbarDisabled", "true");
Deleted : user_pref("CT1060933.url_history0001", "hxxp://soundcloud.com/search?q%5Bfulltext%5D=roisin+crookers[...]

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Mak\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7648 octets] - [27/12/2012 10:56:10]

########## EOF - C:\AdwCleaner[S1].txt - [7708 octets] ##########

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 27 December 2012 - 05:08 AM

Hi mak,

Well done. Now work with the computer a couple of days to see how it performs and let me know if you got any BSOD. Please post back after a couple of days as we need to round off and clean the tools properly.

#9 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 05 January 2013 - 07:16 PM

I have not heard from you a while. I wonder if the time is come to round off.

#10 this is mak

this is mak
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 06 January 2013 - 07:32 PM

Hi Farbar,

Thanks for checking in with me... I have not had any more blue screens since I started this thread.
Let me know if there is anything else I should do. Thanks!

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 06 January 2013 - 08:00 PM

Hi mak,

It looks good and you are good to go. :thumbup2:

  • Please delete FRST tool as we don't need it any more. Also go to C:\FRST and delete the entire FRST folder.
  • You may delete any tool or log we used from your computer.
  • Remove the old restore points and create a new restore point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Setting a new restore point AFTER cleaning your system will enable your computer to "roll-back" to a clean working state if needed. :
  • Go to Start => Right-click "Computer" and select "Properties".
  • In the left pane select "System Protection".
  • Press "Configure".
  • Select "Delete". Then press "Continue" close and "OK".
  • Select your drive (drive C) and press "Create".
    Fill in a name for the restore point and press "Create".
    After finished press "Close".
Recommendations:
  • I recommend using Site Advisor for safe surfing. It is a free extension both for Internet Explorer and Firefox. When you search a site it gives you an indication of how safe a site is.
  • I recommend installing this small application for safe surfing: Javacools© SpywareBlaster
    SpywareBlaster will add a large list of programs and sites into your Internet Explorer and Firefox settings and that will protect you from running and downloading known malicious programs.
  • Download and install it.
  • Update it manually by clicking on Updates in the left pane and then Check for Updates.
  • Then enable all the protections by clicking on Protection Status on the left pane. Then click on Enable All Protection.
  • The free version doesn't have an automatic update. Update it once in two or three weeks and enable all protection again.
Happy Surfing mak.:)

#12 this is mak

this is mak
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 06 January 2013 - 08:03 PM

Thanks a lot Farbar!
Really appreciate the help and advice :)
All the best.

#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 06 January 2013 - 08:06 PM

You are most welcome mak. :)

This thread will now be closed since the issue seems to be resolved.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.

#14 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,730 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:12:10 PM

Posted 08 January 2013 - 09:40 PM

Topic reopened.

Hi Farbar, you helped me out on a BSOD topic. We just closed the topic yesterday, but I just got another BSOD... I did not have a chance to remove the old restore points before the new BSOD happened.

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 3081

Additional information about the problem:
BCCode: 124
BCP1: 0000000000000000
BCP2: FFFFFA800709C028
BCP3: 00000000BA000000
BCP4: 0000000000400405
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\010913-18252-01.dmp
C:\Users\Mak\AppData\Local\Temp\WER-49873-0.sysdata.xml


Hi mak,

We need to take a look at the mini dump file.

Click on this link: http://www.bleepingcomputer.com/submit-malware.php?channel=66
  • Click Browse... and navigate to C:\Windows\Minidump\010913-18252-01.dmp.
  • Highlight the file and click Open.
  • Click Send File.


#15 this is mak

this is mak
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 09 January 2013 - 07:05 PM

Thanks for re-opening Farbar ;)

Have sent through the dump file as requested.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users