Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please I need you miracle workers desperately.


  • Please log in to reply
21 replies to this topic

#1 octagonproplex

octagonproplex

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 January 2013 - 06:25 PM

First off thank God for you guys. You've saved me before in the past and I hope you can again.

I have Microsoft Security Essentials (curently not working to give live protection). Additioanlly I have SpywareBlaster and MalwareBytes.

I'm working on Windows 7. I beleive it is 64 bit. My computer is a cheap emachines desktop I got from WalMart two years agoand unfortunately NO it did NOT come with a Windows boot disc. I'm quite sure I need to uninstall and reinstall java and probably adobe too. But I'm nearly computer illiterate and want your sage advise before potentailly messing up my computert worse.

For the past couple of months I haven't been able to use online secunia to check for outdated progames (or whatever) because java wouldn't load.. So, that makes me beleive my java must have had a problem. Unfortualy I was not pro-active in resolving it like I should have been simply due to my incompetance with computers. My confidence in these type of things is extremely low, but I CAN follow direction.

A couple of nights ago my computer restarted itself on its own and could not startup windows properly. Upon trying again It then went to some wondows repair thing which after scanning for solutions said it could do anything and also the system restore point thing could not find any saved restore points. I unplugged all my external devised from the machine, gave it a gentle wack and prayed, lol. It did finally start up. It was working fine until some hours later adobe started trying to want to be undated and would not stop popping up. I kept closing it because I felt it may be bogus. Then next thing I know one of those bogus virus detectors things pops up and starts going wild. So I immediately shut down my computer. Once I tried to restart, Windows once again would not start up. So I am now in safemode with networking.

My audio is not working currently and Microsoft Security Essentails is not providing live protections and I cannot turn either on. I ran a full scan with MalwareBytes and it detected 9 problems which I had it remove (or clean or whatever the term is). I hope I did not do wrong...

MSE DETECTS THE BOGUS ANTI-VIRUS PROGRAM AS:

TroganDropper:Win32/Sirefef.gen!A...Severe...01/10/2013 03:08 PM....Removed
Trogan:Win32.Sirefef!cfg............Severe...01/10/2013 03:08 PM....Removed
Trogan: Win64/Sirefef.AF............Severe...01/10/2013 03:08 PM....Removed
TroganDropper:Win32/Sirefef.gen!A...Severe...01/10/2013 03:08 PM....Removed
Trogan:Win64/Sirefef>AF.............Severe...01/10/2013 03:07 PM....Removed

MSE ADDITIONAL DETECTIONS:

Exploit:HTML/IframRef.Z.............Severe...01/10/2013 12:04 PM....Removed
Explit:HTML/IframRef.Z..............Severe...01/07/2013 12:36 PM....Removed
Exploit:JS/Blacole.GB...............Severe...01/07/2013 10:16 PM....Removed
Exploit:JS/Blacole.GB...............Severe...01/05/2013 10:28 PM....Removed
Togan:Win32/Merefrop................Severe...01/02/2013 09:56 PM....Removed
Exploit:HTML/IframRef.Z.............Severe...12/29/2012 11:47 PM....Removed
Exploit:HTML/IframRef.Z.............Severe...12/29/2012 11:07 PM....Removed

So, before I proceed any further I want you to walk me through what to do please. I can post logs or whatever, just tell me what to do. Thank you guys so much, you've saved me before and I really cannot express how thankful I am to you. I am currently unemployed and money is very tight and you are really my only option.

Edited by octagonproplex, 11 January 2013 - 07:27 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:30 AM

Posted 11 January 2013 - 07:36 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 January 2013 - 09:33 PM

TDSSKiller Log:

18:29:21.0427 1724 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:29:22.0051 1724 ============================================================
18:29:22.0051 1724 Current date / time: 2013/01/11 18:29:22.0051
18:29:22.0051 1724 SystemInfo:
18:29:22.0051 1724
18:29:22.0051 1724 OS Version: 6.1.7601 ServicePack: 1.0
18:29:22.0051 1724 Product type: Workstation
18:29:22.0051 1724 ComputerName: HOME-PC
18:29:22.0051 1724 UserName: HOME
18:29:22.0051 1724 Windows directory: C:\Windows
18:29:22.0051 1724 System windows directory: C:\Windows
18:29:22.0051 1724 Running under WOW64
18:29:22.0051 1724 Processor architecture: Intel x64
18:29:22.0051 1724 Number of processors: 1
18:29:22.0051 1724 Page size: 0x1000
18:29:22.0051 1724 Boot type: Safe boot with network
18:29:22.0051 1724 ============================================================
18:29:22.0925 1724 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:29:22.0940 1724 Drive \Device\Harddisk1\DR1 - Size: 0x2BA9F400000 (2794.49 Gb), SectorSize: 0x1000, Cylinders: 0xB21F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:29:39.0975 1724 ============================================================
18:29:39.0975 1724 \Device\Harddisk0\DR0:
18:29:39.0975 1724 MBR partitions:
18:29:39.0975 1724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1800800, BlocksNum 0x32000
18:29:39.0975 1724 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x38B53030
18:29:39.0975 1724 \Device\Harddisk1\DR1:
18:29:39.0975 1724 MBR partitions:
18:29:39.0975 1724 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BA9F300
18:29:39.0975 1724 ============================================================
18:29:40.0007 1724 C: <-> \Device\Harddisk0\DR0\Partition2
18:29:40.0038 1724 E: <-> \Device\Harddisk1\DR1\Partition1
18:29:40.0038 1724 ============================================================
18:29:40.0038 1724 Initialize success
18:29:40.0038 1724 ============================================================
18:30:11.0753 1772 ============================================================
18:30:11.0753 1772 Scan started
18:30:11.0753 1772 Mode: Manual; TDLFS;
18:30:11.0753 1772 ============================================================
18:30:12.0377 1772 ================ Scan system memory ========================
18:30:12.0377 1772 System memory - ok
18:30:12.0377 1772 ================ Scan services =============================
18:30:12.0533 1772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:30:12.0533 1772 1394ohci - ok
18:30:12.0595 1772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:30:12.0595 1772 ACPI - ok
18:30:12.0642 1772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:30:12.0642 1772 AcpiPmi - ok
18:30:12.0782 1772 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:30:12.0782 1772 AdobeARMservice - ok
18:30:12.0891 1772 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:30:12.0891 1772 AdobeFlashPlayerUpdateSvc - ok
18:30:12.0923 1772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:30:12.0923 1772 adp94xx - ok
18:30:12.0938 1772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:30:12.0954 1772 adpahci - ok
18:30:12.0969 1772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:30:12.0969 1772 adpu320 - ok
18:30:12.0985 1772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:30:13.0001 1772 AeLookupSvc - ok
18:30:13.0063 1772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:30:13.0063 1772 AFD - ok
18:30:13.0125 1772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:30:13.0125 1772 agp440 - ok
18:30:13.0157 1772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:30:13.0157 1772 ALG - ok
18:30:13.0188 1772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:30:13.0188 1772 aliide - ok
18:30:13.0250 1772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:30:13.0250 1772 amdide - ok
18:30:13.0266 1772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:30:13.0266 1772 AmdK8 - ok
18:30:13.0281 1772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:30:13.0281 1772 AmdPPM - ok
18:30:13.0344 1772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:30:13.0344 1772 amdsata - ok
18:30:13.0375 1772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:30:13.0375 1772 amdsbs - ok
18:30:13.0391 1772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:30:13.0391 1772 amdxata - ok
18:30:13.0453 1772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:30:13.0453 1772 AppID - ok
18:30:13.0469 1772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:30:13.0469 1772 AppIDSvc - ok
18:30:13.0515 1772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:30:13.0515 1772 Appinfo - ok
18:30:13.0656 1772 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:30:13.0656 1772 Apple Mobile Device - ok
18:30:13.0671 1772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:30:13.0671 1772 arc - ok
18:30:13.0687 1772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:30:13.0687 1772 arcsas - ok
18:30:13.0718 1772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:30:13.0718 1772 AsyncMac - ok
18:30:13.0765 1772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:30:13.0765 1772 atapi - ok
18:30:13.0843 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:30:13.0843 1772 AudioEndpointBuilder - ok
18:30:13.0859 1772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:30:13.0859 1772 AudioSrv - ok
18:30:13.0952 1772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:30:13.0952 1772 AxInstSV - ok
18:30:13.0968 1772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:30:13.0983 1772 b06bdrv - ok
18:30:13.0999 1772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:30:13.0999 1772 b57nd60a - ok
18:30:14.0030 1772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:30:14.0030 1772 BDESVC - ok
18:30:14.0046 1772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:30:14.0046 1772 Beep - ok
18:30:14.0124 1772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:30:14.0124 1772 BFE - ok
18:30:14.0202 1772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:30:14.0249 1772 BITS - ok
18:30:14.0264 1772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:30:14.0264 1772 blbdrive - ok
18:30:14.0373 1772 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:30:14.0389 1772 Bonjour Service - ok
18:30:14.0436 1772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:30:14.0436 1772 bowser - ok
18:30:14.0451 1772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:30:14.0451 1772 BrFiltLo - ok
18:30:14.0467 1772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:30:14.0467 1772 BrFiltUp - ok
18:30:14.0514 1772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:30:14.0529 1772 Browser - ok
18:30:14.0545 1772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:30:14.0545 1772 Brserid - ok
18:30:14.0561 1772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:30:14.0576 1772 BrSerWdm - ok
18:30:14.0592 1772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:30:14.0592 1772 BrUsbMdm - ok
18:30:14.0607 1772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:30:14.0607 1772 BrUsbSer - ok
18:30:14.0623 1772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:30:14.0623 1772 BTHMODEM - ok
18:30:14.0670 1772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:30:14.0670 1772 bthserv - ok
18:30:14.0685 1772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:30:14.0685 1772 cdfs - ok
18:30:14.0763 1772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:30:14.0763 1772 cdrom - ok
18:30:14.0826 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:30:14.0826 1772 CertPropSvc - ok
18:30:14.0857 1772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:30:14.0857 1772 circlass - ok
18:30:14.0888 1772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:30:14.0888 1772 CLFS - ok
18:30:14.0935 1772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:30:14.0951 1772 clr_optimization_v2.0.50727_32 - ok
18:30:14.0982 1772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:30:14.0982 1772 clr_optimization_v2.0.50727_64 - ok
18:30:15.0044 1772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:30:15.0044 1772 clr_optimization_v4.0.30319_32 - ok
18:30:15.0075 1772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:30:15.0091 1772 clr_optimization_v4.0.30319_64 - ok
18:30:15.0107 1772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:30:15.0122 1772 CmBatt - ok
18:30:15.0122 1772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:30:15.0122 1772 cmdide - ok
18:30:15.0200 1772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:30:15.0200 1772 CNG - ok
18:30:15.0216 1772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:30:15.0216 1772 Compbatt - ok
18:30:15.0278 1772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:30:15.0278 1772 CompositeBus - ok
18:30:15.0294 1772 COMSysApp - ok
18:30:15.0309 1772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:30:15.0309 1772 crcdisk - ok
18:30:15.0387 1772 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:30:15.0387 1772 CryptSvc - ok
18:30:15.0543 1772 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:30:15.0559 1772 cvhsvc - ok
18:30:15.0621 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:30:15.0637 1772 DcomLaunch - ok
18:30:15.0668 1772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:30:15.0668 1772 defragsvc - ok
18:30:15.0731 1772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:30:15.0731 1772 DfsC - ok
18:30:15.0793 1772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:30:15.0809 1772 Dhcp - ok
18:30:15.0824 1772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:30:15.0824 1772 discache - ok
18:30:15.0840 1772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:30:15.0840 1772 Disk - ok
18:30:15.0902 1772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:30:15.0902 1772 Dnscache - ok
18:30:15.0949 1772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:30:15.0949 1772 dot3svc - ok
18:30:16.0011 1772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:30:16.0011 1772 DPS - ok
18:30:16.0043 1772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:30:16.0043 1772 drmkaud - ok
18:30:16.0105 1772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:30:16.0121 1772 DXGKrnl - ok
18:30:16.0136 1772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:30:16.0136 1772 EapHost - ok
18:30:16.0199 1772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:30:16.0245 1772 ebdrv - ok
18:30:16.0323 1772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:30:16.0323 1772 EFS - ok
18:30:16.0339 1772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:30:16.0355 1772 ehRecvr - ok
18:30:16.0386 1772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:30:16.0386 1772 ehSched - ok
18:30:16.0417 1772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:30:16.0417 1772 elxstor - ok
18:30:16.0479 1772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:30:16.0479 1772 ErrDev - ok
18:30:16.0511 1772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:30:16.0526 1772 EventSystem - ok
18:30:16.0542 1772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:30:16.0542 1772 exfat - ok
18:30:16.0573 1772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:30:16.0573 1772 fastfat - ok
18:30:16.0635 1772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:30:16.0651 1772 Fax - ok
18:30:16.0667 1772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:30:16.0667 1772 fdc - ok
18:30:16.0682 1772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:30:16.0682 1772 fdPHost - ok
18:30:16.0698 1772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:30:16.0698 1772 FDResPub - ok
18:30:16.0713 1772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:30:16.0729 1772 FileInfo - ok
18:30:16.0745 1772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:30:16.0745 1772 Filetrace - ok
18:30:16.0760 1772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:30:16.0760 1772 flpydisk - ok
18:30:16.0823 1772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:30:16.0823 1772 FltMgr - ok
18:30:16.0901 1772 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:30:16.0916 1772 FontCache - ok
18:30:16.0979 1772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:30:16.0979 1772 FontCache3.0.0.0 - ok
18:30:17.0057 1772 [ 52B58A46BEEFB238C580B69FD051CB5B ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
18:30:17.0057 1772 ForceWare Intelligent Application Manager (IAM) - ok
18:30:17.0088 1772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:30:17.0088 1772 FsDepends - ok
18:30:17.0135 1772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:30:17.0135 1772 Fs_Rec - ok
18:30:17.0213 1772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:30:17.0213 1772 fvevol - ok
18:30:17.0228 1772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:30:17.0244 1772 gagp30kx - ok
18:30:17.0291 1772 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
18:30:17.0291 1772 GameConsoleService - ok
18:30:17.0337 1772 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:30:17.0337 1772 GEARAspiWDM - ok
18:30:17.0384 1772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:30:17.0400 1772 gpsvc - ok
18:30:17.0431 1772 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
18:30:17.0431 1772 GREGService - ok
18:30:17.0603 1772 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:30:17.0618 1772 gupdate - ok
18:30:17.0634 1772 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:30:17.0634 1772 gupdatem - ok
18:30:17.0649 1772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:30:17.0649 1772 hcw85cir - ok
18:30:17.0727 1772 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:30:17.0727 1772 HdAudAddService - ok
18:30:17.0759 1772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:30:17.0759 1772 HDAudBus - ok
18:30:17.0774 1772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:30:17.0774 1772 HidBatt - ok
18:30:17.0790 1772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:30:17.0790 1772 HidBth - ok
18:30:17.0805 1772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:30:17.0805 1772 HidIr - ok
18:30:17.0821 1772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:30:17.0821 1772 hidserv - ok
18:30:17.0852 1772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:30:17.0852 1772 HidUsb - ok
18:30:17.0915 1772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:30:17.0915 1772 hkmsvc - ok
18:30:17.0977 1772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:30:17.0977 1772 HomeGroupListener - ok
18:30:18.0039 1772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:30:18.0039 1772 HomeGroupProvider - ok
18:30:18.0102 1772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:30:18.0102 1772 HpSAMD - ok
18:30:18.0164 1772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:30:18.0180 1772 HTTP - ok
18:30:18.0242 1772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:30:18.0242 1772 hwpolicy - ok
18:30:18.0305 1772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:30:18.0320 1772 i8042prt - ok
18:30:18.0383 1772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:30:18.0383 1772 iaStorV - ok
18:30:18.0429 1772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:30:18.0429 1772 idsvc - ok
18:30:18.0445 1772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:30:18.0445 1772 iirsp - ok
18:30:18.0476 1772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:30:18.0492 1772 IKEEXT - ok
18:30:18.0570 1772 [ 2E3B99E8C23BE2BF32EBE1DB5261F275 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:30:18.0601 1772 IntcAzAudAddService - ok
18:30:18.0663 1772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:30:18.0663 1772 intelide - ok
18:30:18.0695 1772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:30:18.0695 1772 intelppm - ok
18:30:18.0726 1772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:30:18.0726 1772 IPBusEnum - ok
18:30:18.0788 1772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:30:18.0788 1772 IpFilterDriver - ok
18:30:18.0851 1772 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:30:18.0851 1772 iphlpsvc - ok
18:30:18.0913 1772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:30:18.0913 1772 IPMIDRV - ok
18:30:18.0929 1772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:30:18.0944 1772 IPNAT - ok
18:30:19.0038 1772 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:30:19.0053 1772 iPod Service - ok
18:30:19.0069 1772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:30:19.0069 1772 IRENUM - ok
18:30:19.0085 1772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:30:19.0085 1772 isapnp - ok
18:30:19.0147 1772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:30:19.0147 1772 iScsiPrt - ok
18:30:19.0209 1772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:30:19.0209 1772 kbdclass - ok
18:30:19.0241 1772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:30:19.0241 1772 kbdhid - ok
18:30:19.0256 1772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:30:19.0256 1772 KeyIso - ok
18:30:19.0319 1772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:30:19.0319 1772 KSecDD - ok
18:30:19.0381 1772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:30:19.0381 1772 KSecPkg - ok
18:30:19.0397 1772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:30:19.0397 1772 ksthunk - ok
18:30:19.0428 1772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:30:19.0428 1772 KtmRm - ok
18:30:19.0490 1772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:30:19.0490 1772 LanmanServer - ok
18:30:19.0553 1772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:30:19.0553 1772 LanmanWorkstation - ok
18:30:19.0631 1772 [ ACEC35F181075B20A5EF4A71958B13DF ] libusb0 C:\Windows\system32\drivers\libusb0.sys
18:30:19.0631 1772 libusb0 - ok
18:30:19.0677 1772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:30:19.0677 1772 lltdio - ok
18:30:19.0693 1772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:30:19.0693 1772 lltdsvc - ok
18:30:19.0709 1772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:30:19.0709 1772 lmhosts - ok
18:30:19.0740 1772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:30:19.0740 1772 LSI_FC - ok
18:30:19.0755 1772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:30:19.0755 1772 LSI_SAS - ok
18:30:19.0771 1772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:30:19.0771 1772 LSI_SAS2 - ok
18:30:19.0787 1772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:30:19.0787 1772 LSI_SCSI - ok
18:30:19.0818 1772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:30:19.0818 1772 luafv - ok
18:30:19.0880 1772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:30:19.0880 1772 Mcx2Svc - ok
18:30:19.0896 1772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:30:19.0896 1772 megasas - ok
18:30:19.0911 1772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:30:19.0911 1772 MegaSR - ok
18:30:19.0943 1772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:30:19.0943 1772 MMCSS - ok
18:30:19.0958 1772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:30:19.0958 1772 Modem - ok
18:30:19.0974 1772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:30:19.0974 1772 monitor - ok
18:30:19.0989 1772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:30:20.0005 1772 mouclass - ok
18:30:20.0021 1772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:30:20.0021 1772 mouhid - ok
18:30:20.0099 1772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:30:20.0099 1772 mountmgr - ok
18:30:20.0223 1772 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:30:20.0223 1772 MozillaMaintenance - ok
18:30:20.0301 1772 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
18:30:20.0301 1772 MpFilter - ok
18:30:20.0333 1772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:30:20.0333 1772 mpio - ok
18:30:20.0348 1772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:30:20.0348 1772 mpsdrv - ok
18:30:20.0411 1772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:30:20.0426 1772 MpsSvc - ok
18:30:20.0473 1772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:30:20.0489 1772 MRxDAV - ok
18:30:20.0535 1772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:30:20.0535 1772 mrxsmb - ok
18:30:20.0598 1772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:30:20.0598 1772 mrxsmb10 - ok
18:30:20.0613 1772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:30:20.0613 1772 mrxsmb20 - ok
18:30:20.0629 1772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:30:20.0629 1772 msahci - ok
18:30:20.0691 1772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:30:20.0691 1772 msdsm - ok
18:30:20.0707 1772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:30:20.0707 1772 MSDTC - ok
18:30:20.0738 1772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:30:20.0738 1772 Msfs - ok
18:30:20.0754 1772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:30:20.0754 1772 mshidkmdf - ok
18:30:20.0816 1772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:30:20.0816 1772 msisadrv - ok
18:30:20.0847 1772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:30:20.0847 1772 MSiSCSI - ok
18:30:20.0847 1772 msiserver - ok
18:30:20.0879 1772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:30:20.0879 1772 MSKSSRV - ok
18:30:20.0972 1772 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:30:20.0972 1772 MsMpSvc - ok
18:30:20.0988 1772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:30:20.0988 1772 MSPCLOCK - ok
18:30:21.0003 1772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:30:21.0003 1772 MSPQM - ok
18:30:21.0066 1772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:30:21.0066 1772 MsRPC - ok
18:30:21.0081 1772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:30:21.0081 1772 mssmbios - ok
18:30:21.0097 1772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:30:21.0097 1772 MSTEE - ok
18:30:21.0113 1772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:30:21.0113 1772 MTConfig - ok
18:30:21.0128 1772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:30:21.0128 1772 Mup - ok
18:30:21.0206 1772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:30:21.0206 1772 napagent - ok
18:30:21.0237 1772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:30:21.0237 1772 NativeWifiP - ok
18:30:21.0315 1772 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:30:21.0331 1772 NDIS - ok
18:30:21.0347 1772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:30:21.0347 1772 NdisCap - ok
18:30:21.0362 1772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:30:21.0378 1772 NdisTapi - ok
18:30:21.0440 1772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:30:21.0440 1772 Ndisuio - ok
18:30:21.0503 1772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:30:21.0503 1772 NdisWan - ok
18:30:21.0549 1772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:30:21.0549 1772 NDProxy - ok
18:30:21.0643 1772 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
18:30:21.0643 1772 Nero BackItUp Scheduler 4.0 - ok
18:30:21.0659 1772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:30:21.0659 1772 NetBIOS - ok
18:30:21.0721 1772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:30:21.0721 1772 NetBT - ok
18:30:21.0737 1772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:30:21.0737 1772 Netlogon - ok
18:30:21.0768 1772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:30:21.0783 1772 Netman - ok
18:30:21.0799 1772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:30:21.0815 1772 netprofm - ok
18:30:21.0830 1772 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:30:21.0830 1772 NetTcpPortSharing - ok
18:30:21.0846 1772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:30:21.0846 1772 nfrd960 - ok
18:30:21.0924 1772 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:30:21.0924 1772 NisDrv - ok
18:30:21.0986 1772 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
18:30:22.0002 1772 NisSrv - ok
18:30:22.0017 1772 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:30:22.0017 1772 NlaSvc - ok
18:30:22.0095 1772 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:30:22.0142 1772 NOBU - ok
18:30:22.0158 1772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:30:22.0158 1772 Npfs - ok
18:30:22.0173 1772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:30:22.0173 1772 nsi - ok
18:30:22.0189 1772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:30:22.0189 1772 nsiproxy - ok
18:30:22.0236 1772 [ 20E179A7FE78B37A02D30C4D34C870E7 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
18:30:22.0236 1772 nSvcIp - ok
18:30:22.0314 1772 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:30:22.0345 1772 Ntfs - ok
18:30:22.0345 1772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:30:22.0345 1772 Null - ok
18:30:22.0376 1772 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
18:30:22.0376 1772 NVENETFD - ok
18:30:22.0579 1772 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:30:22.0751 1772 nvlddmkm - ok
18:30:22.0782 1772 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
18:30:22.0782 1772 NVNET - ok
18:30:22.0844 1772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:30:22.0844 1772 nvraid - ok
18:30:22.0907 1772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:30:22.0907 1772 nvstor - ok
18:30:22.0938 1772 [ 1E45F96342429D63DC30E0D9117DA3D8 ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
18:30:22.0938 1772 nvstor64 - ok
18:30:22.0969 1772 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:30:22.0969 1772 nvsvc - ok
18:30:23.0000 1772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:30:23.0000 1772 nv_agp - ok
18:30:23.0063 1772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:30:23.0063 1772 ohci1394 - ok
18:30:23.0125 1772 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:30:23.0125 1772 ose - ok
18:30:23.0234 1772 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:30:23.0297 1772 osppsvc - ok
18:30:23.0328 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:30:23.0328 1772 p2pimsvc - ok
18:30:23.0359 1772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:30:23.0359 1772 p2psvc - ok
18:30:23.0390 1772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:30:23.0390 1772 Parport - ok
18:30:23.0453 1772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:30:23.0453 1772 partmgr - ok
18:30:23.0484 1772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:30:23.0484 1772 PcaSvc - ok
18:30:23.0546 1772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:30:23.0546 1772 pci - ok
18:30:23.0546 1772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:30:23.0546 1772 pciide - ok
18:30:23.0577 1772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:30:23.0577 1772 pcmcia - ok
18:30:23.0593 1772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:30:23.0593 1772 pcw - ok
18:30:23.0609 1772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:30:23.0624 1772 PEAUTH - ok
18:30:23.0687 1772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:30:23.0687 1772 PerfHost - ok
18:30:23.0765 1772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:30:23.0780 1772 pla - ok
18:30:23.0858 1772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:30:23.0858 1772 PlugPlay - ok
18:30:23.0874 1772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:30:23.0874 1772 PNRPAutoReg - ok
18:30:23.0889 1772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:30:23.0889 1772 PNRPsvc - ok
18:30:23.0952 1772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:30:23.0952 1772 PolicyAgent - ok
18:30:23.0983 1772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:30:23.0983 1772 Power - ok
18:30:24.0061 1772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:30:24.0061 1772 PptpMiniport - ok
18:30:24.0092 1772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:30:24.0092 1772 Processor - ok
18:30:24.0155 1772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:30:24.0170 1772 ProfSvc - ok
18:30:24.0170 1772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:30:24.0170 1772 ProtectedStorage - ok
18:30:24.0233 1772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:30:24.0233 1772 Psched - ok
18:30:24.0279 1772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:30:24.0295 1772 ql2300 - ok
18:30:24.0326 1772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:30:24.0326 1772 ql40xx - ok
18:30:24.0357 1772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:30:24.0357 1772 QWAVE - ok
18:30:24.0373 1772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:30:24.0373 1772 QWAVEdrv - ok
18:30:24.0389 1772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:30:24.0389 1772 RasAcd - ok
18:30:24.0420 1772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:30:24.0435 1772 RasAgileVpn - ok
18:30:24.0435 1772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:30:24.0435 1772 RasAuto - ok
18:30:24.0498 1772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:30:24.0498 1772 Rasl2tp - ok
18:30:24.0560 1772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:30:24.0560 1772 RasMan - ok
18:30:24.0576 1772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:30:24.0576 1772 RasPppoe - ok
18:30:24.0591 1772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:30:24.0591 1772 RasSstp - ok
18:30:24.0623 1772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:30:24.0623 1772 rdbss - ok
18:30:24.0654 1772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:30:24.0669 1772 rdpbus - ok
18:30:24.0669 1772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:30:24.0669 1772 RDPCDD - ok
18:30:24.0701 1772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:30:24.0701 1772 RDPENCDD - ok
18:30:24.0716 1772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:30:24.0716 1772 RDPREFMP - ok
18:30:24.0779 1772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:30:24.0779 1772 RDPWD - ok
18:30:24.0841 1772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:30:24.0841 1772 rdyboost - ok
18:30:24.0872 1772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:30:24.0872 1772 RemoteAccess - ok
18:30:24.0888 1772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:30:24.0888 1772 RemoteRegistry - ok
18:30:24.0919 1772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:30:24.0919 1772 RpcEptMapper - ok
18:30:24.0950 1772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:30:24.0950 1772 RpcLocator - ok
18:30:24.0966 1772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
18:30:24.0981 1772 RpcSs - ok
18:30:24.0981 1772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:30:24.0981 1772 rspndr - ok
18:30:24.0997 1772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:30:24.0997 1772 SamSs - ok
18:30:25.0059 1772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:30:25.0059 1772 sbp2port - ok
18:30:25.0075 1772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:30:25.0075 1772 SCardSvr - ok
18:30:25.0137 1772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:30:25.0137 1772 scfilter - ok
18:30:25.0153 1772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:30:25.0169 1772 Schedule - ok
18:30:25.0231 1772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:30:25.0231 1772 SCPolicySvc - ok
18:30:25.0293 1772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:30:25.0293 1772 SDRSVC - ok
18:30:25.0309 1772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:30:25.0309 1772 secdrv - ok
18:30:25.0356 1772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:30:25.0356 1772 seclogon - ok
18:30:25.0387 1772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:30:25.0387 1772 SENS - ok
18:30:25.0403 1772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:30:25.0403 1772 SensrSvc - ok
18:30:25.0418 1772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:30:25.0418 1772 Serenum - ok
18:30:25.0449 1772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:30:25.0449 1772 Serial - ok
18:30:25.0512 1772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:30:25.0512 1772 sermouse - ok
18:30:25.0543 1772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:30:25.0543 1772 SessionEnv - ok
18:30:25.0605 1772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:30:25.0605 1772 sffdisk - ok
18:30:25.0605 1772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:30:25.0605 1772 sffp_mmc - ok
18:30:25.0621 1772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:30:25.0621 1772 sffp_sd - ok
18:30:25.0652 1772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:30:25.0652 1772 sfloppy - ok
18:30:25.0730 1772 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:30:25.0746 1772 Sftfs - ok
18:30:25.0871 1772 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:30:25.0871 1772 sftlist - ok
18:30:25.0933 1772 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:30:25.0933 1772 Sftplay - ok
18:30:25.0949 1772 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:30:25.0949 1772 Sftredir - ok
18:30:25.0964 1772 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:30:25.0964 1772 Sftvol - ok
18:30:26.0027 1772 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:30:26.0027 1772 sftvsa - ok
18:30:26.0058 1772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:30:26.0058 1772 SharedAccess - ok
18:30:26.0120 1772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:30:26.0136 1772 ShellHWDetection - ok
18:30:26.0151 1772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:30:26.0151 1772 SiSRaid2 - ok
18:30:26.0167 1772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:30:26.0167 1772 SiSRaid4 - ok
18:30:26.0167 1772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:30:26.0167 1772 Smb - ok
18:30:26.0214 1772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:30:26.0214 1772 SNMPTRAP - ok
18:30:26.0292 1772 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
18:30:26.0292 1772 Sony SCSI Helper Service - ok
18:30:26.0292 1772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:30:26.0292 1772 spldr - ok
18:30:26.0354 1772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:30:26.0370 1772 Spooler - ok
18:30:26.0463 1772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:30:26.0526 1772 sppsvc - ok
18:30:26.0557 1772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:30:26.0557 1772 sppuinotify - ok
18:30:26.0635 1772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:30:26.0635 1772 srv - ok
18:30:26.0697 1772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:30:26.0713 1772 srv2 - ok
18:30:26.0729 1772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:30:26.0729 1772 srvnet - ok
18:30:26.0760 1772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:30:26.0760 1772 SSDPSRV - ok
18:30:26.0775 1772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:30:26.0775 1772 SstpSvc - ok
18:30:26.0791 1772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:30:26.0791 1772 stexstor - ok
18:30:26.0869 1772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:30:26.0885 1772 stisvc - ok
18:30:26.0931 1772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:30:26.0931 1772 swenum - ok
18:30:26.0963 1772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:30:26.0963 1772 swprv - ok
18:30:27.0056 1772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:30:27.0072 1772 SysMain - ok
18:30:27.0134 1772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:30:27.0150 1772 TabletInputService - ok
18:30:27.0197 1772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:30:27.0212 1772 TapiSrv - ok
18:30:27.0228 1772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:30:27.0228 1772 TBS - ok
18:30:27.0306 1772 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:30:27.0321 1772 Tcpip - ok
18:30:27.0368 1772 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:30:27.0368 1772 TCPIP6 - ok
18:30:27.0431 1772 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:30:27.0431 1772 tcpipreg - ok
18:30:27.0446 1772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:30:27.0446 1772 TDPIPE - ok
18:30:27.0524 1772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:30:27.0524 1772 TDTCP - ok
18:30:27.0587 1772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:30:27.0587 1772 tdx - ok
18:30:27.0602 1772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:30:27.0602 1772 TermDD - ok
18:30:27.0665 1772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:30:27.0680 1772 TermService - ok
18:30:27.0696 1772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:30:27.0696 1772 Themes - ok
18:30:27.0727 1772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:30:27.0727 1772 THREADORDER - ok
18:30:27.0743 1772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:30:27.0743 1772 TrkWks - ok
18:30:27.0836 1772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:30:27.0836 1772 TrustedInstaller - ok
18:30:27.0899 1772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:30:27.0899 1772 tssecsrv - ok
18:30:27.0992 1772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:30:27.0992 1772 TsUsbFlt - ok
18:30:28.0070 1772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:30:28.0070 1772 tunnel - ok
18:30:28.0101 1772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:30:28.0101 1772 uagp35 - ok
18:30:28.0164 1772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:30:28.0164 1772 udfs - ok
18:30:28.0195 1772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:30:28.0195 1772 UI0Detect - ok
18:30:28.0211 1772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:30:28.0211 1772 uliagpkx - ok
18:30:28.0273 1772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:30:28.0273 1772 umbus - ok
18:30:28.0289 1772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:30:28.0289 1772 UmPass - ok
18:30:28.0351 1772 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
18:30:28.0351 1772 Updater Service - ok
18:30:28.0367 1772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:30:28.0367 1772 upnphost - ok
18:30:28.0398 1772 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:30:28.0413 1772 USBAAPL64 - ok
18:30:28.0429 1772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:30:28.0429 1772 usbccgp - ok
18:30:28.0491 1772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:30:28.0491 1772 usbcir - ok
18:30:28.0523 1772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:30:28.0523 1772 usbehci - ok
18:30:28.0538 1772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:30:28.0554 1772 usbhub - ok
18:30:28.0554 1772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:30:28.0554 1772 usbohci - ok
18:30:28.0585 1772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:30:28.0585 1772 usbprint - ok
18:30:28.0647 1772 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:30:28.0647 1772 usbscan - ok
18:30:28.0710 1772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:30:28.0710 1772 USBSTOR - ok
18:30:28.0741 1772 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:30:28.0741 1772 usbuhci - ok
18:30:28.0757 1772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:30:28.0757 1772 UxSms - ok
18:30:28.0772 1772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:30:28.0772 1772 VaultSvc - ok
18:30:28.0835 1772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:30:28.0835 1772 vdrvroot - ok
18:30:28.0913 1772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:30:28.0913 1772 vds - ok
18:30:28.0928 1772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:30:28.0928 1772 vga - ok
18:30:28.0944 1772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:30:28.0944 1772 VgaSave - ok
18:30:28.0959 1772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:30:28.0959 1772 vhdmp - ok
18:30:29.0022 1772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:30:29.0022 1772 viaide - ok
18:30:29.0037 1772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:30:29.0037 1772 volmgr - ok
18:30:29.0100 1772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:30:29.0115 1772 volmgrx - ok
18:30:29.0131 1772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:30:29.0131 1772 volsnap - ok
18:30:29.0147 1772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:30:29.0147 1772 vsmraid - ok
18:30:29.0240 1772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:30:29.0256 1772 VSS - ok
18:30:29.0287 1772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:30:29.0287 1772 vwifibus - ok
18:30:29.0303 1772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:30:29.0318 1772 W32Time - ok
18:30:29.0334 1772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:30:29.0334 1772 WacomPen - ok
18:30:29.0349 1772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:30:29.0349 1772 WANARP - ok
18:30:29.0349 1772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:30:29.0349 1772 Wanarpv6 - ok
18:30:29.0412 1772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:30:29.0427 1772 WatAdminSvc - ok
18:30:29.0490 1772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:30:29.0521 1772 wbengine - ok
18:30:29.0552 1772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:30:29.0552 1772 WbioSrvc - ok
18:30:29.0615 1772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:30:29.0615 1772 wcncsvc - ok
18:30:29.0646 1772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:30:29.0646 1772 WcsPlugInService - ok
18:30:29.0661 1772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:30:29.0661 1772 Wd - ok
18:30:29.0739 1772 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
18:30:29.0739 1772 WDC_SAM - ok
18:30:29.0802 1772 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:30:29.0802 1772 Wdf01000 - ok
18:30:29.0833 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:30:29.0833 1772 WdiServiceHost - ok
18:30:29.0833 1772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:30:29.0833 1772 WdiSystemHost - ok
18:30:29.0911 1772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:30:29.0911 1772 WebClient - ok
18:30:29.0927 1772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:30:29.0942 1772 Wecsvc - ok
18:30:29.0958 1772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:30:29.0958 1772 wercplsupport - ok
18:30:29.0973 1772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:30:29.0973 1772 WerSvc - ok
18:30:29.0989 1772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:30:29.0989 1772 WfpLwf - ok
18:30:30.0005 1772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:30:30.0005 1772 WIMMount - ok
18:30:30.0020 1772 WinDefend - ok
18:30:30.0020 1772 WinHttpAutoProxySvc - ok
18:30:30.0067 1772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:30:30.0067 1772 Winmgmt - ok
18:30:30.0145 1772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:30:30.0176 1772 WinRM - ok
18:30:30.0301 1772 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:30:30.0301 1772 WinUsb - ok
18:30:30.0332 1772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:30:30.0348 1772 Wlansvc - ok
18:30:30.0441 1772 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:30:30.0473 1772 wlidsvc - ok
18:30:30.0535 1772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:30:30.0535 1772 WmiAcpi - ok
18:30:30.0551 1772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:30:30.0566 1772 wmiApSrv - ok
18:30:30.0566 1772 WMPNetworkSvc - ok
18:30:30.0582 1772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:30:30.0582 1772 WPCSvc - ok
18:30:30.0660 1772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:30:30.0660 1772 WPDBusEnum - ok
18:30:30.0691 1772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:30:30.0691 1772 ws2ifsl - ok
18:30:30.0707 1772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:30:30.0722 1772 wscsvc - ok
18:30:30.0722 1772 WSearch - ok
18:30:30.0816 1772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:30:30.0847 1772 wuauserv - ok
18:30:30.0909 1772 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:30:30.0909 1772 WudfPf - ok
18:30:30.0941 1772 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:30:30.0941 1772 WUDFRd - ok
18:30:30.0987 1772 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:30:31.0003 1772 wudfsvc - ok
18:30:31.0019 1772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:30:31.0019 1772 WwanSvc - ok
18:30:31.0019 1772 ================ Scan global ===============================
18:30:31.0065 1772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:30:31.0112 1772 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:30:31.0112 1772 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
18:30:31.0143 1772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:30:31.0159 1772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:30:31.0175 1772 [Global] - ok
18:30:31.0175 1772 ================ Scan MBR ==================================
18:30:31.0190 1772 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:30:31.0518 1772 \Device\Harddisk0\DR0 - ok
18:30:31.0533 1772 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:30:32.0189 1772 \Device\Harddisk1\DR1 - ok
18:30:32.0189 1772 ================ Scan VBR ==================================
18:30:32.0251 1772 [ 324DDBFF75EBD58BCABC2690EC215414 ] \Device\Harddisk0\DR0\Partition1
18:30:32.0251 1772 \Device\Harddisk0\DR0\Partition1 - ok
18:30:32.0267 1772 [ 45BB1F70055A2D315A55E8E45161AC54 ] \Device\Harddisk0\DR0\Partition2
18:30:32.0267 1772 \Device\Harddisk0\DR0\Partition2 - ok
18:30:32.0267 1772 [ 7E01C990E55590FFC2AB0FAC6DBCEB57 ] \Device\Harddisk1\DR1\Partition1
18:30:32.0282 1772 \Device\Harddisk1\DR1\Partition1 - ok
18:30:32.0282 1772 ============================================================
18:30:32.0282 1772 Scan finished
18:30:32.0282 1772 ============================================================
18:30:32.0282 0884 Detected object count: 0
18:30:32.0282 0884 Actual detected object count: 0
18:30:43.0124 2008 Deinitialize success

#4 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 January 2013 - 09:37 PM

aswMBR log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-11 18:34:34
-----------------------------
18:34:34.717 OS Version: Windows x64 6.1.7601 Service Pack 1
18:34:34.717 Number of processors: 1 586 0x603
18:34:34.717 ComputerName: HOME-PC UserName: HOME
18:34:35.575 Initialize success
18:35:20.534 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000055
18:35:20.534 Disk 0 Vendor: WDC_WD50 05.0 Size: 476940MB BusType: 3
18:35:20.534 Disk 0 MBR read successfully
18:35:20.534 Disk 0 MBR scan
18:35:20.550 Disk 0 Windows 7 default MBR code
18:35:20.550 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12288 MB offset 2048
18:35:20.565 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 25167872
18:35:20.565 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 464550 MB offset 25372672
18:35:20.581 Disk 0 scanning C:\Windows\system32\drivers
18:35:27.944 Service scanning
18:35:44.324 Modules scanning
18:35:44.324 Disk 0 trace - called modules:
18:35:44.340 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
18:35:44.340 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800265c790]
18:35:44.855 3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> [0xfffffa8002075e40]
18:35:44.855 5 ACPI.sys[fffff88000f137a1] -> nt!IofCallDriver -> \Device\00000055[0xfffffa800210c750]
18:35:44.855 Scan finished successfully
18:36:22.924 Disk 0 MBR has been saved successfully to "C:\Users\HOME\Desktop\MBR.dat"
18:36:22.924 The log file has been saved successfully to "C:\Users\HOME\Desktop\aswMBR.txt"

#5 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 01:29 AM

ESET Log:

C:\Users\HOME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\10R9C9F8\7516fd43adaa5e0b8a65a672c39845d2[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\HOME\AppData\Local\Temp\jar_cache7836017800143405091.tmp Java/TrojanDownloader.OpenStream.NCX trojan cleaned by deleting - quarantined
C:\Users\HOME\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\2bcbc0d7-398056c3 Java/Agent.FI trojan cleaned by deleting - quarantined
C:\Users\HOME\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25\42562fd9-2d06054d Java/Agent.FH trojan cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:30 AM

Posted 12 January 2013 - 02:06 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 04:50 AM

I already have Malwarebytes installed so I simple did another full scan with the updated one I alreadyt have on my computer rather than uninstall it and then reinstall it (I hope this is okay). On this occasion no malicious items were found. However I did do a full scan just previous to submiting this topic to bleepingcomputers.com, and at that privious scan it did detect and hendle 9 malicious items. So for you examination, I will also submit that log after first submiting this newest one.

NEWEST MALWAREBYTES LOG:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.12.05

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
HOME :: HOME-PC [administrator]

1/12/2013 12:03:31 AM
mbam-log-2013-01-12 (00-03-31).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 535359
Time elapsed: 1 hour(s), 37 minute(s), 43 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 04:51 AM

PRIVIOUS MALWAREBYES FULL SCAN LOG (with 9 malicious items found)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.11.11

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
HOME :: HOME-PC [administrator]

1/11/2013 10:54:21 AM
mbam-log-2013-01-11 (10-54-21).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 535169
Time elapsed: 1 hour(s), 37 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|D033811FB92072C20000D032B0F07630 (Trojan.Lameshield.124) -> Data: C:\ProgramData\D033811FB92072C20000D032B0F07630\D033811FB92072C20000D032B0F07630.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection (Rogue.SystemProgressiveProtection) -> Quarantined and deleted successfully.

Files Detected: 7
C:\ProgramData\D033811FB92072C20000D032B0F07630\D033811FB92072C20000D032B0F07630.exe (Trojan.Lameshield.124) -> Quarantined and deleted successfully.
C:\Users\HOME\AppData\Local\Temp\013c26b6ce38.exe (Trojan.Lameshield.124) -> Quarantined and deleted successfully.
C:\Users\HOME\AppData\Local\Temp\113c26b6ce38.exe (Spyware.Zbot.USBV) -> Quarantined and deleted successfully.
C:\Users\HOME\AppData\Local\Temp\1jfuweif.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Users\HOME\AppData\Local\Temp\msimg32.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.
C:\Users\HOME\Desktop\System Progressive Protection.lnk (Rogue.SystemProgressiveProtection) -> Quarantined and deleted successfully.
C:\Users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection\System Progressive Protection.lnk (Rogue.SystemProgressiveProtection) -> Quarantined and deleted successfully.

(end)

#9 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 04:54 AM

MINITOOLBOX LOG:

MiniToolBox by Farbar Version:10-01-2013
Ran by HOME (administrator) on 12-01-2013 at 01:53:38
Running from "C:\Users\HOME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8HHSX6H9"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HOME-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : bak.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : bak.rr.com
Description . . . . . . . . . . . : NVIDIA nForce 10/100/1000 Mbps Ethernet
Physical Address. . . . . . . . . : 00-26-2D-4C-7D-FF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fd71:c078:bdfa:4c6f%10(Preferred)
IPv4 Address. . . . . . . . . . . : 97.71.82.97(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.248.0
Lease Obtained. . . . . . . . . . : Friday, January 11, 2013 10:52:58 PM
Lease Expires . . . . . . . . . . : Saturday, January 12, 2013 10:52:58 PM
Default Gateway . . . . . . . . . : 97.71.80.1
DHCP Server . . . . . . . . . . . : 10.72.128.1
DHCPv6 IAID . . . . . . . . . . . : 234890797
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-62-4B-01-00-26-2D-4C-7D-FF
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.bak.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2001:4860:4007:801::100e
74.125.239.5
74.125.239.6
74.125.239.7
74.125.239.8
74.125.239.9
74.125.239.14
74.125.239.0
74.125.239.1
74.125.239.2
74.125.239.3
74.125.239.4


Pinging google.com [74.125.239.6] with 32 bytes of data:
Reply from 74.125.239.6: bytes=32 time=11ms TTL=55
Reply from 74.125.239.6: bytes=32 time=12ms TTL=55

Ping statistics for 74.125.239.6:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 12ms, Average = 11ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=135ms TTL=48
Reply from 98.139.183.24: bytes=32 time=193ms TTL=48

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 135ms, Maximum = 193ms, Average = 164ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 26 2d 4c 7d ff ......NVIDIA nForce 10/100/1000 Mbps Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 97.71.80.1 97.71.82.97 20
97.71.80.0 255.255.248.0 On-link 97.71.82.97 276
97.71.82.97 255.255.255.255 On-link 97.71.82.97 276
97.71.87.255 255.255.255.255 On-link 97.71.82.97 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 97.71.82.97 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 97.71.82.97 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::fd71:c078:bdfa:4c6f/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/11/2013 10:53:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/11/2013 06:38:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/11/2013 06:37:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/09/2013 11:21:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16457, time stamp: 0x50a2f9e3
Faulting module name: D3D10Warp.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b7af
Exception code: 0xc0000005
Fault offset: 0x0002b38f
Faulting process id: 0x11c8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (01/09/2013 10:38:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10234

Error: (01/09/2013 10:38:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10234

Error: (01/09/2013 10:38:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/09/2013 04:11:37 AM) (Source: System Restore) (User: )
Description: The restore point selected was damaged or deleted during the restore (Windows Update).

Error: (01/08/2013 05:07:26 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16457 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1534

Start Time: 01cdee0522c99d90

Termination Time: 154

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (01/07/2013 10:46:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10156


System errors:
=============
Error: (01/12/2013 01:53:04 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:53:04 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:53:04 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:50:56 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:50:56 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:50:56 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:45:56 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:45:56 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:45:56 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (01/12/2013 01:43:48 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (01/11/2013 10:53:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HOME\Desktop\esetsmartinstaller_enu.exe

Error: (01/11/2013 06:38:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HOME\Desktop\esetsmartinstaller_enu.exe

Error: (01/11/2013 06:37:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\HOME\Desktop\esetsmartinstaller_enu.exe

Error: (01/09/2013 11:21:05 PM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3D3D10Warp.dll6.1.7601.175144ce7b7afc00000050002b38f11c801cdee628aa47db0C:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\D3D10Warp.dll4b26b404-5af6-11e2-a41c-00262d4c7dff

Error: (01/09/2013 10:38:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10234

Error: (01/09/2013 10:38:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10234

Error: (01/09/2013 10:38:05 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/09/2013 04:11:37 AM) (Source: System Restore)(User: )
Description: Windows Update

Error: (01/08/2013 05:07:26 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16457153401cdee0522c99d90154C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (01/07/2013 10:46:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10156


CodeIntegrity Errors:
===================================
Date: 2011-10-17 13:26:19.486
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-17 13:26:19.440
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

µTorrent (Version: 2.2.0)
18 Wheels of Steel - American Long Haul (Version: 2.2.0.95)
7-Zip 9.20
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.5.1.17730)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Advertising Center (Version: 0.0.0.2)
Agatha Christie - Death on the Nile (Version: 2.2.0.95)
Amazon Kindle
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
BerBible (Version: 2.41)
Blackhawk Striker 2 (Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.95)
CA Yahoo! Anti-Spy (remove only)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.6.0.4)
Canon RAW Image Task for ZoomBrowser EX (Version: 0.9.3.9)
Canon Utilities CameraWindow (Version: 7.1.0.2)
Canon Utilities CameraWindow DC (Version: 7.1.0.7)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.2.16)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.1.8)
Canon Utilities PhotoStitch (Version: 3.1.21.45)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.1.0.20)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.1.0.8)
Chuzzle Deluxe (Version: 2.2.0.95)
ConvertHelper 2.2
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DivX Setup (Version: 2.6.1.22)
Dora's Carnival Adventure (Version: 2.2.0.95)
DVD Flick 1.3.0.7 (Version: 1.3.0.7)
eMachines Game Console
eMachines Games (Version: 1.0.1.3)
eMachines Recovery Management (Version: 4.05.3013)
eMachines Registration (Version: 1.03.3003)
eMachines ScreenSaver (Version: 1.1.0825.2010)
eMachines Updater (Version: 1.02.3001)
ESET Online Scanner v3
Facetheme (Version: 1.0)
FATE (Version: 2.2.0.95)
foobar2000 v1.1.7 (Version: 1.1.7)
Free Audio Converter version 5.0.6.221 (Version: 5.0.6.221)
Free FLAC to MP3 Converter 1.0
Free M4a to MP3 Converter 6.1
G-Force (Version: 4.1.3)
Google Chrome (Version: 23.0.1271.97)
Google Talk Plugin (Version: 3.11.7.10909)
Google Update Helper (Version: 1.3.21.123)
Hotkey Utility (Version: 2.05.3009)
HP FWUpdateEDO2 (Version: 1.2.0.0)
HP Officejet Pro 8600 Basic Device Software (Version: 25.0.619.0)
HP Officejet Pro 8600 Help (Version: 140.0.2.2)
HP Update (Version: 5.003.001.001)
I.R.I.S. OCR (Version: 12.3.4.0)
iCloud (Version: 2.1.1.3)
Identity Card (Version: 1.00.3003)
ImagXpress (Version: 7.0.74.0)
IrfanView (remove only) (Version: 4.30)
iTunes (Version: 11.0.1.12)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Jewel Quest - Heritage (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
John Deere Drive Green (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 3.0.1)
LockHunter version 1.0 beta 3, 64 bit edition
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Medieval CUE Splitter (Version: 1.2.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Monkey's Audio
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MPC-HC 1.6.4.6052 (Version: 1.6.4.6052)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.37.100)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.15.0.100)
NeroExpress (Version: 9.4.37.100)
neroxml (Version: 1.0.0)
NOOK for PC (Version: 2.5.6.9575)
Norton Online Backup (Version: 2.1.17869)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7316)
Penguins! (Version: 2.2.0.95)
Plants vs. Zombies (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.73.80.64)
Reader Library by Sony (Version: 3.3.00.07130)
Realtek High Definition Audio Driver (Version: 6.0.1.6045)
SoulSeek 157 NS 13e
SpywareBlaster 4.6 (Version: 4.6.0)
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
VLC media player 2.0.4 (Version: 2.0.4)
WebEnhancements
Welcome Center (Version: 1.02.3004)
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
Xvid Video Codec (Version: 1.3.2)
Zuma's Revenge (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 1791.37 MB
Available physical RAM: 919.58 MB
Total Pagefile: 3582.73 MB
Available Pagefile: 2960.24 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.59 MB

========================= Partitions: =====================================

1 Drive c: (eMachines) (Fixed) (Total:453.66 GB) (Free:9.81 GB) NTFS
3 Drive e: (My Book) (Fixed) (Total:2794.49 GB) (Free:579.63 GB) NTFS

========================= Users: ========================================

User accounts for \\HOME-PC

Administrator Guest HOME

========================= Restore Points ==================================


**** End of log ****

#10 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 04:56 AM

FABAR SERVICE SCANNER LOG:

Farbar Service Scanner Version: 05-01-2013
Ran by HOME (administrator) on 12-01-2013 at 01:55:18
Running from "C:\Users\HOME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NRSS70N"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Edited by octagonproplex, 12 January 2013 - 05:08 AM.


#11 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 05:08 AM

ADWARE CLEANER LOG:

# AdwCleaner v2.105 - Logfile created 01/12/2013 at 02:03:04
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : HOME - HOME-PC
# Boot Mode : Safe mode with networking
# Running from : C:\Users\HOME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RTOCE9OH\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

File : C:\Users\HOME\AppData\Roaming\Mozilla\Firefox\Profiles\rsc6yf60.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3727 octets] - [12/01/2013 01:57:08]
AdwCleaner[S2].txt - [954 octets] - [12/01/2013 02:03:04]

########## EOF - C:\AdwCleaner[S2].txt - [1013 octets] ##########

#12 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 05:20 AM

JUNKWARE REMOVAL TOOL LOG:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Windows 7 Home Premium x64
Ran by HOME on Sat 01/12/2013 at 2:10:43.39
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\bho.dll



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\HOME\AppData\Roaming\mozilla\firefox\profiles\rsc6yf60.default\minidumps [16 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/12/2013 at 2:18:47.09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#13 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 05:23 AM

RKILL LOG:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/12/2013 02:23:00 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/12/2013 02:23:14 AM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

#14 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 05:29 AM

AUTORUNS LOG:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MSC" "" "" "File not found: C:\Program Files\Microsoft Security Client\mssecex.exe"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "DivXMediaServer" "DivX DLNA Media Server" "" "c:\program files (x86)\divx\divx media server\divxmediaserver.exe"
+ "DivXUpdate" "DivX Update" "" "c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "Hotkey Utility" "Hotkey Utility" "" "c:\program files (x86)\emachines\hotkey utility\hotkeyutility.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "Norton Online Backup" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuclient.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe"
+ "Reader Library Launcher" "Reader Library Launcher" "Sony Corporation" "c:\program files (x86)\sony\reader\data\bin\launcher\reader library launcher.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "WinampAgent" "Winamp Agent" "Nullsoft, Inc." "c:\program files (x86)\winamp\winampa.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Google Update" "Google Installer" "Google Inc." "c:\users\home\appdata\local\google\update\googleupdate.exe"
+ "MobileDocuments" "" "" "File not found: C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
+ "Xvid" "" "" "c:\program files (x86)\xvid\checkupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "LockHunterShellExt" "TODO: <File description>" "TODO: <Company name>" "c:\program files\lockhunter\lhshellext.dll"
+ "PhotoStreamsExt" "" "" "c:\program files\common files\apple\internet services\shellstreams64.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "PhotoStreamsExt" "ShellStreams.dll" "Apple Inc." "c:\program files (x86)\common files\apple\internet services\shellstreams.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "LockHunterShellExt" "TODO: <File description>" "TODO: <Company name>" "c:\program files\lockhunter\lhshellext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll"
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files (x86)\winrar\rarext64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR32" "" "" "c:\program files (x86)\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll"
"Task Scheduler" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3727771256-2954610639-954426045-1000Core" "Google Installer" "Google Inc." "c:\users\home\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3727771256-2954610639-954426045-1000UA" "Google Installer" "Google Inc." "c:\users\home\appdata\local\google\update\googleupdate.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "cvhsvc" "Client Virtualization Handler Service (unlocalized description)" "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe"
+ "ForceWare Intelligent Application Manager (IAM)" "app_filter Module" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcappflt.exe"
+ "GameConsoleService" "GameConsole management services" "WildTangent, Inc." "c:\program files (x86)\emachines games\emachines game console\gameconsoleservice.exe"
+ "GREGService" "Global Registration Service" "Acer Incorporated" "c:\program files (x86)\emachines\registration\gregsvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Nero BackItUp Scheduler 4.0" "Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP." "Nero AG" "c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "NOBU" "Norton Online Backup Service" "Symantec Corporation" "c:\program files (x86)\symantec\norton online backup\nobuagent.exe"
+ "nSvcIp" "NVIDIA Corporation" "" "c:\program files\nvidia corporation\networkaccessmanager\bin32\nsvcip.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "sftlist" "Streams and manages applications." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftlist.exe"
+ "sftvsa" "Monitors global service events and launches virtual services." "Microsoft Corporation" "c:\program files (x86)\microsoft application virtualization client\sftvsa.exe"
+ "Sony SCSI Helper Service" "SCSI Helper Service" "Sony Corporation" "c:\program files (x86)\common files\sony shared\fsk\sonyscsihelperservice.exe"
+ "Updater Service" "Updater Service" "Acer Group" "c:\program files\emachines\emachines updater\updaterservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "libusb0" "LibUSB-Win32 - Kernel Driver" "http://libusb-win32.sourceforge.net" "c:\windows\system32\drivers\libusb0.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NVENETFD" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 258.96 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NVNET" "NVIDIA MCP Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvmf6264.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "nvstor64" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor64.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecp.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
+ "vidc.XVID" "" "" "c:\windows\syswow64\xvidvfw.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "AC3Filter" "ac3filter" "" "c:\windows\syswow64\ac3filter.ax"
+ "APE DirectShow Filter" "" "Matthew T. Ashland (adopted from RadLight plugin)" "c:\program files (x86)\monkey's audio\ape.ax"
+ "Canon DES Resizer SaveMode" "CanonDESResizer" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex\program\canondesresizer.ax"
+ "Canon G.726 Decoder" "Canon G.726 Decoder" "Canon Inc." "c:\program files (x86)\canon\g726decoder\canong726decoder.ax"
+ "Canon Image Rotation Filter 1.1" "Canon Image Rotation Filter " "Canon Inc." "c:\program files (x86)\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder" "Canon MDP Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder" "Canon Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex\program\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder" "Motion-JPEG Encoder Filter" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex\program\canonmjpegencoder.ax"
+ "Canon Resizer" "CanonResizer" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex\program\canonresizer.ax"
+ "Canon Text Source Filter" "Canon Text Source Filter" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex\program\canontextsourcefilter.ax"
+ "Canon WAV Dest" "CanonWavDest" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex\program\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter" "CanonActualDataLengthSetter" "Canon Inc." "c:\program files (x86)\canon\zoombrowser ex\program\canonactualdatalengthsetter.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Cucusoft DataExtractor" "" "" "File not found: C:\Program Files (x86)\Cucusoft\avi-dvd-pro\DataExt.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "Extractor" "Stream Data Extractor Filter" "Sony Corporation" "c:\program files (x86)\common files\sony shared\fsk\extractor.ax"
+ "ffdshow Audio Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\windows\syswow64\ffdshow.ax"
+ "ffdshow MPEG-4 Video Decoder" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\windows\syswow64\ffdshow.ax"
+ "ffdshow raw video filter" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\windows\syswow64\ffdshow.ax"
+ "ffdshow VFW decoder helper" "DirectShow and VFW video and audio decoding/encoding/processing filter" "" "c:\windows\syswow64\ffdshow.ax"
+ "MainConcept MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
+ "MainConcept Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept GmbH" "c:\program files (x86)\divx\divx transcode engine\plugins\mc_demux_mp2_ds.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codecx.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "c:\program files (x86)\canon\camerawindow\mycamera\pswavdes.ax"
+ "QTSrc" "CLQTSrc" "Cyberlink" "c:\program files (x86)\cucusoft\avi-dvd-pro\filter\quicktime.dll"
+ "RealAudio Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\cucusoft\avi-dvd-pro\filter\realmedia.dll"
+ "RealMedia Source" "RealMedia Splitter" "Gabest" "c:\program files (x86)\cucusoft\avi-dvd-pro\filter\realmedia.dll"
+ "RealMedia Splitter" "RealMedia Splitter" "Gabest" "c:\program files (x86)\cucusoft\avi-dvd-pro\filter\realmedia.dll"
+ "RealVideo Decoder" "RealMedia Splitter" "Gabest" "c:\program files (x86)\cucusoft\avi-dvd-pro\filter\realmedia.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\syswow64\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP 5912 Status Monitor" "Print Status Language Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpinksts5912lm.dll"
+ "HP Discovery Port Monitor (HP Officejet Pro 8600)" "HP Discovery Port Monitor" "Hewlett-Packard Co." "c:\windows\system32\hpdiscopm5912.dll"

#15 octagonproplex

octagonproplex
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 12 January 2013 - 05:40 AM

I want to report additionally that the skin backgrounds on webpages are now blank white and bare. They're not showing up.

Also the icons on my desktop seem slightly squeezed looking and the mouse curser feels slightly different. Perhaps I can adjust those back to the way they were previously???

Microsoft Security Essentials is now back online and the sound is working.

Upon restarting into normal windows (out of safemode), Windows would not startup until I unplugged my external drive from the computer for some reason...?

Edited by octagonproplex, 12 January 2013 - 11:53 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users