Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Redirects


  • Please log in to reply
24 replies to this topic

#1 letominator

letominator

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 27 January 2013 - 10:31 AM

Started getting random google redirects. At first went to askjeeves.uk & others (including searchgroovy). Now, it tends to go to an invalid (e.g. page cannot be found) via mnstr2.com, but hovering over the back button shows a link to www.akkreditivsearch.net.

Scanned with avast, found some stuff... Ran on reboot, deleted all found. Still a problem.

Ran combofix. Found something. Rebooted...Still an issue.

Ran mbam. Only found a file from combofix (in the qoobox folder).

Ran TDSSKiller...nothing found.

Ran ESet. It found something. Rebooted.

Ran again... Found "a variant of win32/agent.ujk trojan" but nothing cleaned...

Now, I'm getting a lot of closing (e.g. Internet Explorer encountered a problem), and my history bar shows akkreditivsearch, although I haven't hit the mnstr2 or akkreditivsearch pages while searching.

So...um...help?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:47 AM

Posted 27 January 2013 - 10:37 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 27 January 2013 - 11:31 AM

Oh, latest redirect goes to beesq...

#4 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 03:43 AM

First: TDSS

02:37:34.0145 3692 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
02:37:34.0726 3692 ============================================================
02:37:34.0726 3692 Current date / time: 2013/01/28 02:37:34.0726
02:37:34.0726 3692 SystemInfo:
02:37:34.0726 3692
02:37:34.0726 3692 OS Version: 6.1.7601 ServicePack: 1.0
02:37:34.0726 3692 Product type: Workstation
02:37:34.0727 3692 ComputerName: THOMASMORRIS-PC
02:37:34.0727 3692 UserName: Thomas Morris
02:37:34.0727 3692 Windows directory: C:\windows
02:37:34.0727 3692 System windows directory: C:\windows
02:37:34.0727 3692 Running under WOW64
02:37:34.0727 3692 Processor architecture: Intel x64
02:37:34.0727 3692 Number of processors: 4
02:37:34.0727 3692 Page size: 0x1000
02:37:34.0727 3692 Boot type: Normal boot
02:37:34.0728 3692 ============================================================
02:37:36.0068 3692 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
02:37:36.0075 3692 ============================================================
02:37:36.0075 3692 \Device\Harddisk0\DR0:
02:37:36.0076 3692 MBR partitions:
02:37:36.0076 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38603800
02:37:36.0076 3692 ============================================================
02:37:36.0122 3692 C: <-> \Device\Harddisk0\DR0\Partition1
02:37:36.0122 3692 ============================================================
02:37:36.0123 3692 Initialize success
02:37:36.0123 3692 ============================================================
02:38:06.0431 6544 ============================================================
02:38:06.0431 6544 Scan started
02:38:06.0431 6544 Mode: Manual; TDLFS;
02:38:06.0431 6544 ============================================================
02:38:07.0717 6544 ================ Scan system memory ========================
02:38:07.0717 6544 System memory - ok
02:38:07.0717 6544 ================ Scan services =============================
02:38:08.0062 6544 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
02:38:08.0066 6544 1394ohci - ok
02:38:08.0114 6544 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
02:38:08.0119 6544 ACPI - ok
02:38:08.0154 6544 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
02:38:08.0155 6544 AcpiPmi - ok
02:38:08.0262 6544 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
02:38:08.0264 6544 AdobeARMservice - ok
02:38:08.0388 6544 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
02:38:08.0392 6544 AdobeFlashPlayerUpdateSvc - ok
02:38:08.0475 6544 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
02:38:08.0481 6544 adp94xx - ok
02:38:08.0518 6544 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
02:38:08.0523 6544 adpahci - ok
02:38:08.0577 6544 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
02:38:08.0581 6544 adpu320 - ok
02:38:08.0620 6544 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
02:38:08.0622 6544 AeLookupSvc - ok
02:38:08.0702 6544 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
02:38:08.0710 6544 AFD - ok
02:38:08.0809 6544 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
02:38:08.0812 6544 agp440 - ok
02:38:08.0889 6544 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
02:38:08.0891 6544 ALG - ok
02:38:08.0963 6544 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
02:38:08.0964 6544 aliide - ok
02:38:08.0993 6544 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
02:38:08.0996 6544 amdide - ok
02:38:09.0115 6544 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
02:38:09.0118 6544 AmdK8 - ok
02:38:09.0141 6544 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
02:38:09.0143 6544 AmdPPM - ok
02:38:09.0202 6544 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
02:38:09.0205 6544 amdsata - ok
02:38:09.0248 6544 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
02:38:09.0251 6544 amdsbs - ok
02:38:09.0277 6544 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
02:38:09.0279 6544 amdxata - ok
02:38:09.0317 6544 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
02:38:09.0320 6544 AppID - ok
02:38:09.0366 6544 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
02:38:09.0369 6544 AppIDSvc - ok
02:38:09.0401 6544 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
02:38:09.0402 6544 Appinfo - ok
02:38:09.0445 6544 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
02:38:09.0447 6544 Apple Mobile Device - ok
02:38:09.0533 6544 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
02:38:09.0535 6544 arc - ok
02:38:09.0574 6544 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
02:38:09.0577 6544 arcsas - ok
02:38:09.0784 6544 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
02:38:09.0788 6544 aspnet_state - ok
02:38:09.0846 6544 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
02:38:09.0847 6544 aswFsBlk - ok
02:38:09.0919 6544 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
02:38:09.0921 6544 aswMonFlt - ok
02:38:09.0967 6544 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
02:38:09.0970 6544 aswRdr - ok
02:38:10.0056 6544 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys
02:38:10.0088 6544 aswSnx - ok
02:38:10.0116 6544 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys
02:38:10.0121 6544 aswSP - ok
02:38:10.0139 6544 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
02:38:10.0142 6544 aswTdi - ok
02:38:10.0200 6544 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
02:38:10.0202 6544 AsyncMac - ok
02:38:10.0222 6544 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
02:38:10.0223 6544 atapi - ok
02:38:10.0317 6544 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
02:38:10.0326 6544 AudioEndpointBuilder - ok
02:38:10.0342 6544 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
02:38:10.0347 6544 AudioSrv - ok
02:38:10.0435 6544 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
02:38:10.0438 6544 avast! Antivirus - ok
02:38:10.0488 6544 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
02:38:10.0492 6544 AxInstSV - ok
02:38:10.0539 6544 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
02:38:10.0546 6544 b06bdrv - ok
02:38:10.0574 6544 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
02:38:10.0580 6544 b57nd60a - ok
02:38:10.0675 6544 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
02:38:10.0679 6544 BDESVC - ok
02:38:10.0742 6544 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
02:38:10.0744 6544 Beep - ok
02:38:10.0855 6544 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
02:38:10.0864 6544 BFE - ok
02:38:10.0937 6544 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
02:38:11.0072 6544 BITS - ok
02:38:11.0113 6544 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
02:38:11.0116 6544 blbdrive - ok
02:38:11.0197 6544 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
02:38:11.0204 6544 Bonjour Service - ok
02:38:11.0252 6544 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
02:38:11.0255 6544 bowser - ok
02:38:11.0337 6544 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
02:38:11.0339 6544 BrFiltLo - ok
02:38:11.0370 6544 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
02:38:11.0373 6544 BrFiltUp - ok
02:38:11.0393 6544 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
02:38:11.0396 6544 BridgeMP - ok
02:38:11.0431 6544 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
02:38:11.0435 6544 Browser - ok
02:38:11.0467 6544 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
02:38:11.0474 6544 Brserid - ok
02:38:11.0493 6544 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
02:38:11.0496 6544 BrSerWdm - ok
02:38:11.0537 6544 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
02:38:11.0539 6544 BrUsbMdm - ok
02:38:11.0551 6544 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
02:38:11.0553 6544 BrUsbSer - ok
02:38:11.0578 6544 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
02:38:11.0581 6544 BTHMODEM - ok
02:38:11.0632 6544 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
02:38:11.0635 6544 bthserv - ok
02:38:11.0682 6544 catchme - ok
02:38:11.0737 6544 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
02:38:11.0740 6544 cdfs - ok
02:38:11.0773 6544 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
02:38:11.0776 6544 cdrom - ok
02:38:11.0853 6544 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
02:38:11.0856 6544 CertPropSvc - ok
02:38:11.0937 6544 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
02:38:11.0939 6544 circlass - ok
02:38:12.0026 6544 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
02:38:12.0033 6544 CLFS - ok
02:38:12.0138 6544 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:38:12.0140 6544 clr_optimization_v2.0.50727_32 - ok
02:38:12.0186 6544 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
02:38:12.0189 6544 clr_optimization_v2.0.50727_64 - ok
02:38:12.0329 6544 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
02:38:12.0332 6544 clr_optimization_v4.0.30319_32 - ok
02:38:12.0393 6544 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
02:38:12.0397 6544 clr_optimization_v4.0.30319_64 - ok
02:38:12.0532 6544 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
02:38:12.0535 6544 CmBatt - ok
02:38:12.0592 6544 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
02:38:12.0594 6544 cmdide - ok
02:38:12.0707 6544 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
02:38:12.0713 6544 CNG - ok
02:38:12.0777 6544 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
02:38:12.0780 6544 Compbatt - ok
02:38:12.0878 6544 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
02:38:12.0880 6544 CompositeBus - ok
02:38:12.0899 6544 COMSysApp - ok
02:38:12.0989 6544 [ 723E3512D6D1FF75E5398981B38FCEF7 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
02:38:12.0996 6544 cphs - ok
02:38:13.0036 6544 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
02:38:13.0037 6544 crcdisk - ok
02:38:13.0131 6544 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
02:38:13.0136 6544 CryptSvc - ok
02:38:13.0225 6544 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
02:38:13.0238 6544 DcomLaunch - ok
02:38:13.0283 6544 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
02:38:13.0288 6544 defragsvc - ok
02:38:13.0347 6544 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
02:38:13.0349 6544 DfsC - ok
02:38:13.0374 6544 DgiVecp - ok
02:38:13.0443 6544 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
02:38:13.0450 6544 Dhcp - ok
02:38:13.0480 6544 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
02:38:13.0482 6544 discache - ok
02:38:13.0533 6544 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
02:38:13.0536 6544 Disk - ok
02:38:13.0615 6544 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
02:38:13.0618 6544 Dnscache - ok
02:38:13.0653 6544 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
02:38:13.0658 6544 dot3svc - ok
02:38:13.0667 6544 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
02:38:13.0673 6544 DPS - ok
02:38:13.0710 6544 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
02:38:13.0711 6544 drmkaud - ok
02:38:13.0791 6544 [ ED5B31FFC64B9305DDB468701E4019A0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
02:38:13.0802 6544 DXGKrnl - ok
02:38:13.0833 6544 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
02:38:13.0836 6544 EapHost - ok
02:38:14.0106 6544 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
02:38:14.0191 6544 ebdrv - ok
02:38:14.0253 6544 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
02:38:14.0258 6544 EFS - ok
02:38:14.0365 6544 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
02:38:14.0374 6544 ehRecvr - ok
02:38:14.0390 6544 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
02:38:14.0394 6544 ehSched - ok
02:38:14.0443 6544 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
02:38:14.0452 6544 elxstor - ok
02:38:14.0470 6544 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
02:38:14.0473 6544 ErrDev - ok
02:38:14.0555 6544 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
02:38:14.0562 6544 EventSystem - ok
02:38:14.0602 6544 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
02:38:14.0605 6544 exfat - ok
02:38:14.0805 6544 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
02:38:14.0819 6544 fastfat - ok
02:38:14.0923 6544 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
02:38:14.0933 6544 Fax - ok
02:38:15.0134 6544 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
02:38:15.0137 6544 fdc - ok
02:38:15.0234 6544 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
02:38:15.0447 6544 fdPHost - ok
02:38:15.0484 6544 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
02:38:15.0487 6544 FDResPub - ok
02:38:15.0525 6544 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
02:38:15.0528 6544 FileInfo - ok
02:38:15.0547 6544 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
02:38:15.0551 6544 Filetrace - ok
02:38:15.0634 6544 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
02:38:15.0636 6544 flpydisk - ok
02:38:15.0687 6544 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
02:38:15.0693 6544 FltMgr - ok
02:38:15.0867 6544 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
02:38:15.0889 6544 FontCache - ok
02:38:15.0989 6544 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
02:38:15.0990 6544 FontCache3.0.0.0 - ok
02:38:16.0009 6544 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
02:38:16.0013 6544 FsDepends - ok
02:38:16.0055 6544 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
02:38:16.0058 6544 Fs_Rec - ok
02:38:16.0113 6544 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
02:38:16.0117 6544 fvevol - ok
02:38:16.0195 6544 [ 60ACB128E64C35C2B4E4AAB1B0A5C293 ] FwLnk C:\windows\system32\DRIVERS\FwLnk.sys
02:38:16.0204 6544 FwLnk - ok
02:38:16.0230 6544 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
02:38:16.0233 6544 gagp30kx - ok
02:38:16.0270 6544 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
02:38:16.0271 6544 GEARAspiWDM - ok
02:38:16.0372 6544 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
02:38:16.0384 6544 gpsvc - ok
02:38:16.0560 6544 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:38:16.0573 6544 gupdate - ok
02:38:16.0628 6544 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
02:38:16.0630 6544 gupdatem - ok
02:38:16.0694 6544 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
02:38:16.0700 6544 gusvc - ok
02:38:16.0762 6544 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
02:38:16.0763 6544 hcw85cir - ok
02:38:16.0815 6544 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
02:38:16.0820 6544 HdAudAddService - ok
02:38:16.0856 6544 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
02:38:16.0858 6544 HDAudBus - ok
02:38:16.0878 6544 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
02:38:16.0880 6544 HidBatt - ok
02:38:16.0924 6544 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
02:38:16.0927 6544 HidBth - ok
02:38:16.0950 6544 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
02:38:16.0954 6544 HidIr - ok
02:38:16.0988 6544 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
02:38:16.0992 6544 hidserv - ok
02:38:17.0026 6544 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
02:38:17.0027 6544 HidUsb - ok
02:38:17.0049 6544 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
02:38:17.0054 6544 hkmsvc - ok
02:38:17.0061 6544 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
02:38:17.0068 6544 HomeGroupListener - ok
02:38:17.0105 6544 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
02:38:17.0111 6544 HomeGroupProvider - ok
02:38:17.0140 6544 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
02:38:17.0161 6544 HpSAMD - ok
02:38:17.0206 6544 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
02:38:17.0216 6544 HTTP - ok
02:38:17.0233 6544 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
02:38:17.0234 6544 hwpolicy - ok
02:38:17.0251 6544 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
02:38:17.0255 6544 i8042prt - ok
02:38:17.0308 6544 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
02:38:17.0314 6544 iaStor - ok
02:38:17.0349 6544 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
02:38:17.0356 6544 iaStorV - ok
02:38:17.0408 6544 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
02:38:17.0421 6544 idsvc - ok
02:38:18.0264 6544 [ 9AA61DC7AA32C1D1260C4267FF07E0C1 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
02:38:18.0584 6544 igfx - ok
02:38:18.0614 6544 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
02:38:18.0615 6544 iirsp - ok
02:38:18.0716 6544 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
02:38:18.0728 6544 IKEEXT - ok
02:38:18.0973 6544 [ F242E36CDA231701CFA702641C20FAEC ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
02:38:19.0105 6544 IntcAzAudAddService - ok
02:38:19.0193 6544 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
02:38:19.0198 6544 IntcDAud - ok
02:38:19.0281 6544 [ 7C76466F4E0F76CE259C6005D161E9E8 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
02:38:19.0290 6544 Intel® Capability Licensing Service Interface - ok
02:38:19.0335 6544 [ D7467E57549960468E0CA85C17185B12 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
02:38:19.0337 6544 Intel® ME Service - ok
02:38:19.0366 6544 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
02:38:19.0367 6544 intelide - ok
02:38:19.0406 6544 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
02:38:19.0409 6544 intelppm - ok
02:38:19.0444 6544 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
02:38:19.0449 6544 IPBusEnum - ok
02:38:19.0480 6544 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
02:38:19.0484 6544 IpFilterDriver - ok
02:38:19.0525 6544 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
02:38:19.0537 6544 iphlpsvc - ok
02:38:19.0556 6544 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
02:38:19.0558 6544 IPMIDRV - ok
02:38:19.0599 6544 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
02:38:19.0603 6544 IPNAT - ok
02:38:19.0725 6544 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
02:38:19.0740 6544 iPod Service - ok
02:38:19.0773 6544 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
02:38:19.0774 6544 IRENUM - ok
02:38:19.0809 6544 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
02:38:19.0811 6544 isapnp - ok
02:38:19.0858 6544 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
02:38:19.0864 6544 iScsiPrt - ok
02:38:19.0902 6544 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
02:38:19.0904 6544 iusb3hcs - ok
02:38:19.0927 6544 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
02:38:19.0933 6544 iusb3hub - ok
02:38:20.0073 6544 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
02:38:20.0086 6544 iusb3xhc - ok
02:38:20.0160 6544 [ 604A8615BB3D7064197A0563C799B938 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
02:38:20.0163 6544 jhi_service - ok
02:38:20.0207 6544 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
02:38:20.0209 6544 kbdclass - ok
02:38:20.0267 6544 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
02:38:20.0271 6544 kbdhid - ok
02:38:20.0309 6544 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
02:38:20.0312 6544 KeyIso - ok
02:38:20.0353 6544 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
02:38:20.0355 6544 KSecDD - ok
02:38:20.0382 6544 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
02:38:20.0386 6544 KSecPkg - ok
02:38:20.0422 6544 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
02:38:20.0424 6544 ksthunk - ok
02:38:20.0524 6544 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
02:38:20.0532 6544 KtmRm - ok
02:38:20.0601 6544 [ 3CE6A9BEF066BF9488E6BC4D6C62F77E ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
02:38:20.0604 6544 L1C - ok
02:38:20.0663 6544 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
02:38:20.0695 6544 LanmanServer - ok
02:38:20.0751 6544 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
02:38:20.0760 6544 LanmanWorkstation - ok
02:38:20.0824 6544 [ 02538E602280C07438C94489DCBE77D5 ] libusb0 C:\windows\system32\DRIVERS\libusb0.sys
02:38:20.0827 6544 libusb0 - ok
02:38:20.0878 6544 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
02:38:20.0882 6544 lltdio - ok
02:38:20.0972 6544 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
02:38:20.0979 6544 lltdsvc - ok
02:38:21.0001 6544 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
02:38:21.0004 6544 lmhosts - ok
02:38:21.0095 6544 [ AB41542FA180CB3317F597ED7E7D5C5D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
02:38:21.0101 6544 LMS - ok
02:38:21.0156 6544 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
02:38:21.0158 6544 LSI_FC - ok
02:38:21.0186 6544 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
02:38:21.0189 6544 LSI_SAS - ok
02:38:21.0238 6544 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
02:38:21.0240 6544 LSI_SAS2 - ok
02:38:21.0257 6544 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
02:38:21.0260 6544 LSI_SCSI - ok
02:38:21.0313 6544 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
02:38:21.0315 6544 luafv - ok
02:38:21.0356 6544 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
02:38:21.0360 6544 Mcx2Svc - ok
02:38:21.0480 6544 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
02:38:21.0487 6544 MDM - ok
02:38:21.0521 6544 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
02:38:21.0523 6544 megasas - ok
02:38:21.0601 6544 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
02:38:21.0606 6544 MegaSR - ok
02:38:21.0723 6544 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
02:38:21.0726 6544 MEIx64 - ok
02:38:21.0816 6544 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
02:38:21.0820 6544 MMCSS - ok
02:38:21.0865 6544 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
02:38:21.0868 6544 Modem - ok
02:38:21.0902 6544 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
02:38:21.0904 6544 monitor - ok
02:38:21.0927 6544 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
02:38:21.0930 6544 mouclass - ok
02:38:21.0985 6544 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
02:38:21.0988 6544 mouhid - ok
02:38:22.0039 6544 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
02:38:22.0045 6544 mountmgr - ok
02:38:22.0063 6544 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
02:38:22.0067 6544 mpio - ok
02:38:22.0075 6544 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
02:38:22.0078 6544 mpsdrv - ok
02:38:22.0136 6544 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
02:38:22.0150 6544 MpsSvc - ok
02:38:22.0183 6544 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
02:38:22.0185 6544 MRxDAV - ok
02:38:22.0232 6544 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
02:38:22.0238 6544 mrxsmb - ok
02:38:22.0292 6544 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
02:38:22.0296 6544 mrxsmb10 - ok
02:38:22.0307 6544 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
02:38:22.0314 6544 mrxsmb20 - ok
02:38:22.0323 6544 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
02:38:22.0324 6544 msahci - ok
02:38:22.0340 6544 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
02:38:22.0344 6544 msdsm - ok
02:38:22.0383 6544 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
02:38:22.0388 6544 MSDTC - ok
02:38:22.0459 6544 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
02:38:22.0463 6544 Msfs - ok
02:38:22.0480 6544 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
02:38:22.0483 6544 mshidkmdf - ok
02:38:22.0489 6544 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
02:38:22.0493 6544 msisadrv - ok
02:38:22.0532 6544 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
02:38:22.0537 6544 MSiSCSI - ok
02:38:22.0544 6544 msiserver - ok
02:38:22.0626 6544 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
02:38:22.0628 6544 MSKSSRV - ok
02:38:22.0646 6544 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
02:38:22.0647 6544 MSPCLOCK - ok
02:38:22.0666 6544 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
02:38:22.0667 6544 MSPQM - ok
02:38:22.0712 6544 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
02:38:22.0718 6544 MsRPC - ok
02:38:22.0733 6544 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
02:38:22.0736 6544 mssmbios - ok
02:38:22.0772 6544 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
02:38:22.0773 6544 MSTEE - ok
02:38:22.0794 6544 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
02:38:22.0796 6544 MTConfig - ok
02:38:22.0809 6544 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
02:38:22.0834 6544 Mup - ok
02:38:22.0892 6544 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
02:38:22.0903 6544 napagent - ok
02:38:22.0972 6544 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
02:38:22.0978 6544 NativeWifiP - ok
02:38:23.0051 6544 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\windows\system32\drivers\ndis.sys
02:38:23.0065 6544 NDIS - ok
02:38:23.0118 6544 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
02:38:23.0121 6544 NdisCap - ok
02:38:23.0168 6544 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
02:38:23.0172 6544 NdisTapi - ok
02:38:23.0212 6544 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
02:38:23.0214 6544 Ndisuio - ok
02:38:23.0227 6544 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
02:38:23.0230 6544 NdisWan - ok
02:38:23.0237 6544 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
02:38:23.0240 6544 NDProxy - ok
02:38:23.0295 6544 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
02:38:23.0297 6544 NetBIOS - ok
02:38:23.0326 6544 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
02:38:23.0331 6544 NetBT - ok
02:38:23.0353 6544 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
02:38:23.0357 6544 Netlogon - ok
02:38:23.0429 6544 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
02:38:23.0438 6544 Netman - ok
02:38:23.0465 6544 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:38:23.0468 6544 NetMsmqActivator - ok
02:38:23.0499 6544 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:38:23.0502 6544 NetPipeActivator - ok
02:38:23.0549 6544 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
02:38:23.0558 6544 netprofm - ok
02:38:23.0576 6544 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:38:23.0578 6544 NetTcpActivator - ok
02:38:23.0586 6544 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
02:38:23.0588 6544 NetTcpPortSharing - ok
02:38:23.0630 6544 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
02:38:23.0633 6544 nfrd960 - ok
02:38:23.0712 6544 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
02:38:23.0719 6544 NlaSvc - ok
02:38:23.0754 6544 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
02:38:23.0757 6544 Npfs - ok
02:38:23.0772 6544 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
02:38:23.0778 6544 nsi - ok
02:38:23.0809 6544 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
02:38:23.0811 6544 nsiproxy - ok
02:38:23.0910 6544 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
02:38:23.0931 6544 Ntfs - ok
02:38:24.0005 6544 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
02:38:24.0006 6544 Null - ok
02:38:24.0030 6544 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
02:38:24.0034 6544 nvraid - ok
02:38:24.0070 6544 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
02:38:24.0073 6544 nvstor - ok
02:38:24.0133 6544 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
02:38:24.0137 6544 nv_agp - ok
02:38:24.0164 6544 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
02:38:24.0166 6544 ohci1394 - ok
02:38:24.0217 6544 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
02:38:24.0219 6544 ose - ok
02:38:24.0287 6544 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
02:38:24.0294 6544 p2pimsvc - ok
02:38:24.0359 6544 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
02:38:24.0370 6544 p2psvc - ok
02:38:24.0397 6544 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
02:38:24.0400 6544 Parport - ok
02:38:24.0437 6544 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
02:38:24.0440 6544 partmgr - ok
02:38:24.0520 6544 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
02:38:24.0528 6544 PcaSvc - ok
02:38:24.0614 6544 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
02:38:24.0616 6544 PCCUJobMgr - ok
02:38:24.0677 6544 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
02:38:24.0682 6544 pci - ok
02:38:24.0691 6544 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
02:38:24.0695 6544 pciide - ok
02:38:24.0726 6544 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
02:38:24.0734 6544 pcmcia - ok
02:38:24.0740 6544 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
02:38:24.0742 6544 pcw - ok
02:38:24.0781 6544 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
02:38:24.0806 6544 PEAUTH - ok
02:38:24.0909 6544 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
02:38:24.0915 6544 PerfHost - ok
02:38:25.0027 6544 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
02:38:25.0029 6544 PGEffect - ok
02:38:25.0140 6544 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
02:38:25.0163 6544 pla - ok
02:38:25.0236 6544 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
02:38:25.0245 6544 PlugPlay - ok
02:38:25.0269 6544 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
02:38:25.0275 6544 PNRPAutoReg - ok
02:38:25.0298 6544 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
02:38:25.0304 6544 PNRPsvc - ok
02:38:25.0425 6544 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
02:38:25.0435 6544 PolicyAgent - ok
02:38:25.0482 6544 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
02:38:25.0489 6544 Power - ok
02:38:25.0540 6544 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
02:38:25.0544 6544 PptpMiniport - ok
02:38:25.0568 6544 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
02:38:25.0571 6544 Processor - ok
02:38:25.0612 6544 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
02:38:25.0619 6544 ProfSvc - ok
02:38:25.0653 6544 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
02:38:25.0657 6544 ProtectedStorage - ok
02:38:25.0707 6544 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
02:38:25.0712 6544 Psched - ok
02:38:25.0816 6544 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
02:38:25.0835 6544 ql2300 - ok
02:38:25.0871 6544 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
02:38:25.0875 6544 ql40xx - ok
02:38:25.0914 6544 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
02:38:25.0922 6544 QWAVE - ok
02:38:25.0946 6544 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
02:38:25.0948 6544 QWAVEdrv - ok
02:38:26.0015 6544 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
02:38:26.0017 6544 RasAcd - ok
02:38:26.0100 6544 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
02:38:26.0103 6544 RasAgileVpn - ok
02:38:26.0137 6544 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
02:38:26.0144 6544 RasAuto - ok
02:38:26.0171 6544 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
02:38:26.0174 6544 Rasl2tp - ok
02:38:26.0206 6544 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
02:38:26.0215 6544 RasMan - ok
02:38:26.0225 6544 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
02:38:26.0228 6544 RasPppoe - ok
02:38:26.0257 6544 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
02:38:26.0260 6544 RasSstp - ok
02:38:26.0295 6544 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
02:38:26.0316 6544 rdbss - ok
02:38:26.0336 6544 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
02:38:26.0339 6544 rdpbus - ok
02:38:26.0368 6544 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
02:38:26.0370 6544 RDPCDD - ok
02:38:26.0383 6544 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
02:38:26.0384 6544 RDPENCDD - ok
02:38:26.0413 6544 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
02:38:26.0416 6544 RDPREFMP - ok
02:38:26.0454 6544 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
02:38:26.0458 6544 RDPWD - ok
02:38:26.0517 6544 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
02:38:26.0521 6544 rdyboost - ok
02:38:26.0560 6544 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
02:38:26.0566 6544 RemoteAccess - ok
02:38:26.0597 6544 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
02:38:26.0606 6544 RemoteRegistry - ok
02:38:26.0635 6544 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
02:38:26.0642 6544 RpcEptMapper - ok
02:38:26.0671 6544 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
02:38:26.0677 6544 RpcLocator - ok
02:38:26.0714 6544 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
02:38:26.0724 6544 RpcSs - ok
02:38:26.0773 6544 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
02:38:26.0775 6544 rspndr - ok
02:38:26.0831 6544 [ 36FCA0C67BCDC0DA047F5F36743B5CB9 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
02:38:26.0835 6544 RSUSBVSTOR - ok
02:38:26.0874 6544 [ F33E70E48A54A7A1BFBEEB4F3B273E4A ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
02:38:26.0890 6544 RTL8192Ce - ok
02:38:26.0931 6544 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
02:38:26.0936 6544 SamSs - ok
02:38:27.0019 6544 [ B136E29C89CD7234DEC1A4104E5D30CC ] Samsung UPD Service2 C:\windows\System32\SUPDSvc2.exe
02:38:27.0029 6544 Samsung UPD Service2 - ok
02:38:27.0069 6544 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
02:38:27.0072 6544 sbp2port - ok
02:38:27.0116 6544 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
02:38:27.0127 6544 SCardSvr - ok
02:38:27.0152 6544 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
02:38:27.0156 6544 scfilter - ok
02:38:27.0204 6544 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
02:38:27.0228 6544 Schedule - ok
02:38:27.0265 6544 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
02:38:27.0267 6544 SCPolicySvc - ok
02:38:27.0316 6544 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
02:38:27.0348 6544 SDRSVC - ok
02:38:27.0373 6544 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
02:38:27.0403 6544 secdrv - ok
02:38:27.0448 6544 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
02:38:27.0453 6544 seclogon - ok
02:38:27.0477 6544 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
02:38:27.0483 6544 SENS - ok
02:38:27.0562 6544 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
02:38:27.0570 6544 SensrSvc - ok
02:38:27.0635 6544 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
02:38:27.0637 6544 Serenum - ok
02:38:27.0687 6544 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
02:38:27.0690 6544 Serial - ok
02:38:27.0698 6544 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
02:38:27.0701 6544 sermouse - ok
02:38:27.0755 6544 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
02:38:27.0762 6544 SessionEnv - ok
02:38:27.0812 6544 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
02:38:27.0813 6544 sffdisk - ok
02:38:27.0820 6544 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
02:38:27.0822 6544 sffp_mmc - ok
02:38:27.0833 6544 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
02:38:27.0835 6544 sffp_sd - ok
02:38:27.0856 6544 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
02:38:27.0859 6544 sfloppy - ok
02:38:27.0905 6544 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
02:38:27.0911 6544 SharedAccess - ok
02:38:27.0983 6544 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
02:38:27.0992 6544 ShellHWDetection - ok
02:38:28.0020 6544 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
02:38:28.0022 6544 SiSRaid2 - ok
02:38:28.0074 6544 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
02:38:28.0077 6544 SiSRaid4 - ok
02:38:28.0127 6544 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
02:38:28.0131 6544 Smb - ok
02:38:28.0199 6544 [ E922286ED6677104AEBB210B9F0BF6F3 ] SmbDrv C:\windows\system32\DRIVERS\Smb_driver.sys
02:38:28.0202 6544 SmbDrv - ok
02:38:28.0261 6544 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
02:38:28.0267 6544 SNMPTRAP - ok
02:38:28.0295 6544 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
02:38:28.0297 6544 spldr - ok
02:38:28.0382 6544 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
02:38:28.0394 6544 Spooler - ok
02:38:28.0607 6544 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
02:38:28.0702 6544 sppsvc - ok
02:38:28.0730 6544 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
02:38:28.0735 6544 sppuinotify - ok
02:38:28.0781 6544 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
02:38:28.0790 6544 srv - ok
02:38:28.0803 6544 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
02:38:28.0811 6544 srv2 - ok
02:38:28.0822 6544 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
02:38:28.0827 6544 srvnet - ok
02:38:28.0899 6544 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
02:38:28.0905 6544 SSDPSRV - ok
02:38:28.0912 6544 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
02:38:28.0917 6544 SstpSvc - ok
02:38:28.0943 6544 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
02:38:28.0944 6544 stexstor - ok
02:38:29.0029 6544 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
02:38:29.0040 6544 stisvc - ok
02:38:29.0072 6544 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
02:38:29.0074 6544 swenum - ok
02:38:29.0119 6544 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
02:38:29.0131 6544 swprv - ok
02:38:29.0253 6544 [ 92F4AFC1FDE7A4CA0C88F9143F4DD323 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
02:38:29.0260 6544 SynTP - ok
02:38:29.0412 6544 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
02:38:29.0480 6544 SysMain - ok
02:38:29.0533 6544 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
02:38:29.0539 6544 TabletInputService - ok
02:38:29.0556 6544 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
02:38:29.0567 6544 TapiSrv - ok
02:38:29.0594 6544 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
02:38:29.0603 6544 TBS - ok
02:38:29.0760 6544 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys
02:38:29.0783 6544 Tcpip - ok
02:38:29.0908 6544 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
02:38:29.0922 6544 TCPIP6 - ok
02:38:29.0985 6544 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
02:38:29.0987 6544 tcpipreg - ok
02:38:30.0033 6544 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
02:38:30.0035 6544 tdcmdpst - ok
02:38:30.0065 6544 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
02:38:30.0067 6544 TDPIPE - ok
02:38:30.0072 6544 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
02:38:30.0073 6544 TDTCP - ok
02:38:30.0084 6544 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
02:38:30.0087 6544 tdx - ok
02:38:30.0143 6544 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
02:38:30.0146 6544 TermDD - ok
02:38:30.0202 6544 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
02:38:30.0215 6544 TermService - ok
02:38:30.0244 6544 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
02:38:30.0249 6544 Themes - ok
02:38:30.0284 6544 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
02:38:30.0290 6544 THREADORDER - ok
02:38:30.0390 6544 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
02:38:30.0393 6544 TMachInfo - ok
02:38:30.0440 6544 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
02:38:30.0448 6544 TODDSrv - ok
02:38:30.0569 6544 [ 4AE80C5F7772C4FB2A762F70AD4A111E ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
02:38:30.0577 6544 TosCoSrv - ok
02:38:30.0701 6544 [ 6E2330FB032ED3EBEFC1349AD7081A98 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
02:38:30.0710 6544 TOSHIBA eco Utility Service - ok
02:38:30.0757 6544 [ 9338C2DEB14CA2804BCB3276CB7EB4FD ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
02:38:30.0761 6544 TOSHIBA HDD SSD Alert Service - ok
02:38:30.0843 6544 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
02:38:30.0848 6544 tos_sps64 - ok
02:38:30.0925 6544 [ 36CDD894395BEC46EFB14F49D77D3D82 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
02:38:30.0935 6544 TPCHSrv - ok
02:38:30.0976 6544 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
02:38:30.0983 6544 TrkWks - ok
02:38:31.0033 6544 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
02:38:31.0037 6544 TrustedInstaller - ok
02:38:31.0077 6544 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
02:38:31.0078 6544 tssecsrv - ok
02:38:31.0130 6544 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
02:38:31.0133 6544 TsUsbFlt - ok
02:38:31.0159 6544 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
02:38:31.0162 6544 TsUsbGD - ok
02:38:31.0187 6544 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
02:38:31.0214 6544 tunnel - ok
02:38:31.0252 6544 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
02:38:31.0254 6544 TVALZ - ok
02:38:31.0326 6544 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
02:38:31.0328 6544 TVALZFL - ok
02:38:31.0358 6544 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
02:38:31.0360 6544 uagp35 - ok
02:38:31.0393 6544 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
02:38:31.0400 6544 udfs - ok
02:38:31.0456 6544 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
02:38:31.0464 6544 UI0Detect - ok
02:38:31.0526 6544 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
02:38:31.0528 6544 uliagpkx - ok
02:38:31.0568 6544 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
02:38:31.0571 6544 umbus - ok
02:38:31.0593 6544 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
02:38:31.0596 6544 UmPass - ok
02:38:31.0723 6544 [ 182BBA1B43898D5DA0938D2E9A526B31 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
02:38:31.0727 6544 UNS - ok
02:38:31.0776 6544 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
02:38:31.0787 6544 upnphost - ok
02:38:31.0891 6544 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
02:38:31.0894 6544 USBAAPL64 - ok
02:38:31.0936 6544 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
02:38:31.0940 6544 usbccgp - ok
02:38:31.0968 6544 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
02:38:31.0971 6544 usbcir - ok
02:38:31.0979 6544 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
02:38:31.0984 6544 usbehci - ok
02:38:31.0995 6544 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
02:38:32.0001 6544 usbhub - ok
02:38:32.0030 6544 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
02:38:32.0034 6544 usbohci - ok
02:38:32.0084 6544 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
02:38:32.0086 6544 usbprint - ok
02:38:32.0110 6544 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
02:38:32.0112 6544 USBSTOR - ok
02:38:32.0131 6544 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
02:38:32.0133 6544 usbuhci - ok
02:38:32.0205 6544 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
02:38:32.0210 6544 usbvideo - ok
02:38:32.0244 6544 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
02:38:32.0250 6544 UxSms - ok
02:38:32.0265 6544 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
02:38:32.0269 6544 VaultSvc - ok
02:38:32.0321 6544 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
02:38:32.0323 6544 vdrvroot - ok
02:38:32.0358 6544 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
02:38:32.0374 6544 vds - ok
02:38:32.0407 6544 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
02:38:32.0408 6544 vga - ok
02:38:32.0438 6544 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
02:38:32.0441 6544 VgaSave - ok
02:38:32.0473 6544 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
02:38:32.0478 6544 vhdmp - ok
02:38:32.0527 6544 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
02:38:32.0530 6544 viaide - ok
02:38:32.0579 6544 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
02:38:32.0583 6544 volmgr - ok
02:38:32.0640 6544 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
02:38:32.0646 6544 volmgrx - ok
02:38:32.0688 6544 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
02:38:32.0693 6544 volsnap - ok
02:38:32.0724 6544 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
02:38:32.0729 6544 vsmraid - ok
02:38:32.0816 6544 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
02:38:32.0842 6544 VSS - ok
02:38:32.0864 6544 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
02:38:32.0870 6544 vwifibus - ok
02:38:32.0909 6544 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
02:38:32.0911 6544 vwififlt - ok
02:38:32.0994 6544 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
02:38:33.0003 6544 W32Time - ok
02:38:33.0037 6544 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
02:38:33.0040 6544 WacomPen - ok
02:38:33.0089 6544 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
02:38:33.0092 6544 WANARP - ok
02:38:33.0102 6544 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
02:38:33.0104 6544 Wanarpv6 - ok
02:38:33.0247 6544 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
02:38:33.0282 6544 WatAdminSvc - ok
02:38:33.0366 6544 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
02:38:33.0395 6544 wbengine - ok
02:38:33.0439 6544 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
02:38:33.0446 6544 WbioSrvc - ok
02:38:33.0473 6544 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
02:38:33.0483 6544 wcncsvc - ok
02:38:33.0519 6544 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
02:38:33.0530 6544 WcsPlugInService - ok
02:38:33.0540 6544 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
02:38:33.0542 6544 Wd - ok
02:38:33.0635 6544 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
02:38:33.0645 6544 Wdf01000 - ok
02:38:33.0674 6544 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
02:38:33.0681 6544 WdiServiceHost - ok
02:38:33.0691 6544 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
02:38:33.0698 6544 WdiSystemHost - ok
02:38:33.0756 6544 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
02:38:33.0764 6544 WebClient - ok
02:38:33.0812 6544 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
02:38:33.0824 6544 Wecsvc - ok
02:38:33.0869 6544 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
02:38:33.0877 6544 wercplsupport - ok
02:38:33.0884 6544 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
02:38:33.0890 6544 WerSvc - ok
02:38:33.0920 6544 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
02:38:33.0924 6544 WfpLwf - ok
02:38:33.0970 6544 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
02:38:33.0974 6544 WIMMount - ok
02:38:33.0996 6544 WinDefend - ok
02:38:34.0013 6544 WinHttpAutoProxySvc - ok
02:38:34.0092 6544 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
02:38:34.0096 6544 Winmgmt - ok
02:38:34.0250 6544 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
02:38:34.0341 6544 WinRM - ok
02:38:34.0806 6544 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
02:38:34.0808 6544 WinUsb - ok
02:38:34.0894 6544 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
02:38:34.0911 6544 Wlansvc - ok
02:38:34.0969 6544 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
02:38:34.0973 6544 wlcrasvc - ok
02:38:35.0283 6544 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
02:38:35.0336 6544 wlidsvc - ok
02:38:35.0370 6544 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
02:38:35.0374 6544 WmiAcpi - ok
02:38:35.0411 6544 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
02:38:35.0415 6544 wmiApSrv - ok
02:38:35.0475 6544 WMPNetworkSvc - ok
02:38:35.0514 6544 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
02:38:35.0520 6544 WPCSvc - ok
02:38:35.0561 6544 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
02:38:35.0569 6544 WPDBusEnum - ok
02:38:35.0622 6544 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
02:38:35.0624 6544 ws2ifsl - ok
02:38:35.0643 6544 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
02:38:35.0651 6544 wscsvc - ok
02:38:35.0661 6544 WSearch - ok
02:38:35.0852 6544 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
02:38:35.0914 6544 wuauserv - ok
02:38:35.0934 6544 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
02:38:35.0937 6544 WudfPf - ok
02:38:36.0001 6544 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
02:38:36.0006 6544 WUDFRd - ok
02:38:36.0051 6544 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
02:38:36.0058 6544 wudfsvc - ok
02:38:36.0091 6544 [ F0B1D8725FAB9F4A559CCC91A960FCE0 ] WwanSvc C:\windows\System32\wwansvc.dll
02:38:36.0101 6544 WwanSvc - ok
02:38:36.0146 6544 ================ Scan global ===============================
02:38:36.0214 6544 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
02:38:36.0247 6544 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
02:38:36.0261 6544 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
02:38:36.0302 6544 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
02:38:36.0344 6544 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
02:38:36.0352 6544 [Global] - ok
02:38:36.0355 6544 ================ Scan MBR ==================================
02:38:36.0373 6544 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
02:38:36.0968 6544 \Device\Harddisk0\DR0 - ok
02:38:36.0971 6544 ================ Scan VBR ==================================
02:38:37.0016 6544 [ BDAC8AD5B3C496C6954254765509312D ] \Device\Harddisk0\DR0\Partition1
02:38:37.0019 6544 \Device\Harddisk0\DR0\Partition1 - ok
02:38:37.0021 6544 ============================================================
02:38:37.0021 6544 Scan finished
02:38:37.0021 6544 ============================================================
02:38:37.0042 4292 Detected object count: 0
02:38:37.0042 4292 Actual detected object count: 0

#5 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 03:57 AM

Second: ASWmbr

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-28 02:46:43
-----------------------------
02:46:43.283 OS Version: Windows x64 6.1.7601 Service Pack 1
02:46:43.283 Number of processors: 4 586 0x2A07
02:46:43.283 ComputerName: THOMASMORRIS-PC UserName: Thomas Morris
02:46:44.931 Initialize success
02:46:47.138 AVAST engine defs: 13012701
02:47:12.581 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
02:47:12.583 Disk 0 Vendor: TOSHIBA_ GT00 Size: 476940MB BusType: 3
02:47:12.592 Disk 0 MBR read successfully
02:47:12.594 Disk 0 MBR scan
02:47:12.598 Disk 0 Windows VISTA default MBR code
02:47:12.605 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
02:47:12.624 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 461831 MB offset 3074048
02:47:12.655 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 13608 MB offset 948903936
02:47:12.689 Disk 0 scanning C:\windows\system32\drivers
02:47:26.334 Service scanning
02:47:51.093 Modules scanning
02:47:51.099 Disk 0 trace - called modules:
02:47:51.150 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
02:47:51.154 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800622a790]
02:47:51.160 3 CLASSPNP.SYS[fffff88001dca43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006229050]
02:47:52.002 AVAST engine scan C:\windows
02:47:54.480 AVAST engine scan C:\windows\system32
02:50:14.135 AVAST engine scan C:\windows\system32\drivers
02:50:34.257 AVAST engine scan C:\Users\Thomas Morris
02:53:32.541 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
02:53:32.551 The log file has been saved successfully to "C:\aswMBR.txt"

#6 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 04:31 AM

There was a line in the initial screen report that was red, and I had an option to fixMBR... Line was c:\users\thomas morris\appdata\roaming\aa922193-5116-4171-bc29-a01d25b7e137....then it ran off the screen. When was given the option to copy the file, the actual file was: aabcadbe.exe.

#7 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 04:32 AM

There was a line in the initial screen report that was red, and I had an option to fixMBR... Line was c:\users\thomas morris\appdata\roaming\aa922193-5116-4171-bc29-a01d25b7e137....then it ran off the screen. When was given the option to copy the file, the actual file was: aabcadbe.exe.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:47 AM

Posted 28 January 2013 - 04:49 AM

Ignore ASWMBR,continue with ESET scan

#9 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 04:56 AM

eset:

C:\Qoobox\Quarantine\C\Users\Thomas Morris\AppData\Roaming\manlop.dll.vir a variant of Win32/Medfos.JB trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Agent.UJK trojan

#10 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 05:51 AM

By the way, Thanks for helping!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:47 AM

Posted 28 January 2013 - 06:23 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.



Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#12 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 06:51 AM

MBAM (posted wrong log earlier)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.26.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Thomas Morris :: THOMASMORRIS-PC [administrator]

1/28/2013 4:36:38 AM
mbam-log-2013-01-28 (04-36-38).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 380897
Time elapsed: 39 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Edited by letominator, 28 January 2013 - 07:06 AM.


#13 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 06:53 AM

Should I not have ESET quarantine & delete?

#14 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 06:54 AM

toolbox

MiniToolBox by Farbar Version:10-01-2013
Ran by Thomas Morris (administrator) on 28-01-2013 at 05:53:40
Running from "C:\Users\Thomas Morris\AppData\Local\Opera\Opera\temporary_downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : ThomasMorris-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 00-26-6C-1B-A9-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : 44-6D-57-D8-E7-C9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::24dc:ba03:678e:4943%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, January 28, 2013 2:08:35 AM
Lease Expires . . . . . . . . . . : Monday, January 28, 2013 6:38:42 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 239365463
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-61-F9-F7-44-6D-57-D8-E7-C9
DNS Servers . . . . . . . . . . . : 207.69.188.186
207.69.188.187
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B101BC86-28F3-4C97-B629-D37F424FAC51}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{1FA1C8C5-326E-43C4-97D4-6ACCE4A50265}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:20f0:3e68:e711:2bd8(Preferred)
Link-local IPv6 Address . . . . . : fe80::20f0:3e68:e711:2bd8%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: rns2.earthlink.net
Address: 207.69.188.186

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Address: 2607:f8b0:4004:803::100e


Pinging google.com [74.125.228.0] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 74.125.228.0:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: rns2.earthlink.net
Address: 207.69.188.186

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=178ms TTL=50
Reply from 98.139.183.24: bytes=32 time=289ms TTL=50

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 178ms, Maximum = 289ms, Average = 233ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 26 6c 1b a9 c9 ......Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...44 6d 57 d8 e7 c9 ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.7 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.7 286
192.168.0.7 255.255.255.255 On-link 192.168.0.7 286
192.168.0.255 255.255.255.255 On-link 192.168.0.7 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.7 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.7 286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:20f0:3e68:e711:2bd8/128
On-link
11 286 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::20f0:3e68:e711:2bd8/128
On-link
11 286 fe80::24dc:ba03:678e:4943/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 286 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/28/2013 05:50:17 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/28/2013 05:50:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/28/2013 05:50:14 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/28/2013 05:48:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (01/28/2013 04:52:14 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 9.0.8112.16457, time stamp: 0x50a2f9e3
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000374
Fault offset: 0x000ce6c3
Faulting process id: 0x1820
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (01/28/2013 02:54:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/28/2013 02:46:03 AM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16457 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 770

Start Time: 01cdfd2f232fee9a

Termination Time: 46

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (01/27/2013 07:53:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584

Error: (01/27/2013 07:53:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584

Error: (01/27/2013 07:53:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (01/27/2013 10:32:52 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/26/2013 11:08:31 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/26/2013 11:05:58 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/26/2013 10:30:34 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/26/2013 10:30:03 AM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/26/2013 10:28:18 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.

Error: (01/26/2013 05:50:30 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:48:37 AM on ?1/?26/?2013 was unexpected.

Error: (01/25/2013 08:13:53 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (01/23/2013 08:12:39 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (01/17/2013 10:22:31 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}


Microsoft Office Sessions:
=========================
Error: (01/28/2013 05:50:17 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\thomas morris\AppData\Local\Opera\Opera\temporary_downloads\esetsmartinstaller_enu.exe

Error: (01/28/2013 05:50:16 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\thomas morris\AppData\Local\Opera\Opera\temporary_downloads\esetsmartinstaller_enu.exe

Error: (01/28/2013 05:50:14 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\thomas morris\AppData\Local\Opera\Opera\temporary_downloads\esetsmartinstaller_enu.exe

Error: (01/28/2013 05:48:42 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (01/28/2013 04:52:14 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1645750a2f9e3ntdll.dll6.1.7601.177254ec49b8fc0000374000ce6c3182001cdfd3dfe6c11caC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\windows\SysWOW64\ntdll.dllc618f86f-6938-11e2-93a1-00266c1ba9c9

Error: (01/28/2013 02:54:32 AM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Thomas Morris\AppData\Local\Opera\Opera\temporary_downloads\esetsmartinstaller_enu.exe

Error: (01/28/2013 02:46:03 AM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.1645777001cdfd2f232fee9a46C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (01/27/2013 07:53:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15584

Error: (01/27/2013 07:53:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15584

Error: (01/27/2013 07:53:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
Date: 2013-01-26 10:30:03.279
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-01-26 10:30:03.248
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.5) MUI (Version: 10.1.5)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.12.13)
avast! Free Antivirus (Version: 7.0.1474.0)
Bonjour (Version: 3.0.0.10)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dropbox (Version: 1.6.16)
ESET Online Scanner v3
Garmin ANT Agent (Version: 2.3.3)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 24.0.1312.56)
Google Update Helper (Version: 1.3.21.123)
Intel® Manageability Engine Firmware Recovery Agent (Version: 1.0.0.35342)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® Processor Graphics (Version: 8.15.10.2639)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.1.209)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 25 (Version: 6.0.250)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Unifying Software 2.00 (Version: 2.00.43)
Macromedia Shockwave Player
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Money 2006 (Version: 15)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Small Business Edition 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 08.05.0818)
Microsoft Works Suite 2006 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word (Version: 8.0.0.0000)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Opera 12.12 (Version: 12.12.1707)
Picasa 3 (Version: 3.8)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6559)
Realtek USB 2.0 Reader Driver (Version: 6.1.7601.39013)
Realtek WLAN Driver (Version: 2.00.0016)
Samsung ML-2010 Series
Samsung Universal Print Driver (Version: 2.03.06.00)
Synaptics Pointing Device Driver (Version: 15.3.39.0)
Toshiba App Place (Version: 1.0.6.3)
TOSHIBA Application Installer (Version: 9.0.1.2)
TOSHIBA Assist (Version: 4.2.3.1)
TOSHIBA Audio Enhancement (Version: 1.0.2.8)
Toshiba Book Place (Version: 3.0.9490)
TOSHIBA Bulletin Board (Version: 1.6.11.64)
TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)
TOSHIBA eco Utility (Version: 1.3.10.64)
TOSHIBA Face Recognition (Version: 3.1.18.64)
TOSHIBA Hardware Setup (Version: 2.1.0.8)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.11)
Toshiba Laptop Checkup (Version: 2.0.17.38)
TOSHIBA Media Controller (Version: 1.0.87.4)
TOSHIBA Media Controller Plug-in (Version: 1.0.8.0)
Toshiba Online Backup (Version: 2.0.0.31)
TOSHIBA PC Health Monitor (Version: 1.7.15.64)
TOSHIBA Quality Application (Version: 1.0.4)
TOSHIBA Recovery Media Creator (Version: 2.1.6.52020009)
TOSHIBA ReelTime (Version: 1.7.21.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.2004)
Toshiba Security Dashboard (Version: 1.0.0.48)
TOSHIBA Service Station (Version: 2.2.13)
TOSHIBA Supervisor Password (Version: 2.1.0.3)
TOSHIBA User's Guide (Version: 1.00.02)
TOSHIBA Value Added Package (Version: 1.6.0021.640203)
TOSHIBA Web Camera Application (Version: 2.0.3.33)
TOSHIBARegistration (Version: 1.0.9)
Unity Web Player (Version: )
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Works Upgrade (Version: 8.0.0.0000)

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 3988.8 MB
Available physical RAM: 1973.8 MB
Total Pagefile: 7975.8 MB
Available Pagefile: 5713.75 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.25 MB

========================= Partitions: =====================================

1 Drive c: (TI106401W0D) (Fixed) (Total:451.01 GB) (Free:372.18 GB) NTFS

========================= Users: ========================================

User accounts for \\THOMASMORRIS-PC

Administrator ASPNET Guest
Thomas Morris

========================= Restore Points ==================================

04-01-2013 11:37:30 Windows Update
08-01-2013 09:55:04 Windows Update
09-01-2013 16:49:36 Windows Update
15-01-2013 10:16:56 Windows Update
18-01-2013 12:40:44 Windows Update
22-01-2013 08:55:22 Windows Update
25-01-2013 15:15:59 Windows Update

**** End of log ****

#15 letominator

letominator
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 28 January 2013 - 06:56 AM

farbar

Farbar Service Scanner Version: 16-01-2013
Ran by Thomas Morris (administrator) on 28-01-2013 at 05:55:22
Running from "C:\Users\Thomas Morris\AppData\Local\Opera\Opera\temporary_downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users