Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I'm infected.


  • This topic is locked This topic is locked
16 replies to this topic

#1 Slayer90

Slayer90

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 05:44 PM

I use cable so I'm connected to the internet at all times even when I'm not using the internet. I'm using windows 7, 32 bit. My computer is very slow. When I open file folders, it takes a least 10 to 15 seconds to open or close. My computer would freeze for 10 minutes. This happens frequently. When I use the internet browser it loads very slow and and many times it gets a DDOS. This happens for example when I try to go to gamefaqs (This site happens often with DDOS), yet other sites can still load. Loading many sites pages include the main google search homepage is accessibly slow. This happens with both Firefox and internet explorer I ran malwarebytes, Eset, F-secure and Avast! separately. They weren't able to detect anything. It seems this rootkit is sophisticated and hides itself well.


Edited by Slayer90, 08 February 2013 - 05:46 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:35 PM

Posted 08 February 2013 - 05:49 PM

Hello Slayer90 and welcome..Let's do these and see how it is.

 

Run RKILL

Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.

Do not reboot the computer, you will need to run the application again.


>>>>>


Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.
 

>>>>

 

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>

 

ADW Cleaner

Please download [URL="http://www.bleepingcomputer.com/download/adwcleaner/dl/125/"]AdwCleaner[/URL][/B] by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

>>>>

 

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

[B]NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 06:02 PM

 15:00:34.0230 2516  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:00:34.0730 2516  ============================================================
15:00:34.0730 2516  Current date / time: 2013/02/08 15:00:34.0730
15:00:34.0730 2516  SystemInfo:
15:00:34.0730 2516  
15:00:34.0730 2516  OS Version: 6.1.7601 ServicePack: 1.0
15:00:34.0730 2516  Product type: Workstation
15:00:34.0730 2516  ComputerName: USER-PC
15:00:34.0745 2516  UserName: User
15:00:34.0745 2516  Windows directory: C:\Windows
15:00:34.0745 2516  System windows directory: C:\Windows
15:00:34.0745 2516  Processor architecture: Intel x86
15:00:34.0745 2516  Number of processors: 2
15:00:34.0745 2516  Page size: 0x1000
15:00:34.0745 2516  Boot type: Normal boot
15:00:34.0745 2516  ============================================================
15:00:34.0948 2516  BG loaded
15:00:35.0525 2516  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:00:35.0556 2516  ============================================================
15:00:35.0556 2516  \Device\Harddisk0\DR0:
15:00:35.0556 2516  MBR partitions:
15:00:35.0556 2516  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:00:35.0556 2516  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x196FB000
15:00:35.0556 2516  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x6, StartLBA 0x1972D800, BlocksNum 0x3A97800
15:00:35.0556 2516  ============================================================
15:00:35.0572 2516  C: <-> \Device\Harddisk0\DR0\Partition2
15:00:35.0603 2516  ============================================================
15:00:35.0603 2516  Initialize success
15:00:35.0603 2516  ============================================================
15:01:01.0952 0636  ============================================================
15:01:01.0952 0636  Scan started
15:01:01.0952 0636  Mode: Manual; TDLFS;
15:01:01.0952 0636  ============================================================
15:01:02.0513 0636  ================ Scan system memory ========================
15:01:02.0513 0636  System memory - ok
15:01:02.0513 0636  ================ Scan services =============================
15:01:02.0716 0636  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:01:02.0716 0636  1394ohci - ok
15:01:02.0856 0636  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:01:02.0856 0636  ACPI - ok
15:01:02.0934 0636  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:01:02.0966 0636  AcpiPmi - ok
15:01:03.0215 0636  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:01:03.0215 0636  AdobeFlashPlayerUpdateSvc - ok
15:01:03.0324 0636  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:01:03.0340 0636  adp94xx - ok
15:01:03.0387 0636  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:01:03.0402 0636  adpahci - ok
15:01:03.0434 0636  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:01:03.0434 0636  adpu320 - ok
15:01:03.0465 0636  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:01:03.0465 0636  AeLookupSvc - ok
15:01:03.0512 0636  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
15:01:03.0527 0636  AFD - ok
15:01:03.0543 0636  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
15:01:03.0543 0636  agp440 - ok
15:01:03.0590 0636  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
15:01:03.0605 0636  aic78xx - ok
15:01:03.0636 0636  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
15:01:03.0636 0636  ALG - ok
15:01:03.0668 0636  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:01:03.0668 0636  aliide - ok
15:01:03.0699 0636  [ EC98CA8298F67926FA50876348534B1D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:01:03.0714 0636  AMD External Events Utility - ok
15:01:03.0730 0636  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:01:03.0730 0636  amdagp - ok
15:01:03.0746 0636  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:01:03.0746 0636  amdide - ok
15:01:03.0792 0636  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:01:03.0792 0636  AmdK8 - ok
15:01:04.0479 0636  [ 65B44179CF184B08E86097BFFBF03F24 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:01:04.0697 0636  amdkmdag - ok
15:01:04.0728 0636  [ 5E1C65524FF1713711CE27879D813384 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:01:04.0728 0636  amdkmdap - ok
15:01:04.0775 0636  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:01:04.0775 0636  AmdPPM - ok
15:01:04.0822 0636  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:01:04.0822 0636  amdsata - ok
15:01:04.0853 0636  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:01:04.0869 0636  amdsbs - ok
15:01:04.0884 0636  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:01:04.0884 0636  amdxata - ok
15:01:04.0916 0636  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
15:01:04.0931 0636  AppID - ok
15:01:04.0947 0636  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:01:04.0962 0636  AppIDSvc - ok
15:01:04.0994 0636  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
15:01:04.0994 0636  Appinfo - ok
15:01:05.0025 0636  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:01:05.0040 0636  arc - ok
15:01:05.0056 0636  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:01:05.0056 0636  arcsas - ok
15:01:05.0103 0636  [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:01:05.0103 0636  aswFsBlk - ok
15:01:05.0134 0636  [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:01:05.0150 0636  aswMonFlt - ok
15:01:05.0165 0636  [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
15:01:05.0165 0636  aswRdr - ok
15:01:05.0196 0636  [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:01:05.0212 0636  aswSnx - ok
15:01:05.0243 0636  [ 67B558895695545FB0568B7541F3BCA7 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:01:05.0243 0636  aswSP - ok
15:01:05.0274 0636  [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:01:05.0274 0636  aswTdi - ok
15:01:05.0306 0636  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:01:05.0321 0636  AsyncMac - ok
15:01:05.0352 0636  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
15:01:05.0352 0636  atapi - ok
15:01:05.0430 0636  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:01:05.0430 0636  AudioEndpointBuilder - ok
15:01:05.0462 0636  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:01:05.0477 0636  Audiosrv - ok
15:01:05.0555 0636  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:01:05.0555 0636  avast! Antivirus - ok
15:01:05.0602 0636  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:01:05.0602 0636  AxInstSV - ok
15:01:05.0649 0636  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
15:01:05.0664 0636  b06bdrv - ok
15:01:05.0696 0636  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
15:01:05.0711 0636  b57nd60x - ok
15:01:05.0774 0636  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:01:05.0774 0636  BDESVC - ok
15:01:05.0789 0636  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:01:05.0805 0636  Beep - ok
15:01:05.0852 0636  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
15:01:05.0852 0636  BFE - ok
15:01:05.0898 0636  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
15:01:05.0914 0636  BITS - ok
15:01:05.0945 0636  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:01:05.0945 0636  blbdrive - ok
15:01:05.0992 0636  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:01:05.0992 0636  bowser - ok
15:01:06.0023 0636  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:01:06.0023 0636  BrFiltLo - ok
15:01:06.0039 0636  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:01:06.0039 0636  BrFiltUp - ok
15:01:06.0054 0636  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
15:01:06.0070 0636  Browser - ok
15:01:06.0086 0636  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:01:06.0101 0636  Brserid - ok
15:01:06.0117 0636  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:01:06.0117 0636  BrSerWdm - ok
15:01:06.0132 0636  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:01:06.0132 0636  BrUsbMdm - ok
15:01:06.0148 0636  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:01:06.0164 0636  BrUsbSer - ok
15:01:06.0164 0636  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:01:06.0179 0636  BTHMODEM - ok
15:01:06.0210 0636  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
15:01:06.0210 0636  bthserv - ok
15:01:06.0242 0636  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:01:06.0242 0636  cdfs - ok
15:01:06.0288 0636  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
15:01:06.0288 0636  cdrom - ok
15:01:06.0335 0636  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:01:06.0335 0636  CertPropSvc - ok
15:01:06.0366 0636  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:01:06.0366 0636  circlass - ok
15:01:06.0398 0636  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
15:01:06.0398 0636  CLFS - ok
15:01:06.0476 0636  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:01:06.0476 0636  clr_optimization_v2.0.50727_32 - ok
15:01:06.0538 0636  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:01:06.0538 0636  clr_optimization_v4.0.30319_32 - ok
15:01:06.0585 0636  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:01:06.0585 0636  CmBatt - ok
15:01:06.0600 0636  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:01:06.0616 0636  cmdide - ok
15:01:06.0647 0636  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:01:06.0647 0636  CNG - ok
15:01:06.0678 0636  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:01:06.0678 0636  Compbatt - ok
15:01:06.0725 0636  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:01:06.0725 0636  CompositeBus - ok
15:01:06.0741 0636  COMSysApp - ok
15:01:06.0788 0636  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:01:06.0788 0636  crcdisk - ok
15:01:06.0850 0636  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:01:06.0850 0636  CryptSvc - ok
15:01:06.0897 0636  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:01:06.0897 0636  DcomLaunch - ok
15:01:06.0944 0636  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:01:06.0959 0636  defragsvc - ok
15:01:06.0990 0636  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:01:06.0990 0636  DfsC - ok
15:01:07.0068 0636  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:01:07.0068 0636  Dhcp - ok
15:01:07.0084 0636  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
15:01:07.0084 0636  discache - ok
15:01:07.0131 0636  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:01:07.0131 0636  Disk - ok
15:01:07.0146 0636  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:01:07.0162 0636  Dnscache - ok
15:01:07.0193 0636  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:01:07.0193 0636  dot3svc - ok
15:01:07.0240 0636  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
15:01:07.0240 0636  DPS - ok
15:01:07.0271 0636  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:01:07.0271 0636  drmkaud - ok
15:01:07.0334 0636  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:01:07.0349 0636  DXGKrnl - ok
15:01:07.0380 0636  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
15:01:07.0380 0636  EapHost - ok
15:01:07.0521 0636  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
15:01:07.0599 0636  ebdrv - ok
15:01:07.0630 0636  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
15:01:07.0630 0636  EFS - ok
15:01:07.0692 0636  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:01:07.0708 0636  ehRecvr - ok
15:01:07.0739 0636  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
15:01:07.0739 0636  ehSched - ok
15:01:07.0802 0636  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:01:07.0802 0636  elxstor - ok
15:01:07.0833 0636  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:01:07.0833 0636  ErrDev - ok
15:01:07.0880 0636  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
15:01:07.0911 0636  EventSystem - ok
15:01:07.0958 0636  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
15:01:07.0989 0636  exfat - ok
15:01:08.0036 0636  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:01:08.0067 0636  fastfat - ok
15:01:08.0114 0636  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
15:01:08.0129 0636  Fax - ok
15:01:08.0145 0636  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:01:08.0160 0636  fdc - ok
15:01:08.0176 0636  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
15:01:08.0176 0636  fdPHost - ok
15:01:08.0207 0636  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
15:01:08.0207 0636  FDResPub - ok
15:01:08.0223 0636  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:01:08.0223 0636  FileInfo - ok
15:01:08.0254 0636  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:01:08.0254 0636  Filetrace - ok
15:01:08.0285 0636  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:01:08.0285 0636  flpydisk - ok
15:01:08.0316 0636  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:01:08.0316 0636  FltMgr - ok
15:01:08.0379 0636  [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache       C:\Windows\system32\FntCache.dll
15:01:08.0379 0636  FontCache - ok
15:01:08.0457 0636  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:01:08.0472 0636  FontCache3.0.0.0 - ok
15:01:08.0504 0636  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:01:08.0504 0636  FsDepends - ok
15:01:08.0535 0636  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:01:08.0550 0636  Fs_Rec - ok
15:01:08.0582 0636  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:01:08.0597 0636  fvevol - ok
15:01:08.0628 0636  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:01:08.0628 0636  gagp30kx - ok
15:01:08.0675 0636  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:01:08.0675 0636  gpsvc - ok
15:01:08.0753 0636  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
15:01:08.0753 0636  gupdate - ok
15:01:08.0784 0636  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
15:01:08.0784 0636  gupdatem - ok
15:01:08.0816 0636  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:01:08.0816 0636  hcw85cir - ok
15:01:08.0847 0636  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:01:08.0862 0636  HdAudAddService - ok
15:01:08.0894 0636  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:01:08.0894 0636  HDAudBus - ok
15:01:08.0909 0636  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:01:08.0909 0636  HidBatt - ok
15:01:08.0925 0636  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:01:08.0925 0636  HidBth - ok
15:01:08.0940 0636  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:01:08.0940 0636  HidIr - ok
15:01:08.0972 0636  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
15:01:08.0972 0636  hidserv - ok
15:01:09.0034 0636  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:01:09.0034 0636  HidUsb - ok
15:01:09.0065 0636  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:01:09.0065 0636  hkmsvc - ok
15:01:09.0112 0636  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:01:09.0112 0636  HomeGroupListener - ok
15:01:09.0143 0636  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:01:09.0159 0636  HomeGroupProvider - ok
15:01:09.0190 0636  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:01:09.0190 0636  HpSAMD - ok
15:01:09.0237 0636  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:01:09.0237 0636  HTTP - ok
15:01:09.0268 0636  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:01:09.0268 0636  hwpolicy - ok
15:01:09.0315 0636  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:01:09.0330 0636  i8042prt - ok
15:01:09.0346 0636  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:01:09.0362 0636  iaStorV - ok
15:01:09.0408 0636  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:01:09.0424 0636  idsvc - ok
15:01:09.0471 0636  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:01:09.0471 0636  iirsp - ok
15:01:09.0518 0636  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:01:09.0518 0636  IKEEXT - ok
15:01:09.0564 0636  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:01:09.0564 0636  intelide - ok
15:01:09.0596 0636  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:01:09.0596 0636  intelppm - ok
15:01:09.0611 0636  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:01:09.0627 0636  IPBusEnum - ok
15:01:09.0642 0636  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:01:09.0642 0636  IpFilterDriver - ok
15:01:09.0689 0636  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:01:09.0705 0636  iphlpsvc - ok
15:01:09.0720 0636  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:01:09.0736 0636  IPMIDRV - ok
15:01:09.0767 0636  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:01:09.0767 0636  IPNAT - ok
15:01:09.0783 0636  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:01:09.0783 0636  IRENUM - ok
15:01:09.0798 0636  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:01:09.0798 0636  isapnp - ok
15:01:09.0830 0636  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:01:09.0830 0636  iScsiPrt - ok
15:01:09.0861 0636  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
15:01:09.0861 0636  kbdclass - ok
15:01:09.0892 0636  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:01:09.0892 0636  kbdhid - ok
15:01:09.0908 0636  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
15:01:09.0923 0636  KeyIso - ok
15:01:09.0939 0636  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:01:09.0939 0636  KSecDD - ok
15:01:09.0970 0636  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:01:09.0970 0636  KSecPkg - ok
15:01:10.0001 0636  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:01:10.0017 0636  KtmRm - ok
15:01:10.0048 0636  [ ED8227578B0A3A3F8545388FB11782C1 ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
15:01:10.0048 0636  L1C - ok
15:01:10.0079 0636  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:01:10.0095 0636  LanmanServer - ok
15:01:10.0126 0636  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:01:10.0126 0636  LanmanWorkstation - ok
15:01:10.0173 0636  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:01:10.0188 0636  lltdio - ok
15:01:10.0220 0636  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:01:10.0235 0636  lltdsvc - ok
15:01:10.0251 0636  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:01:10.0251 0636  lmhosts - ok
15:01:10.0282 0636  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:01:10.0298 0636  LSI_FC - ok
15:01:10.0313 0636  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:01:10.0313 0636  LSI_SAS - ok
15:01:10.0329 0636  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:01:10.0329 0636  LSI_SAS2 - ok
15:01:10.0344 0636  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:01:10.0360 0636  LSI_SCSI - ok
15:01:10.0376 0636  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
15:01:10.0376 0636  luafv - ok
15:01:10.0422 0636  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:01:10.0422 0636  MBAMProtector - ok
15:01:10.0500 0636  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:01:10.0516 0636  MBAMScheduler - ok
15:01:10.0563 0636  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:01:10.0563 0636  MBAMService - ok
15:01:10.0594 0636  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:01:10.0610 0636  Mcx2Svc - ok
15:01:10.0625 0636  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:01:10.0641 0636  megasas - ok
15:01:10.0672 0636  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:01:10.0688 0636  MegaSR - ok
15:01:10.0719 0636  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
15:01:10.0719 0636  MMCSS - ok
15:01:10.0734 0636  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
15:01:10.0734 0636  Modem - ok
15:01:10.0750 0636  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:01:10.0766 0636  monitor - ok
15:01:10.0781 0636  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
15:01:10.0781 0636  mouclass - ok
15:01:10.0812 0636  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:01:10.0812 0636  mouhid - ok
15:01:10.0844 0636  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:01:10.0844 0636  mountmgr - ok
15:01:10.0906 0636  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:01:10.0922 0636  MozillaMaintenance - ok
15:01:10.0953 0636  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:01:10.0968 0636  mpio - ok
15:01:11.0000 0636  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:01:11.0000 0636  mpsdrv - ok
15:01:11.0062 0636  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:01:11.0078 0636  MpsSvc - ok
15:01:11.0124 0636  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:01:11.0124 0636  MRxDAV - ok
15:01:11.0140 0636  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:01:11.0156 0636  mrxsmb - ok
15:01:11.0171 0636  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:01:11.0171 0636  mrxsmb10 - ok
15:01:11.0202 0636  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:01:11.0202 0636  mrxsmb20 - ok
15:01:11.0234 0636  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
15:01:11.0234 0636  msahci - ok
15:01:11.0249 0636  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:01:11.0265 0636  msdsm - ok
15:01:11.0280 0636  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
15:01:11.0296 0636  MSDTC - ok
15:01:11.0327 0636  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:01:11.0327 0636  Msfs - ok
15:01:11.0343 0636  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:01:11.0343 0636  mshidkmdf - ok
15:01:11.0374 0636  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:01:11.0374 0636  msisadrv - ok
15:01:11.0405 0636  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:01:11.0405 0636  MSiSCSI - ok
15:01:11.0421 0636  msiserver - ok
15:01:11.0452 0636  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:01:11.0452 0636  MSKSSRV - ok
15:01:11.0468 0636  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:01:11.0468 0636  MSPCLOCK - ok
15:01:11.0483 0636  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:01:11.0499 0636  MSPQM - ok
15:01:11.0514 0636  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:01:11.0530 0636  MsRPC - ok
15:01:11.0561 0636  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:01:11.0577 0636  mssmbios - ok
15:01:11.0639 0636  MSSQL$SONY_MEDIAMGR - ok
15:01:11.0686 0636  [ CB7524C21727404BD3140DCA32DEB7DE ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
15:01:11.0702 0636  MSSQLServerADHelper - ok
15:01:11.0733 0636  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:01:11.0748 0636  MSTEE - ok
15:01:11.0764 0636  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:01:11.0764 0636  MTConfig - ok
15:01:11.0795 0636  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:01:11.0795 0636  Mup - ok
15:01:11.0842 0636  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
15:01:11.0858 0636  napagent - ok
15:01:11.0904 0636  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:01:11.0904 0636  NativeWifiP - ok
15:01:11.0982 0636  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:01:11.0982 0636  NDIS - ok
15:01:11.0998 0636  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:01:12.0014 0636  NdisCap - ok
15:01:12.0029 0636  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:01:12.0029 0636  NdisTapi - ok
15:01:12.0060 0636  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:01:12.0060 0636  Ndisuio - ok
15:01:12.0092 0636  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:01:12.0092 0636  NdisWan - ok
15:01:12.0123 0636  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:01:12.0138 0636  NDProxy - ok
15:01:12.0170 0636  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:01:12.0170 0636  NetBIOS - ok
15:01:12.0201 0636  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:01:12.0216 0636  NetBT - ok
15:01:12.0232 0636  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
15:01:12.0232 0636  Netlogon - ok
15:01:12.0263 0636  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
15:01:12.0279 0636  Netman - ok
15:01:12.0294 0636  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
15:01:12.0310 0636  netprofm - ok
15:01:12.0326 0636  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:01:12.0341 0636  NetTcpPortSharing - ok
15:01:12.0372 0636  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:01:12.0388 0636  nfrd960 - ok
15:01:12.0419 0636  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:01:12.0419 0636  NlaSvc - ok
15:01:12.0435 0636  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:01:12.0435 0636  Npfs - ok
15:01:12.0466 0636  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
15:01:12.0482 0636  nsi - ok
15:01:12.0482 0636  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:01:12.0497 0636  nsiproxy - ok
15:01:12.0591 0636  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:01:12.0638 0636  Ntfs - ok
15:01:12.0653 0636  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
15:01:12.0669 0636  Null - ok
15:01:12.0716 0636  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:01:12.0716 0636  nvraid - ok
15:01:12.0731 0636  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:01:12.0731 0636  nvstor - ok
15:01:12.0747 0636  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:01:12.0762 0636  nv_agp - ok
15:01:12.0778 0636  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:01:12.0778 0636  ohci1394 - ok
15:01:12.0809 0636  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:01:12.0825 0636  p2pimsvc - ok
15:01:12.0856 0636  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:01:12.0872 0636  p2psvc - ok
15:01:12.0903 0636  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:01:12.0903 0636  Parport - ok
15:01:12.0934 0636  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:01:12.0934 0636  partmgr - ok
15:01:12.0950 0636  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
15:01:12.0950 0636  Parvdm - ok
15:01:12.0981 0636  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:01:12.0996 0636  PcaSvc - ok
15:01:13.0028 0636  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
15:01:13.0043 0636  pci - ok
15:01:13.0043 0636  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
15:01:13.0059 0636  pciide - ok
15:01:13.0090 0636  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:01:13.0106 0636  pcmcia - ok
15:01:13.0121 0636  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
15:01:13.0137 0636  pcw - ok
15:01:13.0168 0636  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:01:13.0184 0636  PEAUTH - ok
15:01:13.0293 0636  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
15:01:13.0355 0636  pla - ok
15:01:13.0402 0636  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:01:13.0402 0636  PlugPlay - ok
15:01:13.0418 0636  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:01:13.0449 0636  PNRPAutoReg - ok
15:01:13.0464 0636  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:01:13.0464 0636  PNRPsvc - ok
15:01:13.0496 0636  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:01:13.0511 0636  PolicyAgent - ok
15:01:13.0542 0636  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
15:01:13.0558 0636  Power - ok
15:01:13.0605 0636  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:01:13.0605 0636  PptpMiniport - ok
15:01:13.0636 0636  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:01:13.0652 0636  Processor - ok
15:01:13.0714 0636  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
15:01:13.0714 0636  ProfSvc - ok
15:01:13.0745 0636  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:01:13.0745 0636  ProtectedStorage - ok
15:01:13.0776 0636  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:01:13.0776 0636  Psched - ok
15:01:13.0839 0636  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:01:13.0886 0636  ql2300 - ok
15:01:13.0932 0636  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:01:13.0932 0636  ql40xx - ok
15:01:13.0964 0636  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
15:01:13.0995 0636  QWAVE - ok
15:01:14.0010 0636  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:01:14.0026 0636  QWAVEdrv - ok
15:01:14.0042 0636  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:01:14.0042 0636  RasAcd - ok
15:01:14.0073 0636  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:01:14.0088 0636  RasAgileVpn - ok
15:01:14.0104 0636  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
15:01:14.0104 0636  RasAuto - ok
15:01:14.0135 0636  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:01:14.0135 0636  Rasl2tp - ok
15:01:14.0166 0636  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
15:01:14.0198 0636  RasMan - ok
15:01:14.0229 0636  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:01:14.0229 0636  RasPppoe - ok
15:01:14.0260 0636  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:01:14.0260 0636  RasSstp - ok
15:01:14.0291 0636  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:01:14.0307 0636  rdbss - ok
15:01:14.0338 0636  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:01:14.0354 0636  rdpbus - ok
15:01:14.0385 0636  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:01:14.0385 0636  RDPCDD - ok
15:01:14.0416 0636  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:01:14.0416 0636  RDPENCDD - ok
15:01:14.0432 0636  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:01:14.0432 0636  RDPREFMP - ok
15:01:14.0463 0636  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:01:14.0478 0636  RDPWD - ok
15:01:14.0525 0636  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:01:14.0525 0636  rdyboost - ok
15:01:14.0556 0636  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:01:14.0556 0636  RemoteAccess - ok
15:01:14.0588 0636  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:01:14.0603 0636  RemoteRegistry - ok
15:01:14.0634 0636  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:01:14.0650 0636  RpcEptMapper - ok
15:01:14.0666 0636  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
15:01:14.0681 0636  RpcLocator - ok
15:01:14.0697 0636  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
15:01:14.0712 0636  RpcSs - ok
15:01:14.0744 0636  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:01:14.0744 0636  rspndr - ok
15:01:14.0759 0636  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
15:01:14.0759 0636  SamSs - ok
15:01:14.0837 0636  [ 78B0D0DF30E2B17AEF9D036D8BD1B3D4 ] Samsung Network Fax Server C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe
15:01:14.0853 0636  Samsung Network Fax Server - ok
15:01:14.0868 0636  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:01:14.0868 0636  sbp2port - ok
15:01:14.0900 0636  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:01:14.0915 0636  SCardSvr - ok
15:01:14.0978 0636  [ 52402149E66200C2C2BDA115BCA757D6 ] SCDEmu          C:\Windows\system32\drivers\SCDEmu.sys
15:01:14.0993 0636  SCDEmu - ok
15:01:15.0009 0636  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:01:15.0024 0636  scfilter - ok
15:01:15.0087 0636  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
15:01:15.0102 0636  Schedule - ok
15:01:15.0134 0636  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:01:15.0134 0636  SCPolicySvc - ok
15:01:15.0149 0636  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:01:15.0165 0636  SDRSVC - ok
15:01:15.0196 0636  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:01:15.0196 0636  secdrv - ok
15:01:15.0227 0636  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
15:01:15.0243 0636  seclogon - ok
15:01:15.0243 0636  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
15:01:15.0258 0636  SENS - ok
15:01:15.0290 0636  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:01:15.0305 0636  SensrSvc - ok
15:01:15.0305 0636  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:01:15.0321 0636  Serenum - ok
15:01:15.0352 0636  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:01:15.0352 0636  Serial - ok
15:01:15.0399 0636  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:01:15.0399 0636  sermouse - ok
15:01:15.0446 0636  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:01:15.0461 0636  SessionEnv - ok
15:01:15.0477 0636  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:01:15.0477 0636  sffdisk - ok
15:01:15.0492 0636  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:01:15.0492 0636  sffp_mmc - ok
15:01:15.0524 0636  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:01:15.0524 0636  sffp_sd - ok
15:01:15.0539 0636  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:01:15.0555 0636  sfloppy - ok
15:01:15.0586 0636  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:01:15.0602 0636  SharedAccess - ok
15:01:15.0633 0636  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:01:15.0664 0636  ShellHWDetection - ok
15:01:15.0680 0636  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:01:15.0680 0636  sisagp - ok
15:01:15.0726 0636  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:01:15.0726 0636  SiSRaid2 - ok
15:01:15.0742 0636  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:01:15.0742 0636  SiSRaid4 - ok
15:01:15.0773 0636  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:01:15.0773 0636  Smb - ok
15:01:15.0820 0636  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:01:15.0836 0636  SNMPTRAP - ok
15:01:15.0851 0636  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:01:15.0851 0636  spldr - ok
15:01:15.0898 0636  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
15:01:15.0914 0636  Spooler - ok
15:01:16.0054 0636  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
15:01:16.0085 0636  sppsvc - ok
15:01:16.0132 0636  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:01:16.0148 0636  sppuinotify - ok
15:01:16.0148 0636  SQLAgent$SONY_MEDIAMGR - ok
15:01:16.0179 0636  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:01:16.0194 0636  srv - ok
15:01:16.0210 0636  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:01:16.0210 0636  srv2 - ok
15:01:16.0241 0636  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:01:16.0241 0636  srvnet - ok
15:01:16.0272 0636  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:01:16.0288 0636  SSDPSRV - ok
15:01:16.0335 0636  [ 5F77725EC309DE1242D8EFC8E9259A9F ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
15:01:16.0335 0636  SSPORT - ok
15:01:16.0350 0636  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:01:16.0366 0636  SstpSvc - ok
15:01:16.0397 0636  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:01:16.0397 0636  stexstor - ok
15:01:16.0460 0636  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
15:01:16.0475 0636  StiSvc - ok
15:01:16.0506 0636  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:01:16.0506 0636  swenum - ok
15:01:16.0631 0636  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:01:16.0662 0636  SwitchBoard - ok
15:01:16.0694 0636  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
15:01:16.0725 0636  swprv - ok
15:01:16.0803 0636  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
15:01:16.0850 0636  SysMain - ok
15:01:16.0896 0636  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:01:16.0896 0636  TabletInputService - ok
15:01:16.0943 0636  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:01:16.0959 0636  TapiSrv - ok
15:01:16.0990 0636  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
15:01:17.0006 0636  TBS - ok
15:01:17.0099 0636  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:01:17.0146 0636  Tcpip - ok
15:01:17.0193 0636  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:01:17.0208 0636  TCPIP6 - ok
15:01:17.0255 0636  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:01:17.0255 0636  tcpipreg - ok
15:01:17.0286 0636  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:01:17.0286 0636  TDPIPE - ok
15:01:17.0302 0636  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:01:17.0302 0636  TDTCP - ok
15:01:17.0333 0636  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:01:17.0333 0636  tdx - ok
15:01:17.0349 0636  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:01:17.0349 0636  TermDD - ok
15:01:17.0396 0636  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
15:01:17.0396 0636  TermService - ok
15:01:17.0427 0636  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
15:01:17.0442 0636  Themes - ok
15:01:17.0458 0636  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:01:17.0474 0636  THREADORDER - ok
15:01:17.0489 0636  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
15:01:17.0505 0636  TrkWks - ok
15:01:17.0567 0636  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:01:17.0583 0636  TrustedInstaller - ok
15:01:17.0630 0636  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:01:17.0630 0636  tssecsrv - ok
15:01:17.0676 0636  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:01:17.0676 0636  TsUsbFlt - ok
15:01:17.0708 0636  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:01:17.0723 0636  tunnel - ok
15:01:17.0739 0636  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:01:17.0739 0636  uagp35 - ok
15:01:17.0786 0636  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:01:17.0786 0636  udfs - ok
15:01:17.0817 0636  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:01:17.0832 0636  UI0Detect - ok
15:01:17.0864 0636  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:01:17.0864 0636  uliagpkx - ok
15:01:17.0910 0636  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
15:01:17.0910 0636  umbus - ok
15:01:17.0926 0636  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:01:17.0926 0636  UmPass - ok
15:01:17.0957 0636  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
15:01:17.0973 0636  upnphost - ok
15:01:17.0988 0636  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:01:17.0988 0636  usbccgp - ok
15:01:18.0020 0636  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:01:18.0020 0636  usbcir - ok
15:01:18.0035 0636  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:01:18.0051 0636  usbehci - ok
15:01:18.0066 0636  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:01:18.0082 0636  usbhub - ok
15:01:18.0098 0636  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:01:18.0098 0636  usbohci - ok
15:01:18.0129 0636  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:01:18.0144 0636  usbprint - ok
15:01:18.0176 0636  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:01:18.0191 0636  usbscan - ok
15:01:18.0207 0636  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
15:01:18.0207 0636  USBSTOR - ok
15:01:18.0238 0636  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:01:18.0238 0636  usbuhci - ok
15:01:18.0285 0636  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
15:01:18.0300 0636  UxSms - ok
15:01:18.0300 0636  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
15:01:18.0316 0636  VaultSvc - ok
15:01:18.0363 0636  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:01:18.0363 0636  vdrvroot - ok
15:01:18.0410 0636  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
15:01:18.0425 0636  vds - ok
15:01:18.0456 0636  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:01:18.0472 0636  vga - ok
15:01:18.0488 0636  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:01:18.0488 0636  VgaSave - ok
15:01:18.0519 0636  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:01:18.0534 0636  vhdmp - ok
15:01:18.0581 0636  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:01:18.0581 0636  viaagp - ok
15:01:18.0597 0636  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
15:01:18.0597 0636  ViaC7 - ok
15:01:18.0628 0636  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
15:01:18.0628 0636  viaide - ok
15:01:18.0659 0636  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:01:18.0659 0636  volmgr - ok
15:01:18.0690 0636  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:01:18.0706 0636  volmgrx - ok
15:01:18.0753 0636  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:01:18.0768 0636  volsnap - ok
15:01:18.0800 0636  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:01:18.0800 0636  vsmraid - ok
15:01:18.0862 0636  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
15:01:18.0878 0636  VSS - ok
15:01:18.0909 0636  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:01:18.0924 0636  vwifibus - ok
15:01:18.0956 0636  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
15:01:18.0987 0636  W32Time - ok
15:01:19.0002 0636  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:01:19.0018 0636  WacomPen - ok
15:01:19.0049 0636  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:01:19.0049 0636  WANARP - ok
15:01:19.0065 0636  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:01:19.0065 0636  Wanarpv6 - ok
15:01:19.0143 0636  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:01:19.0190 0636  WatAdminSvc - ok
15:01:19.0252 0636  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
15:01:19.0268 0636  wbengine - ok
15:01:19.0314 0636  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:01:19.0314 0636  WbioSrvc - ok
15:01:19.0361 0636  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:01:19.0377 0636  wcncsvc - ok
15:01:19.0392 0636  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:01:19.0408 0636  WcsPlugInService - ok
15:01:19.0439 0636  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:01:19.0439 0636  Wd - ok
15:01:19.0470 0636  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:01:19.0486 0636  Wdf01000 - ok
15:01:19.0517 0636  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:01:19.0533 0636  WdiServiceHost - ok
15:01:19.0533 0636  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:01:19.0548 0636  WdiSystemHost - ok
15:01:19.0595 0636  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
15:01:19.0611 0636  WebClient - ok
15:01:19.0642 0636  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:01:19.0658 0636  Wecsvc - ok
15:01:19.0673 0636  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:01:19.0689 0636  wercplsupport - ok
15:01:19.0720 0636  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:01:19.0736 0636  WerSvc - ok
15:01:19.0782 0636  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:01:19.0782 0636  WfpLwf - ok
15:01:19.0798 0636  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:01:19.0798 0636  WIMMount - ok
15:01:19.0860 0636  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:01:19.0860 0636  WinDefend - ok
15:01:19.0876 0636  WinHttpAutoProxySvc - ok
15:01:19.0938 0636  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:01:19.0938 0636  Winmgmt - ok
15:01:20.0016 0636  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
15:01:20.0079 0636  WinRM - ok
15:01:20.0141 0636  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:01:20.0172 0636  Wlansvc - ok
15:01:20.0297 0636  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:01:20.0344 0636  wlidsvc - ok
15:01:20.0375 0636  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:01:20.0375 0636  WmiAcpi - ok
15:01:20.0422 0636  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:01:20.0422 0636  wmiApSrv - ok
15:01:20.0516 0636  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:01:20.0531 0636  WMPNetworkSvc - ok
15:01:20.0562 0636  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:01:20.0578 0636  WPCSvc - ok
15:01:20.0609 0636  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:01:20.0625 0636  WPDBusEnum - ok
15:01:20.0640 0636  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:01:20.0656 0636  ws2ifsl - ok
15:01:20.0672 0636  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:01:20.0687 0636  wscsvc - ok
15:01:20.0687 0636  WSearch - ok
15:01:20.0796 0636  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
15:01:20.0828 0636  wuauserv - ok
15:01:20.0859 0636  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:01:20.0859 0636  WudfPf - ok
15:01:20.0890 0636  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:01:20.0890 0636  WUDFRd - ok
15:01:20.0921 0636  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:01:20.0937 0636  wudfsvc - ok
15:01:20.0968 0636  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:01:20.0999 0636  WwanSvc - ok
15:01:21.0015 0636  ================ Scan global ===============================
15:01:21.0046 0636  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:01:21.0077 0636  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:01:21.0108 0636  [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:01:21.0155 0636  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:01:21.0186 0636  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:01:21.0202 0636  [Global] - ok
15:01:21.0202 0636  ================ Scan MBR ==================================
15:01:21.0218 0636  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:01:21.0498 0636  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:01:21.0498 0636  \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:01:21.0498 0636  ================ Scan VBR ==================================
15:01:21.0498 0636  [ 7B92A41882C2A93F927A4203C166D5B9 ] \Device\Harddisk0\DR0\Partition1
15:01:21.0498 0636  \Device\Harddisk0\DR0\Partition1 - ok
15:01:21.0530 0636  [ 1E1C534372ADACB1496E66D49E1124F7 ] \Device\Harddisk0\DR0\Partition2
15:01:21.0530 0636  \Device\Harddisk0\DR0\Partition2 - ok
15:01:21.0561 0636  [ A6314D0ABBFF2081F2E3BB372115E8D4 ] \Device\Harddisk0\DR0\Partition3
15:01:21.0561 0636  \Device\Harddisk0\DR0\Partition3 - ok
15:01:21.0561 0636  ============================================================
15:01:21.0561 0636  Scan finished
15:01:21.0561 0636  ============================================================
15:01:21.0592 3884  Detected object count: 1
15:01:21.0592 3884  Actual detected object count: 1
15:01:40.0889 3884  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:01:40.0889 3884  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
 



#4 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 06:09 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by User (administrator) on 08-02-2013 at 15:04:09
Running from "C:\Users\User\Desktop"
Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 hl2rcv.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90

There are 1 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : User-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : vc.shawcable.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : vc.shawcable.net
   Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 38-60-77-83-5B-4F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a9ba:e954:7d02:c85f%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.100(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, February 08, 2013 12:40:31 PM
   Lease Expires . . . . . . . . . . : Friday, February 15, 2013 12:40:30 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 238575735
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-6A-68-5B-38-60-77-83-5B-4F
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.vc.shawcable.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : vc.shawcable.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:3c76:333f:e7aa:4e86(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3c76:333f:e7aa:4e86%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2607:f8b0:400a:801::1007
      173.194.33.39
      173.194.33.41
      173.194.33.32
      173.194.33.35
      173.194.33.34
      173.194.33.37
      173.194.33.46
      173.194.33.38
      173.194.33.33
      173.194.33.40
      173.194.33.36


Pinging google.com [173.194.33.36] with 32 bytes of data:
Reply from 173.194.33.36: bytes=32 time=12ms TTL=55
Reply from 173.194.33.36: bytes=32 time=12ms TTL=56

Ping statistics for 173.194.33.36:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 12ms, Average = 12ms
Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=515ms TTL=49
Reply from 98.139.183.24: bytes=32 time=598ms TTL=45

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 515ms, Maximum = 598ms, Average = 556ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...38 60 77 83 5b 4f ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.100     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.100    276
    192.168.0.100  255.255.255.255         On-link     192.168.0.100    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.100    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.100    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.100    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     58 2001::/32                On-link
 12    306 2001:0:9d38:6ab8:3c76:333f:e7aa:4e86/128
                                    On-link
 10    276 fe80::/64                On-link
 12    306 fe80::/64                On-link
 12    306 fe80::3c76:333f:e7aa:4e86/128
                                    On-link
 10    276 fe80::a9ba:e954:7d02:c85f/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/07/2013 10:57:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/06/2013 04:19:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/06/2013 03:53:54 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {8ba8d10b-fb11-4cf8-9a93-aedc5ba08524}

Error: (02/05/2013 02:54:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2013 11:45:56 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2013 02:58:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/02/2013 08:40:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/01/2013 02:17:41 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/31/2013 11:17:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/30/2013 11:40:54 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (02/08/2013 08:23:18 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:14:24 PM on ?2/?7/?2013 was unexpected.

Error: (02/04/2013 04:20:20 PM) (Source: Service Control Manager) (User: )
Description: The F-Secure BlackLight Sensor service failed to start due to the following error:
%%5

Error: (01/31/2013 11:07:22 PM) (Source: Service Control Manager) (User: )
Description: The UPnP Device Host service failed to start due to the following error:
%%1069

Error: (01/31/2013 11:07:22 PM) (Source: Service Control Manager) (User: )
Description: The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%1352

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/31/2013 11:07:22 PM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (01/27/2013 01:13:53 PM) (Source: Service Control Manager) (User: )
Description: The F-Secure BlackLight Sensor service failed to start due to the following error:
%%5

Error: (01/23/2013 10:26:39 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:25:31 AM on ?1/?23/?2013 was unexpected.

Error: (01/21/2013 11:01:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070308: Update for Windows 7 (KB2505438).

Error: (01/21/2013 08:09:19 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following error:
%%-2147416365

Error: (01/21/2013 07:16:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Windows 7 Service Pack 1 (KB976932).


Microsoft Office Sessions:
=========================
Error: (02/07/2013 10:57:50 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (02/06/2013 04:19:00 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (02/06/2013 03:53:54 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {8ba8d10b-fb11-4cf8-9a93-aedc5ba08524}

Error: (02/05/2013 02:54:07 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (02/04/2013 11:45:56 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (02/03/2013 02:58:31 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (02/02/2013 08:40:51 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (02/01/2013 02:17:41 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (01/31/2013 11:17:10 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe

Error: (01/30/2013 11:40:54 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung scx-472x series\Setup\Setup\bin\wiainst64.exe


=========================== Installed Programs ============================

Adobe AIR (Version: 2.5.1.17730)
Adobe Community Help (Version: 3.4.980)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Photoshop CS5.1 (Version: 12.1)
avast! Free Antivirus (Version: 7.0.1474.0)
BitTorrent (Version: 7.7.3.28706)
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.123)
IsoBuster 2.8.5 (Version: 2.8.5)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java SE Development Kit 7 Update 11 (Version: 1.7.0.110)
Lernout & Hauspie TruVoice American English TTS Engine
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) (Version: 8.00.761)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
PDF Settings CS5 (Version: 10.0)
PowerISO (Version: 5.0)
Rayman Origins version 1.0 (Version: 1.0)
Samsung Network PC Fax (Version: 1.06.32 (7/17/2012))
Samsung SCX-472x Series (Version: 1.19 (9/17/2012))
Sony Media Manager 2.2 (Version: 2.2.58)
Sony Vegas 7.0a (Version: 7.0.115)
Speakonia (Version: 1.0.3.5)
Street Fighter X Tekken (Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.11 (32-bit) (Version: 4.11.0)
Your Uninstaller! 2010 (Version: 7.0)

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 2934.55 MB
Available physical RAM: 1990.49 MB
Total Pagefile: 5867.38 MB
Available Pagefile: 4921.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.39 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:203.49 GB) (Free:132.99 GB) NTFS

========================= Users: ========================================

User accounts for \\USER-PC

Administrator            Guest                    User                     


**** End of log ****
 



#5 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 06:16 PM

# AdwCleaner v2.111 - Logfile created 02/08/2013 at 15:12:19
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : User - USER-PC
# Boot Mode : Normal
# Running from : C:\Users\User\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

-\\ Google Chrome v24.0.1312.57

*************************

AdwCleaner[S1].txt - [586 octets] - [08/02/2013 15:12:19]

########## EOF - C:\AdwCleaner[S1].txt - [645 octets] ##########
 



#6 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 06:48 PM

I rescan with Eset and it didn't detect anything It didn't no logs. The computer's symptoms keeps happening.



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:35 PM

Posted 08 February 2013 - 07:06 PM

Hello..

 

Re run TDSS and changethe option on these to Cure or Delete

15:01:40.0889 3884 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:01:40.0889 3884 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

 

 

Your orial51.html"]HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go [url="http://support.microsoft.com/kb/972034"]HERE[/url] click the button.  Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 07:47 PM

Ok I deleted the \Device\Harddisk0\DR0. As for the Host files. That isn't a what the malware did. I put those there to fix the Abode Photoshop CS5.1 error.



#9 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 08:09 PM

My computer's symptom still remains. Let me explain again. When I open folder files, it is unresponsive and slow taking 10 to 15 seconds to open. I'm talking about Folder files in my desktop, C: Drive. This slow delay also includes opening stuff like notepad. Even when I'm not using the internet, it slow. When I try to open the internet browser it just as slow to open. It takes the pages very long to connect and load and something I get DDOS. It happens whether I go to google main home page, go do a search, log in my forum accounts. This is has been happening for a least a month.


Edited by Slayer90, 08 February 2013 - 08:09 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:35 PM

Posted 08 February 2013 - 08:17 PM

Lets see if it those services not running from the Mini log.  Run Service Repair Utility


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 09:15 PM

Log Opened: 2013-02-08 @ 18:12:15
18:12:15 - -----------------
18:12:15 - | Begin Logging |
18:12:15 - -----------------
18:12:15 - Fix started on a WIN_7 X86 computer
18:12:15 - Prep in progress.  Please Wait.
18:12:20 - Prep complete
18:12:20 - Repairing Services Now.  Please wait...
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BFE.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\SubLayer>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Provider>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\Persistent>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime\Filter>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy\BootTime>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters\Policy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BFE>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\BITS.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Performance>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\BITS>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\iphlpsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo\{FA88062C-9A61-4C1E-AC45-7143F8F01AAD}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap\{8AD2FB26-F91E-44F1-9B24-3C0AE56C9CE0}>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\Isatap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters\IPHTTPS>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\Interfaces>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc\config>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\iphlpsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\MpsSvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\Teredo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\RPC-EPMap>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSOut>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\IPTLSIn>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords\DHCP>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters\PortKeywords>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\MpsSvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\SharedAccess.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Static>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch2>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Epoch>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\StandardProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\PublicProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile\Logging>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy\DomainProfile>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults\FirewallPolicy>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess\Defaults>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\SharedAccess>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\WinDefend.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo\0>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\TriggerInfo>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\WinDefend>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wscsvc.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wscsvc>

SetACL finished successfully.
INFO: The restore action ignores the object name parameter (paths are read from the backup file). However, other actions that require the object name may be combined with -restore.
INFORMATION: Input file for restore operation opened: '.\Win7\wuauserv.sddl'
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Security>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv\Parameters>
INFORMATION: Restoring SD of: <machine\System\CurrentControlset\Services\wuauserv>

SetACL finished successfully.
18:12:24 - Services Repair Complete.
18:12:26 - Reboot Initiated
 



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,040 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:35 PM

Posted 08 February 2013 - 09:32 PM

Running any better.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 10:30 PM

Aside teh speed is still somewhat slow, the computer's performance is a little better. But I don't think its fully cleaned yet. Please keep this topic open if the same symptom recurs I'll let you.


Edited by Slayer90, 08 February 2013 - 11:28 PM.


#14 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 08 February 2013 - 11:39 PM

The symptoms came back. As I said in my first post. I said my computer also slow and freeze repeatedly. This symptom remains unchanged. The freeze last for 5 to 10 minutes. It happens randomly. When the computer starts running the, it might freeze 5 minutes later or 1 hour later or 20 minutes later. There doesn't seem to have pattern as to when the computer freezes. My computer is still slower then normal. If you please, I would like to get this computer fix withing this topic. I don't want to have to make another topic in the Virus, Trojan, Spyware and Malware Removal Logs topic. Last year I receive no help for 2 weeks.

 

I had problems connecting to this site http://www.bleepingcomputer.com/. 1 hour ago. The loading time is long and result in a DDOS screen.

 


Edited by Slayer90, 09 February 2013 - 12:43 AM.


#15 Slayer90

Slayer90
  • Topic Starter

  • Members
  • 216 posts
  • OFFLINE
  •  
  • Local time:12:35 PM

Posted 09 February 2013 - 02:45 PM

Any ideas on how to fix this?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users