computer kicks me offline, but not off aim, happens all the time.

View previous topic View next topic Go down

computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Sun 23 Dec 2012, 2:33 pm

hi, all the time i will be watching youtube or something and the video will give me an error and say it has a problem. then the computer wont let me online at all, but aim video chat still goes just fine. i have a couple of logs ready to post for you, thanks a lot i tried a hijackthis but it couldnt access the host file.

# AdwCleaner v2.101 - Logfile created 12/22/2012 at 22:28:16
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : andrew - ANDREW-PC
# Boot Mode : Normal
# Running from : C:\Users\andrew\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\255m4zlj.default\bprotector_extensions.sqlite
Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\Users\andrew\AppData\Local\SwvUpdater
Folder Found : C:\Users\andrew\AppData\Local\Temp\boost_interprocess
Folder Found : C:\Users\andrew\AppData\Roaming\Babylon
Folder Found : C:\Users\andrew\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-585865164-2106432120-296127809-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [You must be registered and logged in to see this link.]

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\255m4zlj.default\prefs.js

Found : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=117452&tt=4812_4&babsrc=[...]
Found : user_pref("avg.install.userSPSettings", "Claro Search");
Found : user_pref("extensions.claro.admin", false);
Found : user_pref("extensions.claro.aflt", "babsst");
Found : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Found : user_pref("extensions.claro.dfltLng", "en");
Found : user_pref("extensions.claro.excTlbr", false);
Found : user_pref("extensions.claro.id", "1e14a3800000000000009cb70da53264");
Found : user_pref("extensions.claro.instlDay", "15676");
Found : user_pref("extensions.claro.instlRef", "sst");
Found : user_pref("extensions.claro.prdct", "claro");
Found : user_pref("extensions.claro.prtnrId", "claro");
Found : user_pref("extensions.claro.tlbrId", "irhnew");
Found : user_pref("extensions.claro.tlbrSrchUrl", "");
Found : user_pref("extensions.claro.vrsn", "1.8.3.10");
Found : user_pref("extensions.claro.vrsni", "1.8.3.10");
Found : user_pref("extensions.claro_i.smplGrp", "none");
Found : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1022:54:19");

*************************

AdwCleaner[R1].txt - [5061 octets] - [22/12/2012 22:28:16]

########## EOF - C:\AdwCleaner[R1].txt - [5121 octets] ##########


andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Sun 23 Dec 2012, 2:34 pm

and here is the hijack this

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:26:07 PM, on 12/22/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
C:\Users\andrew\Downloads\HijackThis.exe
C:\windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O8 - Extra context menu item: Google Sidewiki... - [You must be registered and logged in to see this link.] Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{06198A06-C4B0-4456-909C-DD016B31F493}: NameServer = 107.6.133.8,23.23.180.210
O17 - HKLM\System\CCS\Services\Tcpip\..\{737E76CA-4C11-4B99-AB1F-763C58339A0D}: NameServer = 107.6.133.8,23.23.180.210
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
O17 - HKLM\System\CCS\Services\Tcpip\..\{D41F5831-4605-4D83-83BD-B5CFC472AA63}: NameServer = 107.6.133.8,23.23.180.210
O17 - HKLM\System\CS1\Services\Tcpip\..\{06198A06-C4B0-4456-909C-DD016B31F493}: NameServer = 107.6.133.8,23.23.180.210
O17 - HKLM\System\CS2\Services\Tcpip\..\{06198A06-C4B0-4456-909C-DD016B31F493}: NameServer = 107.6.133.8,23.23.180.210
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O20 - AppInit_DLLs: c:\progra~3\browse~1\25976~1.107\{c16c1~1\mngr.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10331 bytes

andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by DragonMaster Jay on Sun 23 Dec 2012, 6:15 pm

Hi there!

ComboFix scan

Please download ComboFix by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:

  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.

Running ComboFix:

  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.

Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Mon 24 Dec 2012, 10:50 am

ComboFix 12-12-23.01 - andrew 12/23/2012 18:34:03.3.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3559.2225 [GMT -5:00]
Running from: c:\users\andrew\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-23 to 2012-12-23 )))))))))))))))))))))))))))))))
.
.
2012-12-23 23:38 . 2012-12-23 23:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-23 03:09 . 2012-12-23 03:10 -------- d-----w- c:\users\andrew\AppData\Roaming\QuickScan
2012-12-23 02:41 . 2012-12-23 02:41 -------- d-----w- c:\programdata\Kaspersky Lab
2012-12-22 12:33 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C602A88B-2F4C-49FF-829D-6118D4D60673}\mpengine.dll
2012-12-21 08:00 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 08:00 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 08:00 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 08:00 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 15:06 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-12 08:00 . 2012-11-14 07:11 763424 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2012-12-12 05:02 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 05:01 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 05:01 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-07 20:40 . 2012-12-07 20:40 42440 ----a-w- c:\windows\SysWow64\xfcodec.dll
2012-12-07 20:40 . 2012-12-07 20:40 28104 ----a-w- c:\windows\system32\xfcodec64.dll
2012-12-02 04:10 . 2012-02-09 18:17 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-12-02 04:10 . 2012-12-02 04:09 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E26FAEE5-6A94-4E89-9108-D30A56EE8DA8}\gapaengine.dll
2012-12-02 04:01 . 2012-12-02 04:01 -------- d-----w- c:\users\andrew\AppData\Roaming\Strongvault
2012-12-02 04:00 . 2012-12-02 04:00 -------- d-----w- c:\users\andrew\AppData\Local\Stronghold_LLC
2012-12-02 04:00 . 2012-12-02 04:08 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-23 01:36 . 2012-07-06 23:08 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-23 01:36 . 2011-11-02 03:40 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 08:03 . 2012-05-24 23:57 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 00:40 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 00:40 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 00:40 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-14 13:13 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-14 13:13 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-14 13:13 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 13:13 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-10-04 16:40 . 2012-12-12 05:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-10-03 17:56 . 2012-11-14 13:13 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 17:44 . 2012-11-14 13:13 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 17:44 . 2012-11-14 13:13 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 17:44 . 2012-11-14 13:13 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 17:44 . 2012-11-14 13:13 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 17:44 . 2012-11-14 13:13 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 17:42 . 2012-11-14 13:13 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 16:42 . 2012-11-14 13:13 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 13:13 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-10-03 16:42 . 2012-11-14 13:13 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-10-03 16:07 . 2012-11-14 13:13 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-30 00:54 . 2012-07-04 00:05 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-25 22:47 . 2012-11-14 13:13 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-09-25 22:46 . 2012-11-14 13:13 95744 ----a-w- c:\windows\system32\synceng.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-30 676936]
R3 MobileAdapter;Mobile Adapter USB Modem and USB Serial;c:\windows\system32\DRIVERS\qscnusb.sys [2009-09-24 118016]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-12-02 250984]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2010-11-30 307304]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-24 1255736]
R4 fbdpinger;fbdpinger;c:\program files (x86)\Toshiba\ToshibaFB\fdbpinger.exe [2011-10-23 2207128]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R4 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2011-07-19 123320]
R4 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-06-28 828856]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-11 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-30 399432]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-07-19 126392]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-02-09 77424]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-30 25928]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [2009-06-15 12800]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-01-05 1109096]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-06 01:36]
.
2012-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-30 15:47]
.
2012-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-30 15:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = [You must be registered and logged in to see this link.]
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = ;*.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1 68.105.28.12
TCP: Interfaces\{06198A06-C4B0-4456-909C-DD016B31F493}: NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{737E76CA-4C11-4B99-AB1F-763C58339A0D}: NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
TCP: Interfaces\{D41F5831-4605-4D83-83BD-B5CFC472AA63}: NameServer = 107.6.133.8,23.23.180.210
FF - ProfilePath - c:\users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\255m4zlj.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2012-10-30 22:41; {e4a8a97b-f2ed-450b-b12d-ee082ba24781}; c:\users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\255m4zlj.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF - ExtSQL: 2012-12-22 22:08; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\255m4zlj.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-23 18:39:54
ComboFix-quarantined-files.txt 2012-12-23 23:39
ComboFix2.txt 2012-12-23 22:57
.
Pre-Run: 535,367,778,304 bytes free
Post-Run: 535,309,922,304 bytes free
.
- - End Of File - - B6994A5A07EAED09A20AAB12562C2371

andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by DragonMaster Jay on Mon 24 Dec 2012, 8:43 pm

TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.



-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.



------------------------

Click the Start Scan button.



-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue




----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.





--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Mon 24 Dec 2012, 9:32 pm

05:24:54.0469 4268 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
05:24:54.0741 4268 ============================================================
05:24:54.0741 4268 Current date / time: 2012/12/24 05:24:54.0741
05:24:54.0741 4268 SystemInfo:
05:24:54.0741 4268
05:24:54.0742 4268 OS Version: 6.1.7601 ServicePack: 1.0
05:24:54.0742 4268 Product type: Workstation
05:24:54.0742 4268 ComputerName: ANDREW-PC
05:24:54.0742 4268 UserName: andrew
05:24:54.0742 4268 Windows directory: C:\windows
05:24:54.0742 4268 System windows directory: C:\windows
05:24:54.0742 4268 Running under WOW64
05:24:54.0742 4268 Processor architecture: Intel x64
05:24:54.0742 4268 Number of processors: 4
05:24:54.0742 4268 Page size: 0x1000
05:24:54.0742 4268 Boot type: Normal boot
05:24:54.0742 4268 ============================================================
05:24:56.0214 4268 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:24:56.0221 4268 ============================================================
05:24:56.0221 4268 \Device\Harddisk0\DR0:
05:24:56.0221 4268 MBR partitions:
05:24:56.0221 4268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x48816000
05:24:56.0221 4268 ============================================================
05:24:56.0255 4268 C: <-> \Device\Harddisk0\DR0\Partition1
05:24:56.0256 4268 ============================================================
05:24:56.0256 4268 Initialize success
05:24:56.0256 4268 ============================================================
05:25:46.0029 3832 ============================================================
05:25:46.0029 3832 Scan started
05:25:46.0029 3832 Mode: Manual; SigCheck; TDLFS;
05:25:46.0029 3832 ============================================================
05:25:46.0567 3832 ================ Scan services =============================
05:25:46.0837 3832 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
05:25:46.0935 3832 1394ohci - ok
05:25:46.0968 3832 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
05:25:46.0989 3832 ACPI - ok
05:25:47.0022 3832 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
05:25:47.0100 3832 AcpiPmi - ok
05:25:47.0212 3832 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
05:25:47.0226 3832 AdobeARMservice - ok
05:25:47.0377 3832 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
05:25:47.0396 3832 AdobeFlashPlayerUpdateSvc - ok
05:25:47.0446 3832 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
05:25:47.0472 3832 adp94xx - ok
05:25:47.0516 3832 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
05:25:47.0539 3832 adpahci - ok
05:25:47.0562 3832 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
05:25:47.0580 3832 adpu320 - ok
05:25:47.0614 3832 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
05:25:47.0737 3832 AeLookupSvc - ok
05:25:47.0782 3832 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
05:25:47.0835 3832 AFD - ok
05:25:47.0883 3832 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
05:25:47.0898 3832 agp440 - ok
05:25:47.0926 3832 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
05:25:47.0980 3832 ALG - ok
05:25:48.0006 3832 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
05:25:48.0022 3832 aliide - ok
05:25:48.0075 3832 [ 276EEFC3E2BCE9F429AAEC041BCE1488 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
05:25:48.0143 3832 AMD External Events Utility - ok
05:25:48.0239 3832 AMD FUEL Service - ok
05:25:48.0252 3832 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
05:25:48.0266 3832 amdide - ok
05:25:48.0289 3832 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\windows\system32\DRIVERS\amdiox64.sys
05:25:48.0312 3832 amdiox64 - ok
05:25:48.0366 3832 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
05:25:48.0395 3832 AmdK8 - ok
05:25:48.0666 3832 [ EC8480425E5A8775FEB5004A8C1BD11E ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
05:25:48.0997 3832 amdkmdag - ok
05:25:49.0054 3832 [ 87543E780F418BCDBC77279FE784AFF7 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
05:25:49.0103 3832 amdkmdap - ok
05:25:49.0131 3832 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
05:25:49.0160 3832 AmdPPM - ok
05:25:49.0195 3832 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
05:25:49.0211 3832 amdsata - ok
05:25:49.0224 3832 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
05:25:49.0243 3832 amdsbs - ok
05:25:49.0260 3832 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
05:25:49.0274 3832 amdxata - ok
05:25:49.0329 3832 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
05:25:49.0343 3832 AODDriver4.1 - ok
05:25:49.0365 3832 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
05:25:49.0484 3832 AppID - ok
05:25:49.0512 3832 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
05:25:49.0580 3832 AppIDSvc - ok
05:25:49.0609 3832 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
05:25:49.0675 3832 Appinfo - ok
05:25:49.0749 3832 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:25:49.0762 3832 Apple Mobile Device - ok
05:25:49.0819 3832 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
05:25:49.0835 3832 arc - ok
05:25:49.0854 3832 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
05:25:49.0872 3832 arcsas - ok
05:25:49.0968 3832 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:25:49.0981 3832 aspnet_state - ok
05:25:50.0013 3832 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
05:25:50.0085 3832 AsyncMac - ok
05:25:50.0100 3832 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
05:25:50.0114 3832 atapi - ok
05:25:50.0175 3832 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
05:25:50.0189 3832 AtiHDAudioService - ok
05:25:50.0245 3832 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
05:25:50.0313 3832 AudioEndpointBuilder - ok
05:25:50.0326 3832 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
05:25:50.0378 3832 AudioSrv - ok
05:25:50.0410 3832 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
05:25:50.0492 3832 AxInstSV - ok
05:25:50.0538 3832 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
05:25:50.0580 3832 b06bdrv - ok
05:25:50.0605 3832 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
05:25:50.0636 3832 b57nd60a - ok
05:25:50.0671 3832 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
05:25:50.0719 3832 BDESVC - ok
05:25:50.0753 3832 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
05:25:50.0814 3832 Beep - ok
05:25:50.0858 3832 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
05:25:50.0931 3832 BFE - ok
05:25:50.0973 3832 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
05:25:51.0040 3832 BITS - ok
05:25:51.0083 3832 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
05:25:51.0109 3832 blbdrive - ok
05:25:51.0153 3832 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:25:51.0174 3832 Bonjour Service - ok
05:25:51.0209 3832 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
05:25:51.0251 3832 bowser - ok
05:25:51.0276 3832 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
05:25:51.0309 3832 BrFiltLo - ok
05:25:51.0333 3832 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
05:25:51.0352 3832 BrFiltUp - ok
05:25:51.0412 3832 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
05:25:51.0468 3832 BridgeMP - ok
05:25:51.0503 3832 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
05:25:51.0546 3832 Browser - ok
05:25:51.0571 3832 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
05:25:51.0629 3832 Brserid - ok
05:25:51.0652 3832 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
05:25:51.0686 3832 BrSerWdm - ok
05:25:51.0734 3832 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
05:25:51.0765 3832 BrUsbMdm - ok
05:25:51.0776 3832 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
05:25:51.0801 3832 BrUsbSer - ok
05:25:51.0822 3832 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
05:25:51.0855 3832 BTHMODEM - ok
05:25:51.0881 3832 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
05:25:51.0943 3832 bthserv - ok
05:25:51.0986 3832 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
05:25:52.0044 3832 cdfs - ok
05:25:52.0085 3832 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
05:25:52.0111 3832 cdrom - ok
05:25:52.0152 3832 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
05:25:52.0224 3832 CertPropSvc - ok
05:25:52.0268 3832 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
05:25:52.0293 3832 circlass - ok
05:25:52.0332 3832 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
05:25:52.0353 3832 CLFS - ok
05:25:52.0419 3832 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:25:52.0433 3832 clr_optimization_v2.0.50727_32 - ok
05:25:52.0466 3832 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:25:52.0480 3832 clr_optimization_v2.0.50727_64 - ok
05:25:52.0550 3832 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:25:52.0564 3832 clr_optimization_v4.0.30319_32 - ok
05:25:52.0579 3832 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:25:52.0593 3832 clr_optimization_v4.0.30319_64 - ok
05:25:52.0624 3832 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
05:25:52.0647 3832 CmBatt - ok
05:25:52.0665 3832 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
05:25:52.0679 3832 cmdide - ok
05:25:52.0716 3832 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
05:25:52.0776 3832 CNG - ok
05:25:52.0855 3832 [ 20506F12AFAD3DB588D007EA9325FBBC ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
05:25:52.0905 3832 CnxtHdAudService - ok
05:25:52.0943 3832 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
05:25:52.0957 3832 Compbatt - ok
05:25:52.0988 3832 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
05:25:53.0014 3832 CompositeBus - ok
05:25:53.0032 3832 COMSysApp - ok
05:25:53.0052 3832 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
05:25:53.0067 3832 crcdisk - ok
05:25:53.0104 3832 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
05:25:53.0151 3832 CryptSvc - ok
05:25:53.0187 3832 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
05:25:53.0285 3832 DcomLaunch - ok
05:25:53.0331 3832 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
05:25:53.0397 3832 defragsvc - ok
05:25:53.0422 3832 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
05:25:53.0482 3832 DfsC - ok
05:25:53.0542 3832 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
05:25:53.0592 3832 Dhcp - ok
05:25:53.0621 3832 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
05:25:53.0693 3832 discache - ok
05:25:53.0729 3832 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
05:25:53.0745 3832 Disk - ok
05:25:53.0785 3832 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
05:25:53.0838 3832 Dnscache - ok
05:25:53.0859 3832 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
05:25:53.0919 3832 dot3svc - ok
05:25:53.0955 3832 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
05:25:54.0020 3832 DPS - ok
05:25:54.0059 3832 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
05:25:54.0089 3832 drmkaud - ok
05:25:54.0121 3832 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
05:25:54.0157 3832 DXGKrnl - ok
05:25:54.0181 3832 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
05:25:54.0244 3832 EapHost - ok
05:25:54.0338 3832 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
05:25:54.0416 3832 ebdrv - ok
05:25:54.0442 3832 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
05:25:54.0486 3832 EFS - ok
05:25:54.0557 3832 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
05:25:54.0617 3832 ehRecvr - ok
05:25:54.0632 3832 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
05:25:54.0649 3832 ehSched - ok
05:25:54.0692 3832 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
05:25:54.0720 3832 elxstor - ok
05:25:54.0735 3832 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
05:25:54.0757 3832 ErrDev - ok
05:25:54.0804 3832 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
05:25:54.0864 3832 EventSystem - ok
05:25:54.0889 3832 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
05:25:54.0936 3832 exfat - ok
05:25:54.0967 3832 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
05:25:55.0026 3832 fastfat - ok
05:25:55.0080 3832 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
05:25:55.0136 3832 Fax - ok
05:25:55.0245 3832 [ EA17AB7710ABA136945033CC3BEE3AD5 ] fbdpinger c:\Program Files (x86)\Toshiba\ToshibaFB\fdbpinger.exe
05:25:55.0313 3832 fbdpinger - ok
05:25:55.0330 3832 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
05:25:55.0359 3832 fdc - ok
05:25:55.0386 3832 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
05:25:55.0432 3832 fdPHost - ok
05:25:55.0449 3832 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
05:25:55.0506 3832 FDResPub - ok
05:25:55.0539 3832 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
05:25:55.0554 3832 FileInfo - ok
05:25:55.0562 3832 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
05:25:55.0619 3832 Filetrace - ok
05:25:55.0638 3832 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
05:25:55.0652 3832 flpydisk - ok
05:25:55.0669 3832 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
05:25:55.0691 3832 FltMgr - ok
05:25:55.0737 3832 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
05:25:55.0805 3832 FontCache - ok
05:25:55.0851 3832 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:25:55.0863 3832 FontCache3.0.0.0 - ok
05:25:55.0888 3832 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
05:25:55.0903 3832 FsDepends - ok
05:25:55.0931 3832 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
05:25:55.0945 3832 Fs_Rec - ok
05:25:55.0972 3832 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
05:25:55.0995 3832 fvevol - ok
05:25:56.0022 3832 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
05:25:56.0037 3832 gagp30kx - ok
05:25:56.0093 3832 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
05:25:56.0108 3832 GamesAppService - ok
05:25:56.0141 3832 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
05:25:56.0153 3832 GEARAspiWDM - ok
05:25:56.0198 3832 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
05:25:56.0260 3832 gpsvc - ok
05:25:56.0365 3832 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:25:56.0380 3832 gupdate - ok
05:25:56.0385 3832 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:25:56.0397 3832 gupdatem - ok
05:25:56.0422 3832 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
05:25:56.0452 3832 hcw85cir - ok
05:25:56.0488 3832 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
05:25:56.0528 3832 HdAudAddService - ok
05:25:56.0561 3832 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
05:25:56.0591 3832 HDAudBus - ok
05:25:56.0606 3832 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
05:25:56.0632 3832 HidBatt - ok
05:25:56.0665 3832 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
05:25:56.0699 3832 HidBth - ok
05:25:56.0720 3832 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
05:25:56.0758 3832 HidIr - ok
05:25:56.0854 3832 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
05:25:56.0994 3832 hidserv - ok
05:25:57.0072 3832 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
05:25:57.0087 3832 HidUsb - ok
05:25:57.0114 3832 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
05:25:57.0177 3832 hkmsvc - ok
05:25:57.0205 3832 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
05:25:57.0251 3832 HomeGroupListener - ok
05:25:57.0274 3832 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
05:25:57.0305 3832 HomeGroupProvider - ok
05:25:57.0328 3832 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
05:25:57.0344 3832 HpSAMD - ok
05:25:57.0381 3832 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
05:25:57.0447 3832 HTTP - ok
05:25:57.0481 3832 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
05:25:57.0495 3832 hwpolicy - ok
05:25:57.0537 3832 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
05:25:57.0552 3832 i8042prt - ok
05:25:57.0581 3832 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
05:25:57.0605 3832 iaStorV - ok
05:25:57.0675 3832 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
05:25:57.0706 3832 IDriverT ( UnsignedFile.Multi.Generic ) - warning
05:25:57.0706 3832 IDriverT - detected UnsignedFile.Multi.Generic (1)
05:25:57.0767 3832 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:25:57.0798 3832 idsvc - ok
05:25:57.0841 3832 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
05:25:57.0855 3832 iirsp - ok
05:25:57.0905 3832 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
05:25:57.0974 3832 IKEEXT - ok
05:25:57.0991 3832 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
05:25:58.0005 3832 intelide - ok
05:25:58.0045 3832 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
05:25:58.0075 3832 intelppm - ok
05:25:58.0111 3832 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
05:25:58.0169 3832 IPBusEnum - ok
05:25:58.0192 3832 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
05:25:58.0236 3832 IpFilterDriver - ok
05:25:58.0276 3832 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
05:25:58.0322 3832 iphlpsvc - ok
05:25:58.0337 3832 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
05:25:58.0369 3832 IPMIDRV - ok
05:25:58.0395 3832 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
05:25:58.0458 3832 IPNAT - ok
05:25:58.0510 3832 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:25:58.0545 3832 iPod Service - ok
05:25:58.0568 3832 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
05:25:58.0589 3832 IRENUM - ok
05:25:58.0621 3832 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
05:25:58.0636 3832 isapnp - ok
05:25:58.0660 3832 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
05:25:58.0680 3832 iScsiPrt - ok
05:25:58.0704 3832 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
05:25:58.0719 3832 kbdclass - ok
05:25:58.0743 3832 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
05:25:58.0770 3832 kbdhid - ok
05:25:58.0786 3832 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
05:25:58.0801 3832 KeyIso - ok
05:25:58.0835 3832 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
05:25:58.0851 3832 KSecDD - ok
05:25:58.0864 3832 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
05:25:58.0886 3832 KSecPkg - ok
05:25:58.0913 3832 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
05:25:58.0971 3832 ksthunk - ok
05:25:59.0022 3832 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
05:25:59.0083 3832 KtmRm - ok
05:25:59.0122 3832 [ 045FB70BC993B691517CE309045FF02D ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
05:25:59.0136 3832 L1C - ok
05:25:59.0169 3832 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
05:25:59.0234 3832 LanmanServer - ok
05:25:59.0263 3832 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
05:25:59.0324 3832 LanmanWorkstation - ok
05:25:59.0350 3832 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
05:25:59.0406 3832 lltdio - ok
05:25:59.0449 3832 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
05:25:59.0507 3832 lltdsvc - ok
05:25:59.0524 3832 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
05:25:59.0569 3832 lmhosts - ok
05:25:59.0600 3832 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
05:25:59.0616 3832 LSI_FC - ok
05:25:59.0656 3832 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
05:25:59.0673 3832 LSI_SAS - ok
05:25:59.0692 3832 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
05:25:59.0707 3832 LSI_SAS2 - ok
05:25:59.0715 3832 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
05:25:59.0731 3832 LSI_SCSI - ok
05:25:59.0754 3832 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
05:25:59.0807 3832 luafv - ok
05:25:59.0873 3832 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
05:25:59.0888 3832 MBAMProtector - ok
05:25:59.0942 3832 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:25:59.0961 3832 MBAMScheduler - ok
05:26:00.0009 3832 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:26:00.0036 3832 MBAMService - ok
05:26:00.0075 3832 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
05:26:00.0092 3832 Mcx2Svc - ok
05:26:00.0117 3832 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
05:26:00.0132 3832 megasas - ok
05:26:00.0161 3832 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
05:26:00.0180 3832 MegaSR - ok
05:26:00.0201 3832 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
05:26:00.0255 3832 MMCSS - ok
05:26:00.0307 3832 [ 64E4A9DE13B50B945992976E319D27E4 ] MobileAdapter C:\windows\system32\DRIVERS\qscnusb.sys
05:26:00.0350 3832 MobileAdapter - ok
05:26:00.0363 3832 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
05:26:00.0425 3832 Modem - ok
05:26:00.0460 3832 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
05:26:00.0495 3832 monitor - ok
05:26:00.0523 3832 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
05:26:00.0537 3832 mouclass - ok
05:26:00.0553 3832 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
05:26:00.0577 3832 mouhid - ok
05:26:00.0601 3832 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
05:26:00.0617 3832 mountmgr - ok
05:26:00.0653 3832 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
05:26:00.0668 3832 MozillaMaintenance - ok
05:26:00.0727 3832 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
05:26:00.0751 3832 MpFilter - ok
05:26:00.0779 3832 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
05:26:00.0796 3832 mpio - ok
05:26:00.0817 3832 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
05:26:00.0862 3832 mpsdrv - ok
05:26:00.0906 3832 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
05:26:00.0980 3832 MpsSvc - ok
05:26:00.0996 3832 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
05:26:01.0029 3832 MRxDAV - ok
05:26:01.0063 3832 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
05:26:01.0105 3832 mrxsmb - ok
05:26:01.0122 3832 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
05:26:01.0140 3832 mrxsmb10 - ok
05:26:01.0160 3832 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
05:26:01.0175 3832 mrxsmb20 - ok
05:26:01.0206 3832 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
05:26:01.0221 3832 msahci - ok
05:26:01.0242 3832 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
05:26:01.0259 3832 msdsm - ok
05:26:01.0292 3832 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
05:26:01.0320 3832 MSDTC - ok
05:26:01.0357 3832 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
05:26:01.0401 3832 Msfs - ok
05:26:01.0414 3832 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
05:26:01.0466 3832 mshidkmdf - ok
05:26:01.0480 3832 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
05:26:01.0496 3832 msisadrv - ok
05:26:01.0535 3832 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
05:26:01.0594 3832 MSiSCSI - ok
05:26:01.0600 3832 msiserver - ok
05:26:01.0629 3832 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
05:26:01.0681 3832 MSKSSRV - ok
05:26:01.0754 3832 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
05:26:01.0771 3832 MsMpSvc - ok


andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Mon 24 Dec 2012, 9:37 pm

05:26:01.0799 3832 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
05:26:01.0861 3832 MSPCLOCK - ok
05:26:01.0884 3832 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
05:26:01.0941 3832 MSPQM - ok
05:26:01.0965 3832 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
05:26:01.0990 3832 MsRPC - ok
05:26:02.0007 3832 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
05:26:02.0022 3832 mssmbios - ok
05:26:02.0092 3832 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
05:26:02.0204 3832 MSTEE - ok
05:26:02.0269 3832 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
05:26:02.0283 3832 MTConfig - ok
05:26:02.0305 3832 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
05:26:02.0320 3832 Mup - ok
05:26:02.0347 3832 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
05:26:02.0415 3832 napagent - ok
05:26:02.0473 3832 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
05:26:02.0512 3832 NativeWifiP - ok
05:26:02.0564 3832 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
05:26:02.0603 3832 NDIS - ok
05:26:02.0643 3832 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
05:26:02.0695 3832 NdisCap - ok
05:26:02.0723 3832 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
05:26:02.0766 3832 NdisTapi - ok
05:26:02.0793 3832 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
05:26:02.0836 3832 Ndisuio - ok
05:26:02.0860 3832 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
05:26:02.0920 3832 NdisWan - ok
05:26:02.0948 3832 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
05:26:02.0991 3832 NDProxy - ok
05:26:03.0011 3832 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
05:26:03.0064 3832 NetBIOS - ok
05:26:03.0090 3832 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
05:26:03.0136 3832 NetBT - ok
05:26:03.0153 3832 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
05:26:03.0167 3832 Netlogon - ok
05:26:03.0195 3832 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
05:26:03.0268 3832 Netman - ok
05:26:03.0296 3832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:26:03.0310 3832 NetMsmqActivator - ok
05:26:03.0324 3832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:26:03.0337 3832 NetPipeActivator - ok
05:26:03.0357 3832 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
05:26:03.0428 3832 netprofm - ok
05:26:03.0434 3832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:26:03.0447 3832 NetTcpActivator - ok
05:26:03.0453 3832 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:26:03.0466 3832 NetTcpPortSharing - ok
05:26:03.0509 3832 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
05:26:03.0523 3832 nfrd960 - ok
05:26:03.0572 3832 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
05:26:03.0592 3832 NisDrv - ok
05:26:03.0619 3832 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
05:26:03.0648 3832 NisSrv - ok
05:26:03.0695 3832 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
05:26:03.0732 3832 NlaSvc - ok
05:26:03.0766 3832 Norton PC Checkup Application Launcher - ok
05:26:03.0781 3832 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
05:26:03.0826 3832 Npfs - ok
05:26:03.0854 3832 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
05:26:03.0915 3832 nsi - ok
05:26:03.0936 3832 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
05:26:03.0995 3832 nsiproxy - ok
05:26:04.0058 3832 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
05:26:04.0111 3832 Ntfs - ok
05:26:04.0142 3832 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
05:26:04.0185 3832 Null - ok
05:26:04.0203 3832 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
05:26:04.0221 3832 nvraid - ok
05:26:04.0244 3832 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
05:26:04.0261 3832 nvstor - ok
05:26:04.0279 3832 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
05:26:04.0296 3832 nv_agp - ok
05:26:04.0314 3832 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
05:26:04.0329 3832 ohci1394 - ok
05:26:04.0361 3832 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
05:26:04.0410 3832 p2pimsvc - ok
05:26:04.0430 3832 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
05:26:04.0452 3832 p2psvc - ok
05:26:04.0494 3832 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
05:26:04.0509 3832 Parport - ok
05:26:04.0537 3832 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
05:26:04.0553 3832 partmgr - ok
05:26:04.0575 3832 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
05:26:04.0612 3832 PcaSvc - ok
05:26:04.0643 3832 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
05:26:04.0658 3832 PCCUJobMgr - ok
05:26:04.0688 3832 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
05:26:04.0707 3832 pci - ok
05:26:04.0723 3832 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
05:26:04.0737 3832 pciide - ok
05:26:04.0757 3832 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
05:26:04.0776 3832 pcmcia - ok
05:26:04.0794 3832 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
05:26:04.0809 3832 pcw - ok
05:26:04.0840 3832 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
05:26:04.0909 3832 PEAUTH - ok
05:26:04.0985 3832 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
05:26:05.0018 3832 PerfHost - ok
05:26:05.0055 3832 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
05:26:05.0068 3832 PGEffect - ok
05:26:05.0120 3832 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
05:26:05.0201 3832 pla - ok
05:26:05.0246 3832 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
05:26:05.0299 3832 PlugPlay - ok
05:26:05.0311 3832 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
05:26:05.0338 3832 PNRPAutoReg - ok
05:26:05.0361 3832 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
05:26:05.0379 3832 PNRPsvc - ok
05:26:05.0414 3832 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\windows\system32\DRIVERS\point64.sys
05:26:05.0427 3832 Point64 - ok
05:26:05.0467 3832 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
05:26:05.0534 3832 PolicyAgent - ok
05:26:05.0569 3832 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
05:26:05.0635 3832 Power - ok
05:26:05.0671 3832 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
05:26:05.0726 3832 PptpMiniport - ok
05:26:05.0741 3832 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
05:26:05.0763 3832 Processor - ok
05:26:05.0795 3832 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
05:26:05.0835 3832 ProfSvc - ok
05:26:05.0853 3832 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
05:26:05.0868 3832 ProtectedStorage - ok
05:26:05.0897 3832 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
05:26:05.0957 3832 Psched - ok
05:26:06.0006 3832 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
05:26:06.0042 3832 QIOMem - ok
05:26:06.0097 3832 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
05:26:06.0148 3832 ql2300 - ok
05:26:06.0170 3832 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
05:26:06.0187 3832 ql40xx - ok
05:26:06.0219 3832 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
05:26:06.0246 3832 QWAVE - ok
05:26:06.0275 3832 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
05:26:06.0309 3832 QWAVEdrv - ok
05:26:06.0330 3832 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
05:26:06.0385 3832 RasAcd - ok
05:26:06.0412 3832 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
05:26:06.0459 3832 RasAgileVpn - ok
05:26:06.0490 3832 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
05:26:06.0547 3832 RasAuto - ok
05:26:06.0578 3832 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
05:26:06.0637 3832 Rasl2tp - ok
05:26:06.0666 3832 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
05:26:06.0718 3832 RasMan - ok
05:26:06.0739 3832 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
05:26:06.0800 3832 RasPppoe - ok
05:26:06.0819 3832 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
05:26:06.0873 3832 RasSstp - ok
05:26:06.0900 3832 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
05:26:06.0959 3832 rdbss - ok
05:26:06.0983 3832 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
05:26:07.0016 3832 rdpbus - ok
05:26:07.0030 3832 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
05:26:07.0084 3832 RDPCDD - ok
05:26:07.0121 3832 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
05:26:07.0184 3832 RDPENCDD - ok
05:26:07.0216 3832 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
05:26:07.0259 3832 RDPREFMP - ok
05:26:07.0303 3832 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
05:26:07.0326 3832 RDPWD - ok
05:26:07.0349 3832 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
05:26:07.0368 3832 rdyboost - ok
05:26:07.0408 3832 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
05:26:07.0469 3832 RemoteAccess - ok
05:26:07.0498 3832 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
05:26:07.0548 3832 RemoteRegistry - ok
05:26:07.0569 3832 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
05:26:07.0626 3832 RpcEptMapper - ok
05:26:07.0660 3832 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
05:26:07.0675 3832 RpcLocator - ok
05:26:07.0700 3832 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
05:26:07.0751 3832 RpcSs - ok
05:26:07.0790 3832 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
05:26:07.0853 3832 rspndr - ok
05:26:07.0899 3832 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
05:26:07.0918 3832 RSUSBSTOR - ok
05:26:07.0939 3832 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
05:26:07.0959 3832 RSUSBVSTOR - ok
05:26:08.0005 3832 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
05:26:08.0044 3832 RTL8192Ce - ok
05:26:08.0066 3832 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
05:26:08.0079 3832 SamSs - ok
05:26:08.0101 3832 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
05:26:08.0117 3832 sbp2port - ok
05:26:08.0150 3832 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
05:26:08.0199 3832 SCardSvr - ok
05:26:08.0232 3832 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
05:26:08.0282 3832 scfilter - ok
05:26:08.0317 3832 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
05:26:08.0392 3832 Schedule - ok
05:26:08.0420 3832 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
05:26:08.0465 3832 SCPolicySvc - ok
05:26:08.0497 3832 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
05:26:08.0540 3832 SDRSVC - ok
05:26:08.0575 3832 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
05:26:08.0634 3832 secdrv - ok
05:26:08.0672 3832 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
05:26:08.0716 3832 seclogon - ok
05:26:08.0736 3832 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
05:26:08.0796 3832 SENS - ok
05:26:08.0819 3832 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
05:26:08.0864 3832 SensrSvc - ok
05:26:08.0878 3832 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
05:26:08.0906 3832 Serenum - ok
05:26:08.0948 3832 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
05:26:08.0979 3832 Serial - ok
05:26:08.0999 3832 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
05:26:09.0013 3832 sermouse - ok
05:26:09.0050 3832 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
05:26:09.0105 3832 SessionEnv - ok
05:26:09.0129 3832 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
05:26:09.0159 3832 sffdisk - ok
05:26:09.0176 3832 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
05:26:09.0201 3832 sffp_mmc - ok
05:26:09.0219 3832 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
05:26:09.0249 3832 sffp_sd - ok
05:26:09.0272 3832 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
05:26:09.0286 3832 sfloppy - ok
05:26:09.0324 3832 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
05:26:09.0374 3832 SharedAccess - ok
05:26:09.0413 3832 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
05:26:09.0475 3832 ShellHWDetection - ok
05:26:09.0515 3832 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
05:26:09.0530 3832 SiSRaid2 - ok
05:26:09.0546 3832 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
05:26:09.0562 3832 SiSRaid4 - ok
05:26:09.0588 3832 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
05:26:09.0648 3832 Smb - ok
05:26:09.0687 3832 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
05:26:09.0720 3832 SNMPTRAP - ok
05:26:09.0738 3832 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
05:26:09.0753 3832 spldr - ok
05:26:09.0794 3832 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
05:26:09.0828 3832 Spooler - ok
05:26:09.0928 3832 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
05:26:10.0053 3832 sppsvc - ok
05:26:10.0072 3832 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
05:26:10.0118 3832 sppuinotify - ok
05:26:10.0150 3832 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
05:26:10.0188 3832 srv - ok
05:26:10.0216 3832 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
05:26:10.0246 3832 srv2 - ok
05:26:10.0269 3832 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
05:26:10.0285 3832 srvnet - ok
05:26:10.0323 3832 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
05:26:10.0384 3832 SSDPSRV - ok
05:26:10.0399 3832 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
05:26:10.0446 3832 SstpSvc - ok
05:26:10.0483 3832 Steam Client Service - ok
05:26:10.0500 3832 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
05:26:10.0514 3832 stexstor - ok
05:26:10.0560 3832 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
05:26:10.0592 3832 stisvc - ok
05:26:10.0623 3832 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
05:26:10.0639 3832 swenum - ok
05:26:10.0674 3832 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
05:26:10.0739 3832 swprv - ok
05:26:10.0806 3832 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
05:26:10.0853 3832 SynTP - ok
05:26:10.0916 3832 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
05:26:10.0977 3832 SysMain - ok
05:26:10.0994 3832 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
05:26:11.0030 3832 TabletInputService - ok
05:26:11.0065 3832 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
05:26:11.0124 3832 TapiSrv - ok
05:26:11.0146 3832 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
05:26:11.0192 3832 TBS - ok
05:26:11.0265 3832 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
05:26:11.0325 3832 Tcpip - ok
05:26:11.0362 3832 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
05:26:11.0413 3832 TCPIP6 - ok
05:26:11.0450 3832 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
05:26:11.0464 3832 tcpipreg - ok
05:26:11.0497 3832 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
05:26:11.0510 3832 tdcmdpst - ok
05:26:11.0528 3832 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
05:26:11.0567 3832 TDPIPE - ok
05:26:11.0585 3832 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
05:26:11.0608 3832 TDTCP - ok
05:26:11.0628 3832 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
05:26:11.0671 3832 tdx - ok
05:26:11.0685 3832 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
05:26:11.0699 3832 TermDD - ok
05:26:11.0737 3832 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
05:26:11.0800 3832 TermService - ok
05:26:11.0814 3832 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
05:26:11.0839 3832 Themes - ok
05:26:11.0869 3832 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
05:26:11.0914 3832 THREADORDER - ok
05:26:11.0969 3832 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
05:26:11.0984 3832 TMachInfo - ok
05:26:12.0008 3832 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe
05:26:12.0023 3832 TODDSrv - ok
05:26:12.0091 3832 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
05:26:12.0114 3832 TosCoSrv - ok
05:26:12.0165 3832 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
05:26:12.0183 3832 TOSHIBA eco Utility Service - ok
05:26:12.0222 3832 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
05:26:12.0236 3832 TOSHIBA HDD SSD Alert Service - ok
05:26:12.0293 3832 [ D788190624C617EC8BE62D9F644283D7 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
05:26:12.0324 3832 TPCHSrv - ok
05:26:12.0355 3832 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
05:26:12.0416 3832 TrkWks - ok
05:26:12.0472 3832 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
05:26:12.0518 3832 TrustedInstaller - ok
05:26:12.0555 3832 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
05:26:12.0609 3832 tssecsrv - ok
05:26:12.0642 3832 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
05:26:12.0671 3832 TsUsbFlt - ok
05:26:12.0687 3832 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
05:26:12.0711 3832 TsUsbGD - ok
05:26:12.0757 3832 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
05:26:12.0812 3832 tunnel - ok
05:26:12.0845 3832 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
05:26:12.0858 3832 TVALZ - ok
05:26:12.0887 3832 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
05:26:12.0899 3832 TVALZFL - ok
05:26:12.0913 3832 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
05:26:12.0929 3832 uagp35 - ok
05:26:12.0954 3832 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
05:26:13.0019 3832 udfs - ok
05:26:13.0054 3832 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
05:26:13.0071 3832 UI0Detect - ok
05:26:13.0088 3832 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
05:26:13.0103 3832 uliagpkx - ok
05:26:13.0143 3832 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
05:26:13.0175 3832 umbus - ok
05:26:13.0188 3832 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
05:26:13.0217 3832 UmPass - ok
05:26:13.0252 3832 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
05:26:13.0317 3832 upnphost - ok
05:26:13.0355 3832 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
05:26:13.0402 3832 USBAAPL64 - ok
05:26:13.0430 3832 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
05:26:13.0454 3832 usbccgp - ok
05:26:13.0486 3832 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
05:26:13.0505 3832 usbcir - ok
05:26:13.0519 3832 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
05:26:13.0547 3832 usbehci - ok
05:26:13.0585 3832 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
05:26:13.0617 3832 usbhub - ok
05:26:13.0630 3832 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
05:26:13.0657 3832 usbohci - ok
05:26:13.0671 3832 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
05:26:13.0697 3832 usbprint - ok
05:26:13.0724 3832 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
05:26:13.0765 3832 USBSTOR - ok
05:26:13.0780 3832 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
05:26:13.0802 3832 usbuhci - ok
05:26:13.0846 3832 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
05:26:13.0866 3832 usbvideo - ok
05:26:13.0900 3832 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
05:26:13.0955 3832 UxSms - ok
05:26:13.0978 3832 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
05:26:13.0993 3832 VaultSvc - ok
05:26:14.0007 3832 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
05:26:14.0022 3832 vdrvroot - ok
05:26:14.0044 3832 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
05:26:14.0106 3832 vds - ok
05:26:14.0145 3832 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
05:26:14.0162 3832 vga - ok
05:26:14.0178 3832 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
05:26:14.0231 3832 VgaSave - ok
05:26:14.0257 3832 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
05:26:14.0275 3832 vhdmp - ok
05:26:14.0294 3832 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
05:26:14.0309 3832 viaide - ok
05:26:14.0328 3832 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
05:26:14.0344 3832 volmgr - ok
05:26:14.0368 3832 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
05:26:14.0390 3832 volmgrx - ok
05:26:14.0416 3832 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
05:26:14.0437 3832 volsnap - ok
05:26:14.0474 3832 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
05:26:14.0491 3832 vsmraid - ok
05:26:14.0555 3832 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
05:26:14.0644 3832 VSS - ok
05:26:14.0668 3832 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
05:26:14.0698 3832 vwifibus - ok
05:26:14.0715 3832 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
05:26:14.0737 3832 vwififlt - ok
05:26:14.0777 3832 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
05:26:14.0797 3832 vwifimp - ok
05:26:14.0817 3832 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
05:26:14.0870 3832 W32Time - ok
05:26:14.0886 3832 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
05:26:14.0916 3832 WacomPen - ok
05:26:14.0968 3832 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
05:26:15.0019 3832 WANARP - ok
05:26:15.0024 3832 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
05:26:15.0066 3832 Wanarpv6 - ok
05:26:15.0145 3832 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
05:26:15.0191 3832 WatAdminSvc - ok
05:26:15.0243 3832 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
05:26:15.0306 3832 wbengine - ok
05:26:15.0324 3832 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
05:26:15.0349 3832 WbioSrvc - ok
05:26:15.0372 3832 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
05:26:15.0414 3832 wcncsvc - ok
05:26:15.0437 3832 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
05:26:15.0464 3832 WcsPlugInService - ok
05:26:15.0483 3832 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
05:26:15.0498 3832 Wd - ok
05:26:15.0553 3832 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
05:26:15.0589 3832 Wdf01000 - ok
05:26:15.0606 3832 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
05:26:15.0677 3832 WdiServiceHost - ok
05:26:15.0682 3832 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
05:26:15.0706 3832 WdiSystemHost - ok
05:26:15.0728 3832 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
05:26:15.0762 3832 WebClient - ok
05:26:15.0787 3832 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
05:26:15.0846 3832 Wecsvc - ok
05:26:15.0868 3832 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
05:26:15.0917 3832 wercplsupport - ok
05:26:15.0957 3832 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
05:26:16.0003 3832 WerSvc - ok
05:26:16.0028 3832 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
05:26:16.0072 3832 WfpLwf - ok
05:26:16.0097 3832 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
05:26:16.0111 3832 WIMMount - ok
05:26:16.0126 3832 WinDefend - ok
05:26:16.0149 3832 WinHttpAutoProxySvc - ok
05:26:16.0207 3832 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
05:26:16.0270 3832 Winmgmt - ok
05:26:16.0370 3832 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
05:26:16.0453 3832 WinRM - ok
05:26:16.0489 3832 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
05:26:16.0507 3832 WinUsb - ok
05:26:16.0553 3832 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
05:26:16.0598 3832 Wlansvc - ok
05:26:16.0640 3832 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
05:26:16.0653 3832 wlcrasvc - ok
05:26:16.0750 3832 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
05:26:16.0817 3832 wlidsvc - ok
05:26:16.0834 3832 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
05:26:16.0866 3832 WmiAcpi - ok
05:26:16.0896 3832 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
05:26:16.0922 3832 wmiApSrv - ok
05:26:16.0959 3832 WMPNetworkSvc - ok
05:26:16.0983 3832 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
05:26:17.0012 3832 WPCSvc - ok
05:26:17.0024 3832 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
05:26:17.0063 3832 WPDBusEnum - ok
05:26:17.0091 3832 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
05:26:17.0136 3832 ws2ifsl - ok
05:26:17.0166 3832 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
05:26:17.0202 3832 wscsvc - ok
05:26:17.0207 3832 WSearch - ok
05:26:17.0290 3832 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
05:26:17.0365 3832 wuauserv - ok
05:26:17.0404 3832 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
05:26:17.0439 3832 WudfPf - ok
05:26:17.0463 3832 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
05:26:17.0490 3832 WUDFRd - ok
05:26:17.0521 3832 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
05:26:17.0552 3832 wudfsvc - ok
05:26:17.0579 3832 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
05:26:17.0607 3832 WwanSvc - ok
05:26:17.0673 3832 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys
05:26:17.0702 3832 xusb21 - ok
05:26:17.0722 3832 ================ Scan global ===============================
05:26:17.0748 3832 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
05:26:17.0782 3832 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
05:26:17.0793 3832 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\windows\system32\winsrv.dll
05:26:17.0814 3832 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
05:26:17.0838 3832 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
05:26:17.0844 3832 [Global] - ok
05:26:17.0845 3832 ================ Scan MBR ==================================
05:26:17.0859 3832 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
05:26:18.0758 3832 \Device\Harddisk0\DR0 - ok
05:26:18.0758 3832 ================ Scan VBR ==================================
05:26:18.0785 3832 [ 7E730A20B0FCE5B0F1DC21F34214141C ] \Device\Harddisk0\DR0\Partition1
05:26:18.0787 3832 \Device\Harddisk0\DR0\Partition1 - ok
05:26:18.0787 3832 ============================================================
05:26:18.0787 3832 Scan finished
05:26:18.0787 3832 ============================================================
05:26:18.0804 1244 Detected object count: 1
05:26:18.0804 1244 Actual detected object count: 1
05:30:35.0059 1244 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
05:30:35.0059 1244 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by DragonMaster Jay on Mon 24 Dec 2012, 9:59 pm

Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

  • Be sure to print out and follow the instructions provided on that same page for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Tue 25 Dec 2012, 6:25 am

Malwarebytes Anti-Rootkit 1.01.0.1011
[You must be registered and logged in to see this link.]

Database version: v2012.12.24.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
andrew :: ANDREW-PC [administrator]

12/24/2012 2:20:09 PM
mbar-log-2012-12-24 (14-20-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29813
Time elapsed: 12 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Tue 25 Dec 2012, 6:27 am

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.497000 GHz
Memory total: 3731742720, free: 2450952192

------------ Kernel report ------------
12/24/2012 14:07:04
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\pciide.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\rtl8192Ce.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\TVALZFL.sys
\SystemRoot\system32\DRIVERS\QIOMem.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\CHDRT64.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\point64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\pgeffect.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8004776060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa80043621f0
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2012.12.24.06
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8004776060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8004776b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8004776060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80043621f0, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Upper DeviceData: 0xfffff8a0016a7f50, 0xfffffa8004776060, 0xfffffa800383f310
Lower DeviceData: 0xfffff8a004206c60, 0xfffffa80043621f0, 0xfffffa80037ea700
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 52A8BCE0

Partition information:

Partition 0 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3072000
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 3074048 Numsec = 1216438272

Partition 2 type is HIDDEN (0x17)
Partition is NOT ACTIVE.
Partition starts at LBA: 1219512320 Numsec = 30750720
Partition is not bootable
Hidden partition VBR is not infected.

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================



andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by DragonMaster Jay on Tue 25 Dec 2012, 8:18 pm

What are some other issues?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Wed 26 Dec 2012, 1:31 am

the only issue i have is the internet,
its weird, it lets me stay on aim video chat, but i try to use firefox or internet explorer or something and it says server not found. cant use any sites.

but then after like an hour it will work again, then eventually it will stop again.

andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by DragonMaster Jay on Thu 27 Dec 2012, 6:30 am

What firewalls are on?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by andrew.vanderhevel on Thu 27 Dec 2012, 10:09 am

just the windows firewall

andrew.vanderhevel

Newbie Surfer
Newbie Surfer

Posts : 9
Joined : 2012-12-23
Operating System : WINDOWS 7

View user profile

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by DragonMaster Jay on Fri 28 Dec 2012, 5:27 am

Press start, then run and enter cmd - then hit OK.

In the command prompt window, press in the following code exactly:


netsh winsock reset catalog

Then, exit out.
==

Do you have Internet after performing the above process?


[You must be registered and logged in to see this link.] - Get $30 off Kaspersky products.

~DMJ
GeekPolice Academy Manager


Donations/Contributions

DragonMaster Jay

Manager | Tech Officer
Manager | Tech Officer

Posts : 13451
Joined : 2009-09-07
Operating System : Windows 7 Ultimate

View user profile http://www.twitter.com/jaypfoutz

Back to top Go down

Re: computer kicks me offline, but not off aim, happens all the time.

Post by Sponsored content Today at 5:58 am


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum