Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

help with DNSChanger!ff and maybe more?


  • Please log in to reply
11 replies to this topic

#1 blockisle9

blockisle9

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 19 July 2012 - 05:45 AM

I recently had some strange things happening with my PC, I lost my IE Home page, and adobe was trying to update. I ran Malwarebytes quick scan and it did not find anything, I then ran a full scan and it found DNSChanger!ff. It said it was repaired so I ran another full scan and nothing was found, but when I ran my Mcafee it found some sort of remote control PC software, it also said it cleaned it. Im not feeling to good at this point and would like some one verify all is well again and im safe.
Im running Windows 7 SP1 64 bit
Thank you in advance for your help
Lenny

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:15 AM

Posted 19 July 2012 - 06:56 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 blockisle9

blockisle9
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 19 July 2012 - 04:27 PM

The following is the three logs asked for.
As of this morning Internet Explore home page was set to blank again.

TDSSKILLER LOG

15:28:23.0162 3880 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
15:28:24.0597 3880 ============================================================
15:28:24.0597 3880 Current date / time: 2012/07/19 15:28:24.0597
15:28:24.0597 3880 SystemInfo:
15:28:24.0597 3880
15:28:24.0597 3880 OS Version: 6.1.7601 ServicePack: 1.0
15:28:24.0597 3880 Product type: Workstation
15:28:24.0597 3880 ComputerName: LEN-PC
15:28:24.0597 3880 UserName: Len
15:28:24.0597 3880 Windows directory: C:\Windows
15:28:24.0597 3880 System windows directory: C:\Windows
15:28:24.0597 3880 Running under WOW64
15:28:24.0597 3880 Processor architecture: Intel x64
15:28:24.0597 3880 Number of processors: 2
15:28:24.0597 3880 Page size: 0x1000
15:28:24.0597 3880 Boot type: Normal boot
15:28:24.0597 3880 ============================================================
15:28:25.0626 3880 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:28:25.0642 3880 ============================================================
15:28:25.0642 3880 \Device\Harddisk0\DR0:
15:28:25.0642 3880 MBR partitions:
15:28:25.0642 3880 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1D4B000, BlocksNum 0x236E3000
15:28:25.0642 3880 ============================================================
15:28:25.0658 3880 C: <-> \Device\Harddisk0\DR0\Partition0
15:28:25.0658 3880 ============================================================
15:28:25.0658 3880 Initialize success
15:28:25.0658 3880 ============================================================
15:29:09.0963 4964 ============================================================
15:29:09.0963 4964 Scan started
15:29:09.0963 4964 Mode: Manual; TDLFS;
15:29:09.0963 4964 ============================================================
15:29:11.0258 4964 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
15:29:11.0258 4964 1394ohci - ok
15:29:11.0289 4964 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
15:29:11.0351 4964 ACPI - ok
15:29:11.0414 4964 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
15:29:11.0460 4964 AcpiPmi - ok
15:29:11.0632 4964 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:29:11.0632 4964 AdobeARMservice - ok
15:29:11.0726 4964 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:29:11.0726 4964 AdobeFlashPlayerUpdateSvc - ok
15:29:11.0804 4964 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
15:29:11.0819 4964 adp94xx - ok
15:29:11.0866 4964 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
15:29:11.0882 4964 adpahci - ok
15:29:11.0897 4964 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
15:29:11.0913 4964 adpu320 - ok
15:29:11.0944 4964 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:29:11.0960 4964 AeLookupSvc - ok
15:29:12.0006 4964 AFBAgent (0342d44db0c0bc5a422d2b662aa0ce49) C:\Windows\system32\FBAgent.exe
15:29:12.0006 4964 AFBAgent - ok
15:29:12.0069 4964 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
15:29:12.0084 4964 AFD - ok
15:29:12.0131 4964 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:29:12.0131 4964 agp440 - ok
15:29:12.0162 4964 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:29:12.0162 4964 ALG - ok
15:29:12.0194 4964 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:29:12.0194 4964 aliide - ok
15:29:12.0209 4964 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:29:12.0225 4964 amdide - ok
15:29:12.0240 4964 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
15:29:12.0256 4964 AmdK8 - ok
15:29:12.0272 4964 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
15:29:12.0272 4964 AmdPPM - ok
15:29:12.0334 4964 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
15:29:12.0334 4964 amdsata - ok
15:29:12.0365 4964 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
15:29:12.0365 4964 amdsbs - ok
15:29:12.0381 4964 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
15:29:12.0381 4964 amdxata - ok
15:29:12.0459 4964 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
15:29:12.0459 4964 AppID - ok
15:29:12.0490 4964 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:29:12.0490 4964 AppIDSvc - ok
15:29:12.0537 4964 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
15:29:12.0537 4964 Appinfo - ok
15:29:12.0677 4964 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:29:12.0677 4964 Apple Mobile Device - ok
15:29:12.0724 4964 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
15:29:12.0724 4964 arc - ok
15:29:12.0740 4964 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
15:29:12.0755 4964 arcsas - ok
15:29:12.0818 4964 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
15:29:12.0896 4964 ASLDRService - ok
15:29:12.0958 4964 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
15:29:12.0958 4964 ASMMAP64 - ok
15:29:13.0052 4964 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:29:13.0052 4964 aspnet_state - ok
15:29:13.0098 4964 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:29:13.0114 4964 AsyncMac - ok
15:29:13.0161 4964 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:29:13.0161 4964 atapi - ok
15:29:13.0270 4964 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
15:29:13.0332 4964 athr - ok
15:29:13.0395 4964 ATKGFNEXSrv (7c157574a181b19b9dcf5f339e25337e) C:\Program Files\ATKGFNEX\GFNEXSrv.exe
15:29:13.0410 4964 ATKGFNEXSrv - ok
15:29:13.0551 4964 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:29:13.0582 4964 AudioEndpointBuilder - ok
15:29:13.0598 4964 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
15:29:13.0598 4964 AudioSrv - ok
15:29:13.0676 4964 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
15:29:13.0676 4964 AxInstSV - ok
15:29:13.0769 4964 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
15:29:13.0785 4964 b06bdrv - ok
15:29:13.0832 4964 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:29:13.0847 4964 b57nd60a - ok
15:29:13.0956 4964 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:29:13.0956 4964 BBSvc - ok
15:29:14.0019 4964 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:29:14.0019 4964 BBUpdate - ok
15:29:14.0050 4964 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:29:14.0050 4964 BDESVC - ok
15:29:14.0097 4964 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:29:14.0097 4964 Beep - ok
15:29:14.0190 4964 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
15:29:14.0237 4964 BFE - ok
15:29:14.0300 4964 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
15:29:14.0315 4964 BITS - ok
15:29:14.0393 4964 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
15:29:14.0393 4964 blbdrive - ok
15:29:14.0487 4964 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
15:29:14.0487 4964 Bonjour Service - ok
15:29:14.0549 4964 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
15:29:14.0549 4964 bowser - ok
15:29:14.0596 4964 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:29:14.0596 4964 BrFiltLo - ok
15:29:14.0612 4964 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:29:14.0612 4964 BrFiltUp - ok
15:29:14.0658 4964 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
15:29:14.0721 4964 Browser - ok
15:29:14.0768 4964 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:29:14.0783 4964 Brserid - ok
15:29:14.0799 4964 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:29:14.0814 4964 BrSerWdm - ok
15:29:14.0846 4964 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:29:14.0846 4964 BrUsbMdm - ok
15:29:14.0861 4964 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:29:14.0861 4964 BrUsbSer - ok
15:29:14.0877 4964 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:29:14.0892 4964 BTHMODEM - ok
15:29:14.0939 4964 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:29:14.0939 4964 bthserv - ok
15:29:14.0955 4964 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:29:14.0955 4964 cdfs - ok
15:29:15.0002 4964 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
15:29:15.0017 4964 cdrom - ok
15:29:15.0080 4964 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:29:15.0080 4964 CertPropSvc - ok
15:29:15.0126 4964 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
15:29:15.0126 4964 cfwids - ok
15:29:15.0173 4964 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
15:29:15.0173 4964 circlass - ok
15:29:15.0220 4964 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:29:15.0251 4964 CLFS - ok
15:29:15.0314 4964 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:29:15.0314 4964 clr_optimization_v2.0.50727_32 - ok
15:29:15.0345 4964 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:29:15.0360 4964 clr_optimization_v2.0.50727_64 - ok
15:29:15.0423 4964 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:29:15.0438 4964 clr_optimization_v4.0.30319_32 - ok
15:29:15.0485 4964 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:29:15.0485 4964 clr_optimization_v4.0.30319_64 - ok
15:29:15.0516 4964 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
15:29:15.0532 4964 CmBatt - ok
15:29:15.0563 4964 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:29:15.0563 4964 cmdide - ok
15:29:15.0610 4964 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
15:29:15.0641 4964 CNG - ok
15:29:15.0672 4964 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
15:29:15.0672 4964 Compbatt - ok
15:29:15.0719 4964 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
15:29:15.0719 4964 CompositeBus - ok
15:29:15.0735 4964 COMSysApp - ok
15:29:15.0750 4964 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
15:29:15.0766 4964 crcdisk - ok
15:29:15.0813 4964 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
15:29:15.0813 4964 CryptSvc - ok
15:29:15.0875 4964 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:29:15.0875 4964 DcomLaunch - ok
15:29:15.0922 4964 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:29:15.0938 4964 defragsvc - ok
15:29:15.0984 4964 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
15:29:15.0984 4964 DfsC - ok
15:29:16.0047 4964 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
15:29:16.0078 4964 Dhcp - ok
15:29:16.0109 4964 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:29:16.0109 4964 discache - ok
15:29:16.0156 4964 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
15:29:16.0156 4964 Disk - ok
15:29:16.0203 4964 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
15:29:16.0203 4964 Dnscache - ok
15:29:16.0250 4964 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
15:29:16.0296 4964 dot3svc - ok
15:29:16.0328 4964 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
15:29:16.0328 4964 DPS - ok
15:29:16.0359 4964 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:29:16.0359 4964 drmkaud - ok
15:29:16.0437 4964 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
15:29:16.0499 4964 DXGKrnl - ok
15:29:16.0530 4964 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:29:16.0546 4964 EapHost - ok
15:29:16.0718 4964 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
15:29:16.0858 4964 ebdrv - ok
15:29:16.0983 4964 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
15:29:16.0983 4964 EFS - ok
15:29:17.0076 4964 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
15:29:17.0092 4964 ehRecvr - ok
15:29:17.0123 4964 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:29:17.0123 4964 ehSched - ok
15:29:17.0217 4964 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
15:29:17.0264 4964 elxstor - ok
15:29:17.0295 4964 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:29:17.0295 4964 ErrDev - ok
15:29:17.0357 4964 ETD (1299d1ea00b7a4bf69c5869dca31e0f6) C:\Windows\system32\DRIVERS\ETD.sys
15:29:17.0357 4964 ETD - ok
15:29:17.0404 4964 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:29:17.0420 4964 EventSystem - ok
15:29:17.0466 4964 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:29:17.0466 4964 exfat - ok
15:29:17.0498 4964 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:29:17.0498 4964 fastfat - ok
15:29:17.0591 4964 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
15:29:17.0638 4964 Fax - ok
15:29:17.0654 4964 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
15:29:17.0669 4964 fdc - ok
15:29:17.0716 4964 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:29:17.0716 4964 fdPHost - ok
15:29:17.0732 4964 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:29:17.0732 4964 FDResPub - ok
15:29:17.0763 4964 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:29:17.0763 4964 FileInfo - ok
15:29:17.0778 4964 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:29:17.0778 4964 Filetrace - ok
15:29:17.0810 4964 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
15:29:17.0810 4964 flpydisk - ok
15:29:17.0888 4964 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
15:29:17.0903 4964 FltMgr - ok
15:29:17.0997 4964 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
15:29:17.0997 4964 FontCache - ok
15:29:18.0090 4964 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:29:18.0090 4964 FontCache3.0.0.0 - ok
15:29:18.0122 4964 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:29:18.0122 4964 FsDepends - ok
15:29:18.0153 4964 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys
15:29:18.0168 4964 fssfltr - ok
15:29:18.0262 4964 fsssvc (f6717211c1ec2cddaa81b97b0727c2e9) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:29:18.0278 4964 fsssvc - ok
15:29:18.0309 4964 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
15:29:18.0309 4964 Fs_Rec - ok
15:29:18.0371 4964 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:29:18.0387 4964 fvevol - ok
15:29:18.0418 4964 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
15:29:18.0418 4964 gagp30kx - ok
15:29:18.0480 4964 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:29:18.0480 4964 GEARAspiWDM - ok
15:29:18.0543 4964 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
15:29:18.0605 4964 gpsvc - ok
15:29:18.0714 4964 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:29:18.0714 4964 gupdate - ok
15:29:18.0730 4964 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:29:18.0730 4964 gupdatem - ok
15:29:18.0761 4964 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:29:18.0761 4964 hcw85cir - ok
15:29:18.0824 4964 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
15:29:18.0839 4964 HdAudAddService - ok
15:29:18.0870 4964 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
15:29:18.0870 4964 HDAudBus - ok
15:29:18.0886 4964 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
15:29:18.0886 4964 HidBatt - ok
15:29:18.0917 4964 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
15:29:18.0917 4964 HidBth - ok
15:29:18.0948 4964 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
15:29:18.0948 4964 HidIr - ok
15:29:18.0964 4964 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:29:18.0980 4964 hidserv - ok
15:29:19.0011 4964 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
15:29:19.0011 4964 HidUsb - ok
15:29:19.0073 4964 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
15:29:19.0073 4964 hkmsvc - ok
15:29:19.0120 4964 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
15:29:19.0136 4964 HomeGroupListener - ok
15:29:19.0182 4964 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
15:29:19.0198 4964 HomeGroupProvider - ok
15:29:19.0323 4964 hpqcxs08 (97aac45a375168c6a2297beeb9692e31) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:29:19.0323 4964 hpqcxs08 - ok
15:29:19.0338 4964 hpqddsvc (19a4fb67b1c97ea18edff44340973cd9) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:29:19.0354 4964 hpqddsvc - ok
15:29:19.0401 4964 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
15:29:19.0401 4964 HpSAMD - ok
15:29:19.0463 4964 HPSLPSVC (1be48b0542c91487bb8a94bf2278f55d) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:29:19.0479 4964 HPSLPSVC - ok
15:29:19.0557 4964 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
15:29:19.0588 4964 HTTP - ok
15:29:19.0635 4964 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
15:29:19.0635 4964 hwpolicy - ok
15:29:19.0697 4964 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:29:19.0697 4964 i8042prt - ok
15:29:19.0760 4964 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
15:29:19.0822 4964 iaStor - ok
15:29:19.0900 4964 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
15:29:19.0931 4964 iaStorV - ok
15:29:20.0025 4964 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:29:20.0103 4964 idsvc - ok
15:29:20.0571 4964 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:29:20.0805 4964 igfx - ok
15:29:20.0930 4964 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
15:29:20.0945 4964 iirsp - ok
15:29:21.0023 4964 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
15:29:21.0070 4964 IKEEXT - ok
15:29:21.0117 4964 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:29:21.0132 4964 intelide - ok
15:29:21.0148 4964 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
15:29:21.0164 4964 intelppm - ok
15:29:21.0304 4964 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
15:29:21.0304 4964 IntuitUpdateService - ok
15:29:21.0366 4964 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:29:21.0366 4964 IntuitUpdateServiceV4 - ok
15:29:21.0413 4964 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:29:21.0413 4964 IPBusEnum - ok
15:29:21.0460 4964 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:29:21.0507 4964 IpFilterDriver - ok
15:29:21.0569 4964 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
15:29:21.0569 4964 iphlpsvc - ok
15:29:21.0616 4964 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
15:29:21.0663 4964 IPMIDRV - ok
15:29:21.0710 4964 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:29:21.0725 4964 IPNAT - ok
15:29:21.0834 4964 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
15:29:21.0928 4964 iPod Service - ok
15:29:21.0959 4964 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:29:21.0959 4964 IRENUM - ok
15:29:22.0006 4964 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:29:22.0006 4964 isapnp - ok
15:29:22.0022 4964 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
15:29:22.0084 4964 iScsiPrt - ok
15:29:22.0100 4964 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
15:29:22.0100 4964 kbdclass - ok
15:29:22.0131 4964 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
15:29:22.0131 4964 kbdhid - ok
15:29:22.0178 4964 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
15:29:22.0178 4964 kbfiltr - ok
15:29:22.0224 4964 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:29:22.0224 4964 KeyIso - ok
15:29:22.0256 4964 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
15:29:22.0256 4964 KSecDD - ok
15:29:22.0271 4964 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
15:29:22.0318 4964 KSecPkg - ok
15:29:22.0365 4964 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:29:22.0365 4964 ksthunk - ok
15:29:22.0412 4964 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:29:22.0427 4964 KtmRm - ok
15:29:22.0490 4964 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
15:29:22.0490 4964 L1E - ok
15:29:22.0536 4964 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
15:29:22.0568 4964 LanmanServer - ok
15:29:22.0614 4964 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
15:29:22.0614 4964 LanmanWorkstation - ok
15:29:22.0646 4964 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:29:22.0661 4964 lltdio - ok
15:29:22.0708 4964 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:29:22.0724 4964 lltdsvc - ok
15:29:22.0739 4964 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:29:22.0739 4964 lmhosts - ok
15:29:22.0770 4964 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
15:29:22.0786 4964 LSI_FC - ok
15:29:22.0802 4964 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
15:29:22.0802 4964 LSI_SAS - ok
15:29:22.0817 4964 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:29:22.0817 4964 LSI_SAS2 - ok
15:29:22.0864 4964 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:29:22.0880 4964 LSI_SCSI - ok
15:29:22.0911 4964 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:29:22.0911 4964 luafv - ok
15:29:22.0926 4964 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys
15:29:22.0926 4964 lullaby - ok
15:29:22.0989 4964 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
15:29:23.0036 4964 MBAMProtector - ok
15:29:23.0114 4964 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:29:23.0129 4964 MBAMService - ok
15:29:23.0223 4964 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:29:23.0223 4964 McAfee SiteAdvisor Service - ok
15:29:23.0332 4964 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
15:29:23.0332 4964 McciCMService - ok
15:29:23.0426 4964 McciCMService64 (be3d584d7c021eb7d89166eecb83c341) C:\Program Files\Common Files\Motive\McciCMService.exe
15:29:23.0441 4964 McciCMService64 - ok
15:29:23.0441 4964 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:29:23.0457 4964 McMPFSvc - ok
15:29:23.0472 4964 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:29:23.0472 4964 mcmscsvc - ok
15:29:23.0472 4964 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:29:23.0472 4964 McNaiAnn - ok
15:29:23.0504 4964 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:29:23.0504 4964 McNASvc - ok
15:29:23.0582 4964 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe
15:29:23.0597 4964 McODS - ok
15:29:23.0597 4964 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
15:29:23.0597 4964 McProxy - ok
15:29:23.0706 4964 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
15:29:23.0706 4964 McShield - ok
15:29:23.0831 4964 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
15:29:23.0847 4964 Mcx2Svc - ok
15:29:23.0956 4964 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:29:23.0956 4964 MDM - ok
15:29:24.0003 4964 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
15:29:24.0018 4964 megasas - ok
15:29:24.0050 4964 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
15:29:24.0065 4964 MegaSR - ok
15:29:24.0096 4964 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
15:29:24.0112 4964 mfeapfk - ok
15:29:24.0143 4964 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
15:29:24.0159 4964 mfeavfk - ok
15:29:24.0190 4964 mfeavfk01 - ok
15:29:24.0346 4964 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
15:29:24.0346 4964 mfefire - ok
15:29:24.0424 4964 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
15:29:24.0440 4964 mfefirek - ok
15:29:24.0518 4964 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
15:29:24.0533 4964 mfehidk - ok
15:29:24.0580 4964 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
15:29:24.0580 4964 mfenlfk - ok
15:29:24.0642 4964 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
15:29:24.0642 4964 mferkdet - ok
15:29:24.0689 4964 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
15:29:24.0689 4964 mfevtp - ok
15:29:24.0720 4964 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
15:29:24.0736 4964 mfewfpk - ok
15:29:24.0783 4964 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:29:24.0783 4964 MMCSS - ok
15:29:24.0830 4964 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:29:24.0830 4964 Modem - ok
15:29:24.0861 4964 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:29:24.0861 4964 monitor - ok
15:29:24.0908 4964 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
15:29:24.0908 4964 mouclass - ok
15:29:24.0954 4964 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:29:24.0954 4964 mouhid - ok
15:29:25.0001 4964 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
15:29:25.0001 4964 mountmgr - ok
15:29:25.0079 4964 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:29:25.0079 4964 MozillaMaintenance - ok
15:29:25.0126 4964 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
15:29:25.0188 4964 mpio - ok
15:29:25.0235 4964 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:29:25.0235 4964 mpsdrv - ok
15:29:25.0329 4964 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
15:29:25.0454 4964 MpsSvc - ok
15:29:25.0547 4964 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
15:29:25.0547 4964 MREMP50 - ok
15:29:25.0656 4964 MREMP50a64 (c2758df79c83a0d12a5599a040ca1818) C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS
15:29:25.0734 4964 MREMP50a64 - ok
15:29:25.0750 4964 MREMPR5 - ok
15:29:25.0766 4964 MRENDIS5 - ok
15:29:25.0812 4964 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
15:29:25.0812 4964 MRESP50 - ok
15:29:25.0844 4964 MRESP50a64 (38bd5b32e0722752be8465d2a6da43d9) C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS
15:29:25.0844 4964 MRESP50a64 - ok
15:29:25.0890 4964 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
15:29:25.0906 4964 MRxDAV - ok
15:29:25.0937 4964 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:29:25.0937 4964 mrxsmb - ok
15:29:25.0968 4964 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:29:25.0968 4964 mrxsmb10 - ok
15:29:26.0015 4964 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:29:26.0031 4964 mrxsmb20 - ok
15:29:26.0062 4964 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
15:29:26.0062 4964 msahci - ok
15:29:26.0078 4964 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
15:29:26.0093 4964 msdsm - ok
15:29:26.0124 4964 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:29:26.0124 4964 MSDTC - ok
15:29:26.0156 4964 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:29:26.0171 4964 Msfs - ok
15:29:26.0187 4964 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:29:26.0187 4964 mshidkmdf - ok
15:29:26.0218 4964 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:29:26.0234 4964 msisadrv - ok
15:29:26.0265 4964 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:29:26.0280 4964 MSiSCSI - ok
15:29:26.0280 4964 msiserver - ok
15:29:26.0312 4964 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:29:26.0312 4964 MSKSSRV - ok
15:29:26.0327 4964 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:29:26.0327 4964 MSPCLOCK - ok
15:29:26.0327 4964 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:29:26.0343 4964 MSPQM - ok
15:29:26.0390 4964 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
15:29:26.0405 4964 MsRPC - ok
15:29:26.0452 4964 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:29:26.0452 4964 mssmbios - ok
15:29:26.0483 4964 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:29:26.0483 4964 MSTEE - ok
15:29:26.0499 4964 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
15:29:26.0499 4964 MTConfig - ok
15:29:26.0530 4964 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
15:29:26.0530 4964 MTsensor - ok
15:29:26.0561 4964 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:29:26.0561 4964 Mup - ok
15:29:26.0608 4964 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
15:29:26.0639 4964 napagent - ok
15:29:26.0686 4964 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:29:26.0702 4964 NativeWifiP - ok
15:29:26.0795 4964 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
15:29:26.0858 4964 NDIS - ok
15:29:26.0889 4964 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:29:26.0904 4964 NdisCap - ok
15:29:26.0920 4964 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:29:26.0920 4964 NdisTapi - ok
15:29:26.0967 4964 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
15:29:27.0029 4964 Ndisuio - ok
15:29:27.0076 4964 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
15:29:27.0076 4964 NdisWan - ok
15:29:27.0107 4964 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
15:29:27.0154 4964 NDProxy - ok
15:29:27.0216 4964 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
15:29:27.0216 4964 Net Driver HPZ12 - ok
15:29:27.0279 4964 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:29:27.0279 4964 NetBIOS - ok
15:29:27.0326 4964 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
15:29:27.0388 4964 NetBT - ok
15:29:27.0435 4964 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:29:27.0435 4964 Netlogon - ok
15:29:27.0497 4964 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:29:27.0513 4964 Netman - ok
15:29:27.0622 4964 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:29:27.0638 4964 NetMsmqActivator - ok
15:29:27.0638 4964 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:29:27.0638 4964 NetPipeActivator - ok
15:29:27.0684 4964 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:29:27.0700 4964 netprofm - ok
15:29:27.0700 4964 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:29:27.0700 4964 NetTcpActivator - ok
15:29:27.0716 4964 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:29:27.0716 4964 NetTcpPortSharing - ok
15:29:27.0762 4964 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
15:29:27.0778 4964 nfrd960 - ok
15:29:27.0825 4964 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
15:29:27.0825 4964 NlaSvc - ok
15:29:27.0856 4964 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:29:27.0856 4964 Npfs - ok
15:29:27.0887 4964 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:29:27.0887 4964 nsi - ok
15:29:27.0918 4964 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:29:27.0918 4964 nsiproxy - ok
15:29:28.0028 4964 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
15:29:28.0121 4964 Ntfs - ok
15:29:28.0230 4964 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:29:28.0230 4964 Null - ok
15:29:28.0277 4964 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
15:29:28.0293 4964 nvraid - ok
15:29:28.0308 4964 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
15:29:28.0324 4964 nvstor - ok
15:29:28.0340 4964 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:29:28.0340 4964 nv_agp - ok
15:29:28.0371 4964 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:29:28.0371 4964 ohci1394 - ok
15:29:28.0464 4964 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:29:28.0464 4964 ose - ok
15:29:28.0527 4964 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:29:28.0542 4964 p2pimsvc - ok
15:29:28.0589 4964 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:29:28.0605 4964 p2psvc - ok
15:29:28.0636 4964 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
15:29:28.0652 4964 Parport - ok
15:29:28.0683 4964 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
15:29:28.0698 4964 partmgr - ok
15:29:28.0730 4964 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:29:28.0730 4964 PcaSvc - ok
15:29:28.0792 4964 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
15:29:28.0792 4964 pci - ok
15:29:28.0808 4964 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:29:28.0808 4964 pciide - ok
15:29:28.0839 4964 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
15:29:28.0854 4964 pcmcia - ok
15:29:28.0886 4964 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:29:28.0886 4964 pcw - ok
15:29:28.0932 4964 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:29:28.0964 4964 PEAUTH - ok
15:29:29.0042 4964 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:29:29.0042 4964 PerfHost - ok
15:29:29.0166 4964 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
15:29:29.0229 4964 pla - ok
15:29:29.0463 4964 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
15:29:29.0494 4964 PlugPlay - ok
15:29:29.0556 4964 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
15:29:29.0556 4964 Pml Driver HPZ12 - ok
15:29:29.0588 4964 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:29:29.0603 4964 PNRPAutoReg - ok
15:29:29.0634 4964 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:29:29.0634 4964 PNRPsvc - ok
15:29:29.0697 4964 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
15:29:29.0728 4964 PolicyAgent - ok
15:29:29.0759 4964 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:29:29.0775 4964 Power - ok
15:29:29.0837 4964 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
15:29:29.0900 4964 PptpMiniport - ok
15:29:29.0931 4964 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
15:29:29.0931 4964 Processor - ok
15:29:29.0993 4964 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
15:29:29.0993 4964 ProfSvc - ok
15:29:30.0024 4964 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:29:30.0040 4964 ProtectedStorage - ok
15:29:30.0087 4964 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
15:29:30.0149 4964 Psched - ok
15:29:30.0243 4964 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
15:29:30.0336 4964 ql2300 - ok
15:29:30.0430 4964 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
15:29:30.0430 4964 ql40xx - ok
15:29:30.0477 4964 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:29:30.0492 4964 QWAVE - ok
15:29:30.0508 4964 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:29:30.0508 4964 QWAVEdrv - ok
15:29:30.0539 4964 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:29:30.0555 4964 RasAcd - ok
15:29:30.0586 4964 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:29:30.0602 4964 RasAgileVpn - ok
15:29:30.0617 4964 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:29:30.0633 4964 RasAuto - ok
15:29:30.0664 4964 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:29:30.0680 4964 Rasl2tp - ok
15:29:30.0695 4964 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
15:29:30.0711 4964 RasMan - ok
15:29:30.0742 4964 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:29:30.0758 4964 RasPppoe - ok
15:29:30.0758 4964 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:29:30.0773 4964 RasSstp - ok
15:29:30.0820 4964 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
15:29:30.0820 4964 rdbss - ok
15:29:30.0851 4964 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
15:29:30.0851 4964 rdpbus - ok
15:29:30.0867 4964 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:29:30.0867 4964 RDPCDD - ok
15:29:30.0898 4964 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:29:30.0898 4964 RDPENCDD - ok
15:29:30.0898 4964 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:29:30.0914 4964 RDPREFMP - ok
15:29:30.0960 4964 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
15:29:30.0960 4964 RDPWD - ok
15:29:31.0023 4964 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
15:29:31.0023 4964 rdyboost - ok
15:29:31.0054 4964 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:29:31.0070 4964 RemoteAccess - ok
15:29:31.0101 4964 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:29:31.0101 4964 RemoteRegistry - ok
15:29:31.0132 4964 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:29:31.0132 4964 RpcEptMapper - ok
15:29:31.0148 4964 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:29:31.0163 4964 RpcLocator - ok
15:29:31.0226 4964 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
15:29:31.0226 4964 RpcSs - ok
15:29:31.0272 4964 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:29:31.0272 4964 rspndr - ok
15:29:31.0304 4964 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:29:31.0304 4964 SamSs - ok
15:29:31.0350 4964 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
15:29:31.0350 4964 sbp2port - ok
15:29:31.0382 4964 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:29:31.0382 4964 SCardSvr - ok
15:29:31.0428 4964 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
15:29:31.0475 4964 scfilter - ok
15:29:31.0569 4964 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
15:29:31.0647 4964 Schedule - ok
15:29:31.0694 4964 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
15:29:31.0694 4964 SCPolicySvc - ok
15:29:31.0756 4964 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
15:29:31.0756 4964 SDRSVC - ok
15:29:31.0803 4964 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:29:31.0803 4964 secdrv - ok
15:29:31.0850 4964 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
15:29:31.0850 4964 seclogon - ok
15:29:31.0881 4964 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:29:31.0881 4964 SENS - ok
15:29:31.0912 4964 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:29:31.0912 4964 SensrSvc - ok
15:29:31.0943 4964 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
15:29:31.0943 4964 Serenum - ok
15:29:31.0990 4964 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
15:29:31.0990 4964 Serial - ok
15:29:32.0052 4964 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
15:29:32.0052 4964 sermouse - ok
15:29:32.0115 4964 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
15:29:32.0115 4964 SessionEnv - ok
15:29:32.0162 4964 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:29:32.0162 4964 sffdisk - ok
15:29:32.0193 4964 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:29:32.0193 4964 sffp_mmc - ok
15:29:32.0224 4964 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
15:29:32.0224 4964 sffp_sd - ok
15:29:32.0255 4964 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
15:29:32.0255 4964 sfloppy - ok
15:29:32.0302 4964 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:29:32.0302 4964 SharedAccess - ok
15:29:32.0364 4964 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
15:29:32.0380 4964 ShellHWDetection - ok
15:29:32.0396 4964 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
15:29:32.0411 4964 SiSGbeLH - ok
15:29:32.0427 4964 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:29:32.0427 4964 SiSRaid2 - ok
15:29:32.0458 4964 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
15:29:32.0458 4964 SiSRaid4 - ok
15:29:32.0474 4964 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:29:32.0474 4964 Smb - ok
15:29:32.0520 4964 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:29:32.0520 4964 SNMPTRAP - ok
15:29:32.0645 4964 SNP2UVC (2d280b5799f9c143fa7d49e032fbce46) C:\Windows\system32\DRIVERS\snp2uvc.sys
15:29:32.0708 4964 SNP2UVC - ok
15:29:32.0817 4964 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:29:32.0817 4964 spldr - ok
15:29:32.0895 4964 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
15:29:32.0895 4964 Spooler - ok
15:29:33.0129 4964 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
15:29:33.0144 4964 sppsvc - ok
15:29:33.0238 4964 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:29:33.0238 4964 sppuinotify - ok
15:29:33.0316 4964 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
15:29:33.0332 4964 srv - ok
15:29:33.0378 4964 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
15:29:33.0394 4964 srv2 - ok
15:29:33.0410 4964 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
15:29:33.0425 4964 srvnet - ok
15:29:33.0456 4964 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:29:33.0456 4964 SSDPSRV - ok
15:29:33.0488 4964 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:29:33.0488 4964 SstpSvc - ok
15:29:33.0519 4964 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
15:29:33.0519 4964 stexstor - ok
15:29:33.0566 4964 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
15:29:33.0566 4964 StillCam - ok
15:29:33.0644 4964 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
15:29:33.0675 4964 stisvc - ok
15:29:33.0722 4964 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:29:33.0722 4964 swenum - ok
15:29:33.0768 4964 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:29:33.0800 4964 swprv - ok
15:29:33.0909 4964 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
15:29:33.0971 4964 SysMain - ok
15:29:34.0080 4964 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
15:29:34.0096 4964 TabletInputService - ok
15:29:34.0158 4964 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
15:29:34.0174 4964 TapiSrv - ok
15:29:34.0205 4964 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:29:34.0205 4964 TBS - ok
15:29:34.0377 4964 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
15:29:34.0455 4964 Tcpip - ok
15:29:34.0673 4964 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
15:29:34.0689 4964 TCPIP6 - ok
15:29:34.0767 4964 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
15:29:34.0829 4964 tcpipreg - ok
15:29:34.0876 4964 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:29:34.0892 4964 TDPIPE - ok
15:29:34.0923 4964 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
15:29:34.0923 4964 TDTCP - ok
15:29:34.0970 4964 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
15:29:34.0970 4964 tdx - ok
15:29:35.0016 4964 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
15:29:35.0016 4964 TermDD - ok
15:29:35.0079 4964 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
15:29:35.0079 4964 TermService - ok
15:29:35.0126 4964 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:29:35.0126 4964 Themes - ok
15:29:35.0141 4964 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:29:35.0141 4964 THREADORDER - ok
15:29:35.0188 4964 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:29:35.0188 4964 TrkWks - ok
15:29:35.0250 4964 truecrypt (8de922cd4fea6f83b10805df965b9a08) C:\Windows\system32\drivers\truecrypt.sys
15:29:35.0250 4964 truecrypt - ok
15:29:35.0328 4964 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
15:29:35.0328 4964 TrustedInstaller - ok
15:29:35.0375 4964 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:29:35.0422 4964 tssecsrv - ok
15:29:35.0500 4964 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
15:29:35.0500 4964 TsUsbFlt - ok
15:29:35.0547 4964 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
15:29:35.0562 4964 tunnel - ok
15:29:35.0594 4964 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
15:29:35.0594 4964 uagp35 - ok
15:29:35.0656 4964 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
15:29:35.0718 4964 udfs - ok
15:29:35.0750 4964 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:29:35.0750 4964 UI0Detect - ok
15:29:35.0796 4964 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:29:35.0796 4964 uliagpkx - ok
15:29:35.0828 4964 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
15:29:35.0828 4964 umbus - ok
15:29:35.0843 4964 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
15:29:35.0843 4964 UmPass - ok
15:29:35.0874 4964 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:29:35.0874 4964 upnphost - ok
15:29:35.0921 4964 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
15:29:35.0937 4964 USBAAPL64 - ok
15:29:35.0952 4964 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
15:29:36.0015 4964 usbccgp - ok
15:29:36.0046 4964 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:29:36.0046 4964 usbcir - ok
15:29:36.0077 4964 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
15:29:36.0124 4964 usbehci - ok
15:29:36.0155 4964 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
15:29:36.0171 4964 usbhub - ok
15:29:36.0186 4964 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
15:29:36.0186 4964 usbohci - ok
15:29:36.0233 4964 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:29:36.0233 4964 usbprint - ok
15:29:36.0249 4964 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:29:36.0264 4964 USBSTOR - ok
15:29:36.0280 4964 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
15:29:36.0280 4964 usbuhci - ok
15:29:36.0311 4964 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
15:29:36.0311 4964 usbvideo - ok
15:29:36.0342 4964 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:29:36.0342 4964 UxSms - ok
15:29:36.0389 4964 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
15:29:36.0389 4964 VaultSvc - ok
15:29:36.0452 4964 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:29:36.0452 4964 vdrvroot - ok
15:29:36.0530 4964 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
15:29:36.0623 4964 vds - ok
15:29:36.0654 4964 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:29:36.0670 4964 vga - ok
15:29:36.0686 4964 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:29:36.0686 4964 VgaSave - ok
15:29:36.0732 4964 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
15:29:36.0779 4964 vhdmp - ok
15:29:36.0888 4964 VIAHdAudAddService (fe595d1a1b781190bb483444b62cc607) C:\Windows\system32\drivers\viahduaa.sys
15:29:36.0951 4964 VIAHdAudAddService - ok
15:29:36.0998 4964 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:29:36.0998 4964 viaide - ok
15:29:37.0029 4964 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
15:29:37.0029 4964 volmgr - ok
15:29:37.0091 4964 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
15:29:37.0107 4964 volmgrx - ok
15:29:37.0154 4964 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
15:29:37.0154 4964 volsnap - ok
15:29:37.0200 4964 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
15:29:37.0200 4964 vsmraid - ok
15:29:37.0325 4964 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
15:29:37.0481 4964 VSS - ok
15:29:37.0590 4964 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:29:37.0590 4964 vwifibus - ok
15:29:37.0606 4964 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:29:37.0606 4964 vwififlt - ok
15:29:37.0653 4964 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:29:37.0653 4964 W32Time - ok
15:29:37.0668 4964 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
15:29:37.0684 4964 WacomPen - ok
15:29:37.0731 4964 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:29:37.0731 4964 WANARP - ok
15:29:37.0746 4964 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
15:29:37.0762 4964 Wanarpv6 - ok
15:29:37.0856 4964 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
15:29:37.0887 4964 WatAdminSvc - ok
15:29:37.0980 4964 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
15:29:38.0027 4964 wbengine - ok
15:29:38.0121 4964 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:29:38.0136 4964 WbioSrvc - ok
15:29:38.0183 4964 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
15:29:38.0214 4964 wcncsvc - ok
15:29:38.0230 4964 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:29:38.0230 4964 WcsPlugInService - ok
15:29:38.0277 4964 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
15:29:38.0277 4964 Wd - ok
15:29:38.0324 4964 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:29:38.0355 4964 Wdf01000 - ok
15:29:38.0386 4964 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:29:38.0386 4964 WdiServiceHost - ok
15:29:38.0386 4964 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:29:38.0402 4964 WdiSystemHost - ok
15:29:38.0448 4964 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
15:29:38.0464 4964 WebClient - ok
15:29:38.0495 4964 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:29:38.0511 4964 Wecsvc - ok
15:29:38.0526 4964 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:29:38.0526 4964 wercplsupport - ok
15:29:38.0573 4964 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:29:38.0573 4964 WerSvc - ok
15:29:38.0620 4964 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:29:38.0620 4964 WfpLwf - ok
15:29:38.0667 4964 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
15:29:38.0667 4964 WimFltr - ok
15:29:38.0682 4964 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:29:38.0682 4964 WIMMount - ok
15:29:38.0714 4964 WinDefend - ok
15:29:38.0729 4964 WinHttpAutoProxySvc - ok
15:29:38.0792 4964 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:29:38.0792 4964 Winmgmt - ok
15:29:38.0932 4964 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
15:29:39.0057 4964 WinRM - ok
15:29:39.0213 4964 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
15:29:39.0213 4964 WinUsb - ok
15:29:39.0275 4964 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:29:39.0338 4964 Wlansvc - ok
15:29:39.0509 4964 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:29:39.0587 4964 wlidsvc - ok
15:29:39.0696 4964 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:29:39.0696 4964 WmiAcpi - ok
15:29:39.0774 4964 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:29:39.0774 4964 wmiApSrv - ok
15:29:39.0821 4964 WMPNetworkSvc - ok
15:29:39.0852 4964 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:29:39.0852 4964 WPCSvc - ok
15:29:39.0899 4964 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
15:29:39.0915 4964 WPDBusEnum - ok
15:29:39.0930 4964 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:29:39.0946 4964 ws2ifsl - ok
15:29:39.0962 4964 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
15:29:39.0977 4964 wscsvc - ok
15:29:39.0977 4964 WSearch - ok
15:29:40.0227 4964 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:29:40.0305 4964 wuauserv - ok
15:29:40.0414 4964 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
15:29:40.0414 4964 WudfPf - ok
15:29:40.0461 4964 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:29:40.0461 4964 WUDFRd - ok
15:29:40.0508 4964 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
15:29:40.0508 4964 wudfsvc - ok
15:29:40.0554 4964 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:29:40.0570 4964 WwanSvc - ok
15:29:40.0679 4964 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:29:40.0695 4964 YahooAUService - ok
15:29:40.0726 4964 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
15:29:41.0100 4964 \Device\Harddisk0\DR0 - ok
15:29:41.0116 4964 Boot (0x1200) (a74b4477c08e8e5cd110984aae8c050c) \Device\Harddisk0\DR0\Partition0
15:29:41.0116 4964 \Device\Harddisk0\DR0\Partition0 - ok
15:29:41.0116 4964 ============================================================
15:29:41.0116 4964 Scan finished
15:29:41.0116 4964 ============================================================
15:29:41.0210 4504 Detected object count: 0
15:29:41.0210 4504 Actual detected object count: 0
15:30:22.0893 4748 Deinitialize success


aswMBR Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-19 15:35:18
-----------------------------
15:35:18.204 OS Version: Windows x64 6.1.7601 Service Pack 1
15:35:18.204 Number of processors: 2 586 0x170A
15:35:18.204 ComputerName: LEN-PC UserName: Len
15:35:19.062 Initialize success
15:36:25.082 AVAST engine defs: 12071901
15:36:44.504 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:36:44.504 Disk 0 Vendor: ST932032 0002 Size: 305245MB BusType: 3
15:36:44.535 Disk 0 MBR read successfully
15:36:44.535 Disk 0 MBR scan
15:36:44.535 Disk 0 Windows VISTA default MBR code
15:36:44.551 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14997 MB offset 2048
15:36:44.566 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 290246 MB offset 30715904
15:36:44.597 Disk 0 scanning C:\Windows\system32\drivers
15:37:00.650 Service scanning
15:37:30.838 Modules scanning
15:37:30.838 Disk 0 trace - called modules:
15:37:30.916 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
15:37:30.916 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048f1790]
15:37:30.931 3 CLASSPNP.SYS[fffff88001ba843f] -> nt!IofCallDriver -> [0xfffffa80046e0be0]
15:37:30.931 5 ACPI.sys[fffff88000d4e7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004704050]
15:37:31.992 AVAST engine scan C:\Windows
15:37:35.346 AVAST engine scan C:\Windows\system32
15:42:32.389 AVAST engine scan C:\Windows\system32\drivers
15:42:58.847 AVAST engine scan C:\Users\Len
16:04:27.509 AVAST engine scan C:\ProgramData
16:07:08.108 Scan finished successfully
16:07:21.977 Disk 0 MBR has been saved successfully to "C:\Users\Len\Desktop\MBR.dat"
16:07:21.993 The log file has been saved successfully to "C:\Users\Len\Desktop\aswMBR.txt"
ESET LOG

C:\Beths Files\Beth\Elizabeth Sheehy\AppData\Local\akuvadejuzakax.dll Win32/Adware.SpywareProtect2009 application cleaned by deleting - quarantined
C:\Beths Files\Beth\Elizabeth Sheehy\AppData\Local\okumebop.dll Win32/Adware.SpywareProtect2009 application cleaned by deleting - quarantined
C:\Beths Files\Beth\Elizabeth Sheehy\AppData\Local\oludageq.dll Win32/Adware.SpywareProtect2009 application cleaned by deleting - quarantined
C:\Beths Files\Beth\Elizabeth Sheehy\AppData\Local\ugetohap.dll Win32/Adware.SpywareProtect2009 application cleaned by deleting - quarantined
C:\Beths Files\Beth\Elizabeth Sheehy\AppData\Local\uhowulevefi.dll Win32/Adware.SpywareProtect2009 application cleaned by deleting - quarantined
C:\Beths Files\Beth\Elizabeth Sheehy\AppData\Local\utatuguz.dll Win32/Adware.SpywareProtect2009 application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Len\AppData\Local\Temp\4995.tmp a variant of Win32/Kryptik.AIPA trojan cleaned by deleting - quarantined
C:\Users\Len\AppData\Local\Temp\D1D7.tmp a variant of Win32/Kryptik.AIPA trojan cleaned by deleting - quarantined
C:\Users\Len\Downloads\cnet2_expaudioeditor_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Len\Downloads\cnet2_FFSetup270_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Len\Downloads\cnet2_XmlPad3_02a_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:15 AM

Posted 19 July 2012 - 04:28 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Create a restore point before trying this

Download

adware cleaner

Launch it click on Delete

post the generated log

#5 blockisle9

blockisle9
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 19 July 2012 - 09:06 PM

Logs as requsted

MiniToolBox by Farbar Version: 15-07-2012
Ran by Len (administrator) on 19-07-2012 at 21:30:27
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Len-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
Physical Address. . . . . . . . . : 90-E6-BA-1D-A2-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-25-D3-6D-71-5E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8482:2b77:d547:8bb5%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.67(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, July 19, 2012 9:07:16 PM
Lease Expires . . . . . . . . . . : Friday, July 20, 2012 9:07:48 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234890707
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-33-5D-59-00-25-D3-6D-71-5E
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c52:3117:9c97:1249(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c52:3117:9c97:1249%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: homeportal
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4006:801::100e
74.125.226.192
74.125.226.193
74.125.226.194
74.125.226.195
74.125.226.196
74.125.226.197
74.125.226.198
74.125.226.199
74.125.226.200
74.125.226.201
74.125.226.206


Pinging google.com [74.125.226.233] with 32 bytes of data:
Reply from 74.125.226.233: bytes=32 time=564ms TTL=53
Reply from 74.125.226.233: bytes=32 time=33ms TTL=53

Ping statistics for 74.125.226.233:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 33ms, Maximum = 564ms, Average = 298ms
Server: homeportal
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=173ms TTL=49
Reply from 98.139.183.24: bytes=32 time=116ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 116ms, Maximum = 173ms, Average = 144ms
Server: homeportal
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...90 e6 ba 1d a2 3b ......Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
10...00 25 d3 6d 71 5e ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.67 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.67 281
192.168.1.67 255.255.255.255 On-link 192.168.1.67 281
192.168.1.255 255.255.255.255 On-link 192.168.1.67 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.67 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.67 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:3c52:3117:9c97:1249/128
On-link
10 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::3c52:3117:9c97:1249/128
On-link
10 281 fe80::8482:2b77:d547:8bb5/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/19/2012 09:19:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/19/2012 04:10:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/19/2012 04:10:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/17/2012 06:23:22 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: db8

Start Time: 01cd646ab31f51f5

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (07/17/2012 06:22:49 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ce8

Start Time: 01cd64665fb8a8ce

Termination Time: 62

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20


System errors:
=============
Error: (07/14/2012 05:19:36 PM) (Source: DCOM) (User: )
Description: {76D0CB12-7604-4048-B83C-1005C7DDC503}

Error: (07/12/2012 05:34:50 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 51. The internal error state is 900.

Error: (07/07/2012 07:52:52 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/07/2012 07:52:47 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/07/2012 07:52:41 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/07/2012 07:52:34 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/07/2012 07:52:28 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/07/2012 07:51:09 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/07/2012 07:50:07 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.

Error: (07/07/2012 07:49:57 PM) (Source: cdrom) (User: )
Description: The device, \Device\CdRom0, has a bad block.


Microsoft Office Sessions:
=========================
Error: (07/19/2012 09:19:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Len\Downloads\esetsmartinstaller_enu.exe

Error: (07/19/2012 04:10:29 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Len\Downloads\esetsmartinstaller_enu.exe

Error: (07/19/2012 04:10:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Len\Downloads\esetsmartinstaller_enu.exe

Error: (07/17/2012 06:23:22 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16447db801cd646ab31f51f515C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (07/17/2012 06:22:49 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16447ce801cd64665fb8a8ce62C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21

Error: (07/13/2012 05:29:01 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20


=========================== Installed Programs ============================

4660_4680_Help (Version: 1.00.0000)
64 Bit HP CIO Components Installer (Version: 6.2.2)
7-Zip 9.22beta
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.3.0.3650)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Alcor Micro USB Card Reader (Version: 1.2.17.25001)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.5)
ASUS CopyProtect (Version: 1.0.0015)
ASUS FancyStart (Version: 1.0.6)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS MultiFrame (Version: 1.0.0019)
ASUS Power4Gear Hybrid (Version: 1.1.19)
ASUS SmartLogon (Version: 1.0.0007)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS Virtual Camera (Version: 1.0.17)
Asus_Camera_ScreenSaver (Version: 2.0.0009)
Atheros Client Installation Program (Version: 7.0)
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (Version: 1.0.0.16)
ATK Generic Function Service (Version: 1.00.0008)
ATK Hotkey (Version: 1.0.0051)
ATK Media (Version: 2.0.0005)
ATKOSD2 (Version: 7.0.0005)
Avery Wizard 4.0 (Version: 4.0.4)
Bing Bar (Version: 7.0.850.0)
Bonjour (Version: 3.0.0.10)
bpd_scan (Version: 3.00.0000)
BPDSoftware (Version: 140.0.000.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 140.0.213.000)
Bullzip PDF Printer 4.0.0.463
CamToPrint (Version: 5.3.0.0)
CCleaner (Version: 3.20)
Choice Guard (Version: 1.2.87.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ControlDeck (Version: 1.0.1)
CyberLink LabelPrint (Version: 2.5.1720)
CyberLink Power2Go (Version: 6.1.2713)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 140.0.213.000)
DocMgr (Version: 140.0.65.000)
DocProc (Version: 140.0.100.000)
ESET Online Scanner v3
ETDWare PS/2-x64 7.0.5.7_WHQL
Expstudio Audio Editor FREE (Version: 4.31)
Fast Boot (Version: 1.0.2)
Fax (Version: 140.0.213.000)
FormatFactory 2.70 (Version: 2.70)
Galapago
Google Advertising Cookie Opt-out (Version: 1.0.0.2)
Google Chrome (Version: 20.0.1132.57)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 140.0.212.000)
GPL Ghostscript Lite 9.04
HP Customer Participation Program 14.0 (Version: 14.0)
HP Document Manager 2.0 (Version: 2.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP OfficeJet J4600 All-In-One Series (Version: 14.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.006.003)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 140.0.213.000)
HPSSupply (Version: 140.0.212.000)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 10.6.3.25)
J4680 (Version: 140.0.000.000)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8050.1202)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MarketResearch (Version: 140.0.214.000)
McAfee SecurityCenter (Version: 11.0.678)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Basic Edition 2003 (Version: 11.0.8173.0)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office PowerPoint Viewer 2003 (Version: 11.0.8305.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Mp3tag v2.51 (Version: v2.51)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 140.0.215.000)
OCR Software by I.R.I.S. 14.0 (Version: 14.0)
PDF Creator
Platform (Version: 1.34)
ProductContext (Version: 140.0.000.000)
Quicken 2007 (Version: 16.1.2.25)
QuickTime (Version: 7.72.80.56)
Safari (Version: 5.34.57.2)
Scan (Version: 140.0.167.000)
Shop for HP Supplies (Version: 14.0)
SmartWebPrinting (Version: 140.0.213.000)
SolutionCenter (Version: 140.0.214.000)
Status (Version: 140.0.256.000)
SyncBack
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.213.000)
TrueCrypt (Version: 7.1)
TurboTax 2010
TurboTax 2010 wctiper (Version: 010.000.1892)
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 wctiper (Version: 011.000.1611)
TurboTax 2011 WinPerFedFormset (Version: 011.000.3161)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0218)
TurboTax 2011 wrapper (Version: 011.000.0121)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VIA Platform Device Manager (Version: 1.34)
WavePad Sound Editor
WebReg (Version: 140.0.213.017)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Family Safety (Version: 14.0.8052.1208)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
WinFlash (Version: 2.26.0)
Wireless Console 3 (Version: 3.0.10)
WMHelp XmlPad (Version: 3.02.1001)
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 4061.09 MB
Available physical RAM: 2861.21 MB
Total Pagefile: 8120.36 MB
Available Pagefile: 6235.21 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.3 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.44 GB) (Free:200.16 GB) NTFS
2 Drive e: (BHIL_DS2) (CDROM) (Total:7.7 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\LEN-PC

Administrator Guest Len


**** End of log ****



Farbar Service Scanner Version: 19-07-2012
Ran by Len (administrator) on 19-07-2012 at 21:39:23
Running from "C:\Users\Len\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


# AdwCleaner v1.703 - Logfile created 07/19/2012 at 21:58:28
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Len - LEN-PC
# Running from : C:\Users\Len\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Tarma Installer

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
[x64] Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Len\AppData\Roaming\Mozilla\Firefox\Profiles\qnrc4q61.default\prefs.js

C:\Users\Len\AppData\Roaming\Mozilla\Firefox\Profiles\qnrc4q61.default\user.js ... Deleted !

[OK] File is clean.

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Len\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [1726 octets] - [19/07/2012 21:58:28]

########## EOF - C:\AdwCleaner[S1].txt - [1854 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:15 AM

Posted 19 July 2012 - 09:08 PM

Any current issues?

#7 blockisle9

blockisle9
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 20 July 2012 - 02:13 PM

It seems okay, I'll have to wait and see if my browsers home page gets changed again.
Did you notice anything out of the ordinary in the logs?
Thanks again
Lenny

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:15 AM

Posted 20 July 2012 - 02:24 PM

No symptoms of rootkits

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 blockisle9

blockisle9
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 20 July 2012 - 02:38 PM

Should I run TFC and let it reboot and then after the reboot shut down system retore then reboot again and then turn sytem restore back on and create a new restore point?
Or shut down system restore before running TFC?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:15 AM

Posted 20 July 2012 - 02:45 PM

Run TFC,turn off system restore ,restart your PC,turn on system restoe,create restore point

#11 blockisle9

blockisle9
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:15 PM

Posted 20 July 2012 - 03:12 PM

Thanks again for your help.
If my browser home page continues to get changed, should I post here or start a new topic.
Thanks again for all your help.
Lenny

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:15 AM

Posted 20 July 2012 - 03:16 PM

Post here let me guide you then :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users