Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop-ups in all browsers, lower right corner


  • Please log in to reply
7 replies to this topic

#1 Gus B.

Gus B.

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 13 August 2012 - 07:50 PM

I am getting pop-up ads in the lower right corner of FireFox and Internet Explorer. The ads are in the shape of a square with text inside, and sometimes has a picture. I'm getting a lot that say I can work in the US or join a visa lottery to get a greencard.

I have tried following the advice from other users of BleepingComputer by (1)checking various tick-boxes in the browsers, (2)viewing the hosts file (but finding nothing that looking questionable), and (3)running every spyware scanner I can download. Nothing has helped; however, I saw that many helpful users requested various log files from people with the same problem.

I am listing some of the log files below: MiniToolBox, FSS, Malwarebytes.

Could anybody please help? I would greatly appreciate any help you can give me!

Gus


-----------------------------------------------------------------------------------------------------------------------------------------------

MiniToolBox by Farbar Version: 23-07-2012
Ran by Asus (administrator) on 27-07-2011 at 18:25:40
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost


68.168.222.227 www.google-analytics.com.
68.168.222.227 ad-emea.doubleclick.net.
68.168.222.227 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
JMicron PCI Express Gigabit Ethernet Adapter = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Asus-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 06-25-D3-F4-59-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : JMicron PCI Express Gigabit Ethernet Adapter
Physical Address. . . . . . . . . : E0-CB-4E-A0-E6-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 00-25-D3-F4-59-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::55d1:2be9:ba47:e8f2%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.68(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, July 27, 2011 5:07:32 PM
Lease Expires . . . . . . . . . . : Thursday, July 28, 2011 5:07:32 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 234890707
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-3B-61-BE-00-25-D3-CB-E6-95
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c24:2cbe:93a8:ea43(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c24:2cbe:93a8:ea43%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: home
Address: 192.168.1.254

Name: google.com
Addresses: 2607:f8b0:4009:801::100e
74.125.225.72
74.125.225.73
74.125.225.78
74.125.225.64
74.125.225.65
74.125.225.66
74.125.225.67
74.125.225.68
74.125.225.69
74.125.225.70
74.125.225.71


Pinging google.com [74.125.225.33] with 32 bytes of data:
Reply from 74.125.225.33: bytes=32 time=65ms TTL=55
Reply from 74.125.225.33: bytes=32 time=62ms TTL=55

Ping statistics for 74.125.225.33:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 65ms, Average = 63ms
Server: home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=130ms TTL=52
Reply from 72.30.38.140: bytes=32 time=116ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 116ms, Maximum = 130ms, Average = 123ms
Server: home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=7ms TTL=128
Reply from 127.0.0.1: bytes=32 time=8ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 8ms, Average = 7ms
===========================================================================
Interface List
14...06 25 d3 f4 59 9a ......Microsoft Virtual WiFi Miniport Adapter
11...e0 cb 4e a0 e6 47 ......JMicron PCI Express Gigabit Ethernet Adapter
10...00 25 d3 f4 59 9a ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.68 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.68 281
192.168.1.68 255.255.255.255 On-link 192.168.1.68 281
192.168.1.255 255.255.255.255 On-link 192.168.1.68 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.68 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.68 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:3c24:2cbe:93a8:ea43/128
On-link
10 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::3c24:2cbe:93a8:ea43/128
On-link
10 281 fe80::55d1:2be9:ba47:e8f2/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/27/2011 01:59:26 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Adobe Reader 9.0.1.; Error = 0x80070422).

Error: (07/27/2011 01:59:21 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Adobe Reader 9.0.1.; Error = 0x80070422).

Error: (07/27/2011 01:47:26 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed JavaFX 2.1.1; Error = 0x80070422).

Error: (07/27/2011 01:47:22 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed JavaFX 2.1.1; Error = 0x80070422).

Error: (07/27/2011 01:47:03 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Java™ 7 Update 5; Error = 0x80070422).

Error: (07/27/2011 01:46:58 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Java™ 7 Update 5; Error = 0x80070422).

Error: (07/27/2011 01:46:42 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Java™ 7 Update 5; Error = 0x80070422).

Error: (07/27/2011 01:46:33 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed Microsoft Fix it 50267; Error = 0x80070422).

Error: (07/27/2011 01:46:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (07/27/2011 01:46:28 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Installed Microsoft Fix it 50267; Error = 0x80070422).


System errors:
=============
Error: (07/24/2011 09:59:09 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by 33098154 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.13:123) is working properly.

Error: (07/20/2011 11:42:28 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MARICEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C0F5B281-E089-4ED1-98E0-95A1AEE1DCDE}.
The master browser is stopping or an election is being forced.

Error: (07/20/2011 11:36:19 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MARICEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C0F5B281-E089-4ED1-98E0-95A1AEE1DCDE}.
The master browser is stopping or an election is being forced.

Error: (07/19/2011 03:59:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (07/17/2011 00:09:49 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{C0F5B281-E089-4ED1-98E0-95A1AEE1DCDE}.
The backup browser is stopping.

Error: (07/17/2011 11:51:59 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MARICEL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{C0F5B281-E089-4ED1-98E0-95A1AEE1DCDE}.
The master browser is stopping or an election is being forced.

Error: (07/15/2011 01:24:38 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/12/2011 06:39:52 PM) (Source: Service Control Manager) (User: )
Description: The AFBAgent service terminated unexpectedly. It has done this 1 time(s).

Error: (07/10/2011 09:42:35 AM) (Source: Microsoft-Windows-Time-Service) (User: NT AUTHORITY)
Description: The time service has detected that the system time needs to be changed by 33098229 seconds. The time service will not change the system time by more than 54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.21.22:123) is working properly.

Error: (07/09/2011 05:24:58 AM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (07/27/2011 01:59:26 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Adobe Reader 9.0.1.0x80070422

Error: (07/27/2011 01:59:21 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Adobe Reader 9.0.1.0x80070422

Error: (07/27/2011 01:47:26 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved JavaFX 2.1.10x80070422

Error: (07/27/2011 01:47:22 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved JavaFX 2.1.10x80070422

Error: (07/27/2011 01:47:03 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Java™ 7 Update 50x80070422

Error: (07/27/2011 01:46:58 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Java™ 7 Update 50x80070422

Error: (07/27/2011 01:46:42 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Java™ 7 Update 50x80070422

Error: (07/27/2011 01:46:33 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VInstalled Microsoft Fix it 502670x80070422

Error: (07/27/2011 01:46:29 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (07/27/2011 01:46:28 PM) (Source: System Restore)(User: )
Description: C:\Windows\system32\msiexec.exe /VInstalled Microsoft Fix it 502670x80070422


=========================== Installed Programs ============================

Acrobat.com (Version: 1.1.377)
Ahead Nero Burning ROM
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression Codec (Version: 1.0.0.0)
ASUS AI Recovery (Version: 1.0.8)
ASUS CopyProtect (Version: 1.0.0015)
ASUS Data Security Manager (Version: 1.00.0014)
ASUS FancyStart (Version: 1.0.8)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS MultiFrame (Version: 1.0.0021)
ASUS Power4Gear Hybrid (Version: 1.1.28)
ASUS SmartLogon (Version: 1.0.0008)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS Virtual Camera (Version: 1.0.19)
ASUS_U_Series_Screensaver
ATK Package (Version: 1.0.0001)
Autodesk SketchBookPro 2011 (Version: 5.00.0000)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
AviSynth 2.5
Bing Rewards Client Installer (Version: 16.0.345.0)
Canon MP250 series MP Drivers
Comical 0.8
Conexant HD Audio (Version: 4.98.18.64)
ControlDeck (Version: 1.0.5)
Corel Style Pack 2010-001 (Version: 1.0.0.1)
DVD Shrink 3.2
Epson Event Manager (Version: 2.40.0001)
EPSON Scan
EPSON TX220 Series Printer Uninstall
Express Gate (Version: 1.2.13.40)
Fast Boot (Version: 1.0.5)
ffdshow [rev 2583] [2009-01-05] (Version: 1.0)
GIMP 2.6.11 (Version: 2.6.11)
Google SketchUp 8 (Version: 3.0.4811)
ImgBurn (Version: 2.5.2.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2021)
Intel® Management Engine Components (Version: 6.0.0.1179)
iTunes (Version: 10.4.1.10)
JMicron Ethernet Adapter NDIS Driver (Version: 6.0.14.11)
JMicron Flash Media Controller Driver (Version: 1.0.33.2)
K-Lite Codec Pack 7.0.0 (Basic) (Version: 7.0.0)
KODAK Share Button App (Version: 3.01.0000.0000)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MyEpson Portal
MyEpson Portal (Version: 1.0.0.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
QuickTime (Version: 7.70.80.34)
ScanExpress A3 USB 1200 Pro V1.7 (Version: 1.7)
Skype™ 5.5 (Version: 5.5.124)
Sothink Movie DVD Maker (Version: 3.7)
Spybot - Search & Destroy (Version: 1.6.2)
Trend Micro Internet Security (Version: 17.50)
Tropico 3: Absolute Power (Version: 2.01)
USB 2.0 1.3M UVC WebCam
VASSAL (3.1.17) (Version: 3.1.17)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.8 (Version: 1.1.8)
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (Version: 01/29/2010 1.4.1.0)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
WinFlash (Version: 2.29.0)
Wireless Console 3 (Version: 3.0.15)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3884.51 MB
Available physical RAM: 2195.28 MB
Total Pagefile: 7767.21 MB
Available Pagefile: 5824.11 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.73 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:15.87 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:336.62 GB) (Free:330.43 GB) NTFS

========================= Users: ========================================

User accounts for \\ASUS-PC

Administrator Asus Guest

========================= Minidump Files ==================================

No minidump file found


**** End of log ****


-----------------------------------------------------------------------------------------------------------------------------------------------

Farbar Service Scanner Version: 06-08-2012
Ran by Asus (administrator) on 27-07-2011 at 18:43:19
Running from "C:\Users\Asus\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


-----------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.12.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Asus :: ASUS-PC [administrator]

Protection: Enabled

7/27/2011 6:44:30 PM
mbam-log-2011-07-27 (18-44-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 192309
Time elapsed: 4 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Edited by Orange Blossom, 13 August 2012 - 09:12 PM.
Moved to AII from Windows 7. ~ OB


BC AdBot (Login to Remove)

 


#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 32,872 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:02 AM

Posted 13 August 2012 - 09:22 PM

Hello,

Looking over the logs, I in fact do see entries in your hosts file that shouldn't be there. I know the difference between an entry that protects you from bad stuff and an entry that will load bad stuff.

Please read this article: http://support.microsoft.com/kb/972034 for how to reset the hosts file back to the default.

Once you have done that, please let me know if the symptoms persist.

Orange Blossom :cherry:

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SuperAntiSpyware, SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript


#3 Gus B.

Gus B.
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 14 August 2012 - 01:06 PM

Hello,

Looking over the logs, I in fact do see entries in your hosts file that shouldn't be there. I know the difference between an entry that protects you from bad stuff and an entry that will load bad stuff.

Please read this article: http://support.microsoft.com/kb/972034 for how to reset the hosts file back to the default.

Once you have done that, please let me know if the symptoms persist.

Orange Blossom :cherry:

Orange Blossom,

Thanks for the reply! I used the "Fix It" link. Unfortunately, I'm still getting those silly ads (the ad right now says "Find Orange Content Forum Stats Language"). Here is what the hosts fill looks like right now:

# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

Any more help you could give me would be really appreciated! I really appreciate the trouble. :wink:

Gus

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:02 AM

Posted 14 August 2012 - 08:44 PM

It seems Orange Blossom missed your post

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 Gus B.

Gus B.
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 15 August 2012 - 03:45 AM

NarenXP,

I really appreciate you taking the time to help me by looking through these logs. I know it takes up some time for users like you and Orange Blossom, but your time and effort are really valued by users like me! Thanks!

Gus


TDSSKiller

20:04:21.0067 5324 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
20:04:21.0691 5324 ============================================================
20:04:21.0691 5324 Current date / time: 2011/07/28 20:04:21.0691
20:04:21.0691 5324 SystemInfo:
20:04:21.0691 5324
20:04:21.0691 5324 OS Version: 6.1.7601 ServicePack: 1.0
20:04:21.0691 5324 Product type: Workstation
20:04:21.0691 5324 ComputerName: ASUS-PC
20:04:21.0691 5324 UserName: Asus
20:04:21.0691 5324 Windows directory: C:\Windows
20:04:21.0691 5324 System windows directory: C:\Windows
20:04:21.0691 5324 Running under WOW64
20:04:21.0691 5324 Processor architecture: Intel x64
20:04:21.0691 5324 Number of processors: 4
20:04:21.0691 5324 Page size: 0x1000
20:04:21.0691 5324 Boot type: Normal boot
20:04:21.0691 5324 ============================================================
20:04:24.0140 5324 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:04:24.0171 5324 Drive \Device\Harddisk1\DR1 - Size: 0x1E8000000 (7.63 Gb), SectorSize: 0x200, Cylinders: 0x3E3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:04:24.0187 5324 ============================================================
20:04:24.0187 5324 \Device\Harddisk0\DR0:
20:04:24.0202 5324 MBR partitions:
20:04:24.0202 5324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0xE8E1800
20:04:24.0218 5324 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10246800, BlocksNum 0x2A13F000
20:04:24.0218 5324 \Device\Harddisk1\DR1:
20:04:24.0218 5324 MBR partitions:
20:04:24.0218 5324 ============================================================
20:04:24.0265 5324 C: <-> \Device\Harddisk0\DR0\Partition1
20:04:24.0312 5324 D: <-> \Device\Harddisk0\DR0\Partition2
20:04:24.0312 5324 ============================================================
20:04:24.0312 5324 Initialize success
20:04:24.0312 5324 ============================================================
20:04:31.0098 2312 ============================================================
20:04:31.0098 2312 Scan started
20:04:31.0098 2312 Mode: Manual;
20:04:31.0098 2312 ============================================================
20:04:34.0530 2312 ================ Scan services =============================
20:04:36.0324 2312 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:04:36.0339 2312 1394ohci - ok
20:04:36.0402 2312 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:04:36.0417 2312 ACPI - ok
20:04:36.0480 2312 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:04:36.0542 2312 AcpiPmi - ok
20:04:36.0823 2312 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:04:36.0916 2312 adp94xx - ok
20:04:36.0963 2312 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:04:36.0979 2312 adpahci - ok
20:04:37.0104 2312 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:04:37.0104 2312 adpu320 - ok
20:04:37.0260 2312 [ c0bf554d2277f7a4c735d475ade2e3b2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
20:04:37.0369 2312 ADSMService - ok
20:04:37.0431 2312 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:04:37.0447 2312 AeLookupSvc - ok
20:04:37.0540 2312 [ 2d00d3dadc1d3326ba788eb071f2726e ] AFBAgent C:\Windows\system32\FBAgent.exe
20:04:37.0587 2312 AFBAgent - ok
20:04:37.0962 2312 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:04:38.0086 2312 AFD - ok
20:04:38.0164 2312 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:04:38.0164 2312 agp440 - ok
20:04:38.0227 2312 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe
20:04:38.0227 2312 ALG - ok
20:04:38.0305 2312 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:04:38.0305 2312 aliide - ok
20:04:38.0336 2312 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys
20:04:38.0352 2312 amdide - ok
20:04:38.0430 2312 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:04:38.0430 2312 AmdK8 - ok
20:04:38.0461 2312 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:04:38.0461 2312 AmdPPM - ok
20:04:38.0508 2312 [ 6ec6d772eae38dc17c14aed9b178d24b ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:04:38.0508 2312 amdsata - ok
20:04:38.0570 2312 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:04:38.0586 2312 amdsbs - ok
20:04:38.0617 2312 [ 1142a21db581a84ea5597b03a26ebaa0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:04:38.0617 2312 amdxata - ok
20:04:38.0835 2312 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys
20:04:38.0882 2312 AppID - ok
20:04:38.0944 2312 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:04:38.0944 2312 AppIDSvc - ok
20:04:39.0116 2312 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll
20:04:39.0116 2312 Appinfo - ok
20:04:39.0303 2312 [ 20f6f19fe9e753f2780dc2fa083ad597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:04:39.0568 2312 Apple Mobile Device - ok
20:04:39.0709 2312 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys
20:04:39.0724 2312 arc - ok
20:04:39.0818 2312 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:04:39.0834 2312 arcsas - ok
20:04:39.0912 2312 [ 88fbc8bebfd38566235eaa5e4dbc4e05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
20:04:39.0912 2312 AsDsm - ok
20:04:40.0068 2312 [ 18e5c2f937f9deb8c282df66a3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:04:40.0083 2312 ASLDRService - ok
20:04:40.0239 2312 [ 4c016fd76ed5c05e84ca8cab77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:04:40.0239 2312 ASMMAP64 - ok
20:04:40.0286 2312 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:04:40.0286 2312 AsyncMac - ok
20:04:40.0333 2312 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys
20:04:40.0333 2312 atapi - ok
20:04:40.0504 2312 [ 0acc06fcf46f64ed4f11e57ee461c1f4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:04:40.0692 2312 athr - ok
20:04:40.0723 2312 [ 63f1212ffe13e62ca1e8d8ee19abd9a7 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:04:40.0723 2312 ATKGFNEXSrv - ok
20:04:41.0004 2312 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:04:41.0019 2312 AudioEndpointBuilder - ok
20:04:41.0113 2312 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:04:41.0128 2312 AudioSrv - ok
20:04:41.0877 2312 [ d67719bcfde5798f5c30d14efed3bcaf ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
20:04:42.0080 2312 AVGIDSAgent - ok
20:04:42.0142 2312 [ 1b2e9fcdc26dc7c81d4131430e2dc936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:04:42.0158 2312 AVGIDSDriver - ok
20:04:42.0174 2312 [ 0f293406f64b48d5d2f0d3a1117f3a83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
20:04:42.0205 2312 AVGIDSFilter - ok
20:04:42.0236 2312 [ cffc3a4a638f462e0561cb368b9a7a3a ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
20:04:42.0236 2312 AVGIDSHA - ok
20:04:42.0252 2312 [ 59955b4c288dd2a8b9fd2cd5158355c5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
20:04:42.0267 2312 Avgldx64 - ok
20:04:42.0298 2312 [ a6aec362aae5e2dda7445e7690cb0f33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
20:04:42.0298 2312 Avgmfx64 - ok
20:04:42.0314 2312 [ 645c7f0a0e39758a0024a9b1748273c0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
20:04:42.0330 2312 Avgrkx64 - ok
20:04:42.0361 2312 [ 1bee674ad792b1c63bb0dac5fa724b23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
20:04:42.0376 2312 Avgtdia - ok
20:04:42.0439 2312 [ ea1145debcd508fd25bd1e95c4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
20:04:42.0439 2312 avgwd - ok
20:04:42.0532 2312 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:04:42.0548 2312 AxInstSV - ok
20:04:42.0860 2312 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:04:42.0891 2312 b06bdrv - ok
20:04:42.0922 2312 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:04:42.0969 2312 b57nd60a - ok
20:04:43.0000 2312 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:04:43.0000 2312 BDESVC - ok
20:04:43.0016 2312 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:04:43.0032 2312 Beep - ok
20:04:43.0094 2312 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll
20:04:43.0125 2312 BFE - ok
20:04:43.0172 2312 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\System32\qmgr.dll
20:04:43.0234 2312 BITS - ok
20:04:43.0266 2312 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:04:43.0297 2312 blbdrive - ok
20:04:43.0328 2312 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:04:43.0344 2312 bowser - ok
20:04:43.0375 2312 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:04:43.0375 2312 BrFiltLo - ok
20:04:43.0390 2312 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:04:43.0390 2312 BrFiltUp - ok
20:04:43.0437 2312 [ 8ef0d5c41ec907751b8429162b1239ed ] Browser C:\Windows\System32\browser.dll
20:04:43.0453 2312 Browser - ok
20:04:43.0468 2312 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:04:43.0484 2312 Brserid - ok
20:04:43.0500 2312 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:04:43.0515 2312 BrSerWdm - ok
20:04:43.0531 2312 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:04:43.0546 2312 BrUsbMdm - ok
20:04:43.0578 2312 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:04:43.0578 2312 BrUsbSer - ok
20:04:43.0640 2312 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:04:43.0640 2312 BTHMODEM - ok
20:04:43.0718 2312 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll
20:04:43.0718 2312 bthserv - ok
20:04:43.0765 2312 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:04:43.0765 2312 cdfs - ok
20:04:43.0812 2312 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:04:43.0812 2312 cdrom - ok
20:04:43.0858 2312 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll
20:04:43.0858 2312 CertPropSvc - ok
20:04:43.0890 2312 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:04:43.0890 2312 circlass - ok
20:04:43.0936 2312 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys
20:04:43.0968 2312 CLFS - ok
20:04:44.0014 2312 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:04:44.0061 2312 clr_optimization_v2.0.50727_32 - ok
20:04:44.0108 2312 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:04:44.0155 2312 clr_optimization_v2.0.50727_64 - ok
20:04:44.0186 2312 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:04:44.0186 2312 CmBatt - ok
20:04:44.0217 2312 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:04:44.0233 2312 cmdide - ok
20:04:44.0280 2312 [ c4943b6c962e4b82197542447ad599f4 ] CNG C:\Windows\system32\Drivers\cng.sys
20:04:44.0295 2312 CNG - ok
20:04:44.0342 2312 [ f7ca3accf5aa0e2182546c5be42b2e96 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:04:44.0373 2312 CnxtHdAudService - ok
20:04:44.0420 2312 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:04:44.0420 2312 Compbatt - ok
20:04:44.0451 2312 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:04:44.0451 2312 CompositeBus - ok
20:04:44.0467 2312 COMSysApp - ok
20:04:44.0482 2312 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:04:44.0498 2312 crcdisk - ok
20:04:44.0545 2312 [ 15597883fbe9b056f276ada3ad87d9af ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:04:44.0545 2312 CryptSvc - ok
20:04:44.0794 2312 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:04:44.0826 2312 DcomLaunch - ok
20:04:44.0888 2312 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll
20:04:44.0919 2312 defragsvc - ok
20:04:44.0950 2312 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:04:44.0966 2312 DfsC - ok
20:04:45.0013 2312 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll
20:04:45.0013 2312 Dhcp - ok
20:04:45.0044 2312 DIRECTIO - ok
20:04:45.0091 2312 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys
20:04:45.0091 2312 discache - ok
20:04:45.0106 2312 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:04:45.0106 2312 Disk - ok
20:04:45.0138 2312 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:04:45.0153 2312 Dnscache - ok
20:04:45.0216 2312 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:04:45.0231 2312 dot3svc - ok
20:04:45.0262 2312 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll
20:04:45.0278 2312 DPS - ok
20:04:45.0340 2312 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:04:45.0340 2312 drmkaud - ok
20:04:45.0403 2312 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:04:45.0418 2312 DXGKrnl - ok
20:04:45.0465 2312 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:04:45.0481 2312 EapHost - ok
20:04:45.0590 2312 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:04:45.0730 2312 ebdrv - ok
20:04:45.0777 2312 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe
20:04:45.0808 2312 EFS - ok
20:04:45.0886 2312 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:04:45.0933 2312 ehRecvr - ok
20:04:45.0964 2312 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe
20:04:45.0964 2312 ehSched - ok
20:04:46.0027 2312 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:04:46.0042 2312 elxstor - ok
20:04:46.0105 2312 [ 7db097f4f6786307168c0dddec43a565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
20:04:46.0198 2312 EPSON_EB_RPCV4_04 - ok
20:04:46.0230 2312 [ 258aa65a0862e19b7de6981fda3758ad ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
20:04:46.0308 2312 EPSON_PM_RPCV4_04 - ok
20:04:46.0323 2312 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:04:46.0339 2312 ErrDev - ok
20:04:46.0386 2312 [ 3c38648375b7f3988691f53a7aae10a9 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:04:46.0401 2312 ETD - ok
20:04:46.0448 2312 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll
20:04:46.0464 2312 EventSystem - ok
20:04:46.0495 2312 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys
20:04:46.0495 2312 exfat - ok
20:04:46.0713 2312 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:04:46.0760 2312 fastfat - ok
20:04:46.0822 2312 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe
20:04:46.0838 2312 Fax - ok
20:04:46.0885 2312 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:04:46.0885 2312 fdc - ok
20:04:46.0932 2312 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:04:46.0932 2312 fdPHost - ok
20:04:46.0963 2312 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:04:46.0963 2312 FDResPub - ok
20:04:47.0010 2312 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:04:47.0025 2312 FileInfo - ok
20:04:47.0041 2312 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:04:47.0056 2312 Filetrace - ok
20:04:47.0072 2312 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:04:47.0072 2312 flpydisk - ok
20:04:47.0119 2312 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:04:47.0134 2312 FltMgr - ok
20:04:47.0212 2312 [ b4447f606bb19fd8ad0bafb59b90f5d9 ] FontCache C:\Windows\system32\FntCache.dll
20:04:47.0259 2312 FontCache - ok
20:04:47.0322 2312 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:04:47.0322 2312 FontCache3.0.0.0 - ok
20:04:47.0353 2312 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:04:47.0368 2312 FsDepends - ok
20:04:47.0400 2312 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:04:47.0415 2312 Fs_Rec - ok
20:04:47.0478 2312 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:04:47.0478 2312 fvevol - ok
20:04:47.0493 2312 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:04:47.0509 2312 gagp30kx - ok
20:04:47.0524 2312 [ e403aacf8c7bb11375122d2464560311 ] GEARAspiWDM C:\Windows\system32\drivers\gearaspiwdm.sys
20:04:47.0540 2312 GEARAspiWDM - ok
20:04:47.0571 2312 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll
20:04:47.0602 2312 gpsvc - ok
20:04:47.0649 2312 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:04:47.0649 2312 hcw85cir - ok
20:04:47.0696 2312 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:04:47.0712 2312 HdAudAddService - ok
20:04:47.0743 2312 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:04:47.0758 2312 HDAudBus - ok
20:04:47.0774 2312 [ b6ac71aaa2b10848f57fc49d55a651af ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:04:47.0790 2312 HECIx64 - ok
20:04:47.0821 2312 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:04:47.0821 2312 HidBatt - ok
20:04:47.0836 2312 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:04:47.0852 2312 HidBth - ok
20:04:47.0868 2312 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:04:47.0868 2312 HidIr - ok
20:04:47.0914 2312 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\system32\hidserv.dll
20:04:47.0930 2312 hidserv - ok
20:04:47.0977 2312 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:04:47.0977 2312 HidUsb - ok
20:04:48.0008 2312 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:04:48.0055 2312 hkmsvc - ok
20:04:48.0086 2312 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:04:48.0117 2312 HomeGroupListener - ok
20:04:48.0148 2312 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:04:48.0180 2312 HomeGroupProvider - ok
20:04:48.0211 2312 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:04:48.0211 2312 HpSAMD - ok
20:04:48.0304 2312 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:04:48.0320 2312 HTTP - ok
20:04:48.0367 2312 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:04:48.0367 2312 hwpolicy - ok
20:04:48.0414 2312 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:04:48.0414 2312 i8042prt - ok
20:04:48.0476 2312 [ bbb3b6df1abb0fe35802ede85cc1c011 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:04:48.0476 2312 iaStor - ok
20:04:48.0538 2312 [ 3df4395a7cf8b7a72a5f4606366b8c2d ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:04:48.0554 2312 iaStorV - ok
20:04:48.0741 2312 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:04:48.0772 2312 idsvc - ok
20:04:49.0131 2312 [ 677aa5991026a65ada128c4b59cf2bad ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:04:49.0412 2312 igfx - ok
20:04:49.0428 2312 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:04:49.0443 2312 iirsp - ok
20:04:49.0490 2312 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll
20:04:49.0537 2312 IKEEXT - ok
20:04:49.0568 2312 [ 36fdf367a1dabff903e2214023d71368 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:04:49.0584 2312 Impcd - ok
20:04:49.0615 2312 [ d248aae81c156c0d47a77cd61bc24cd4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:04:49.0630 2312 IntcDAud - ok
20:04:49.0646 2312 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys
20:04:49.0646 2312 intelide - ok
20:04:49.0662 2312 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:04:49.0677 2312 intelppm - ok
20:04:49.0708 2312 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:04:49.0724 2312 IPBusEnum - ok
20:04:49.0755 2312 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:04:49.0755 2312 IpFilterDriver - ok
20:04:49.0802 2312 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:04:49.0818 2312 iphlpsvc - ok
20:04:49.0849 2312 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:04:49.0849 2312 IPMIDRV - ok
20:04:49.0880 2312 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:04:49.0880 2312 IPNAT - ok
20:04:49.0927 2312 [ b7cb0b121962cd89f98c0dd89331b0c0 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:04:49.0942 2312 iPod Service - ok
20:04:49.0974 2312 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:04:49.0974 2312 IRENUM - ok
20:04:49.0989 2312 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:04:50.0005 2312 isapnp - ok
20:04:50.0036 2312 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:04:50.0052 2312 iScsiPrt - ok
20:04:50.0098 2312 [ db917b998cbc15a153c00dd6efc34c13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
20:04:50.0130 2312 JMCR - ok
20:04:50.0161 2312 [ ab42aef22595a46941bff76c210c942b ] JME C:\Windows\system32\DRIVERS\JME.sys
20:04:50.0176 2312 JME - ok
20:04:50.0223 2312 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:04:50.0223 2312 kbdclass - ok
20:04:50.0254 2312 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:04:50.0254 2312 kbdhid - ok
20:04:50.0301 2312 [ e63ef8c3271d014f14e2469ce75fecb4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
20:04:50.0301 2312 kbfiltr - ok
20:04:50.0317 2312 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe
20:04:50.0332 2312 KeyIso - ok
20:04:50.0364 2312 [ da1e991a61cfdd755a589e206b97644b ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:04:50.0364 2312 KSecDD - ok
20:04:50.0395 2312 [ 7e33198d956943a4f11a5474c1e9106f ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:04:50.0395 2312 KSecPkg - ok
20:04:50.0426 2312 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:04:50.0426 2312 ksthunk - ok
20:04:50.0457 2312 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll
20:04:50.0504 2312 KtmRm - ok
20:04:50.0535 2312 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:04:50.0566 2312 LanmanServer - ok
20:04:50.0738 2312 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:04:50.0769 2312 LanmanWorkstation - ok
20:04:50.0800 2312 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:04:50.0816 2312 lltdio - ok
20:04:50.0847 2312 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:04:50.0878 2312 lltdsvc - ok
20:04:50.0910 2312 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:04:50.0925 2312 lmhosts - ok
20:04:51.0003 2312 [ a1c148801b4af64847aeb9f3ad9594ef ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:04:51.0019 2312 LMS - ok
20:04:51.0081 2312 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:04:51.0097 2312 LSI_FC - ok
20:04:51.0112 2312 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:04:51.0128 2312 LSI_SAS - ok
20:04:51.0144 2312 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:04:51.0144 2312 LSI_SAS2 - ok
20:04:51.0175 2312 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:04:51.0175 2312 LSI_SCSI - ok
20:04:51.0206 2312 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys
20:04:51.0206 2312 luafv - ok
20:04:51.0253 2312 [ 085435ae1a124361304044029b5cc644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
20:04:51.0253 2312 lullaby - ok
20:04:51.0300 2312 [ dc8490812a3b72811ae534f423b4c206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:04:51.0315 2312 MBAMProtector - ok
20:04:51.0378 2312 [ 43683e970f008c93c9429ef428147a54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:04:51.0409 2312 MBAMService - ok
20:04:51.0440 2312 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:04:51.0471 2312 Mcx2Svc - ok
20:04:51.0502 2312 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:04:51.0518 2312 megasas - ok
20:04:51.0549 2312 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:04:51.0565 2312 MegaSR - ok
20:04:51.0612 2312 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll
20:04:51.0627 2312 MMCSS - ok
20:04:51.0690 2312 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:04:51.0705 2312 Modem - ok
20:04:51.0721 2312 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:04:51.0721 2312 monitor - ok
20:04:51.0768 2312 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:04:51.0768 2312 mouclass - ok
20:04:51.0814 2312 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:04:51.0830 2312 mouhid - ok
20:04:51.0861 2312 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:04:51.0877 2312 mountmgr - ok
20:04:51.0955 2312 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:04:51.0955 2312 MozillaMaintenance - ok
20:04:51.0986 2312 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:04:52.0002 2312 mpio - ok
20:04:52.0048 2312 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:04:52.0048 2312 mpsdrv - ok
20:04:52.0111 2312 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:04:52.0142 2312 MpsSvc - ok
20:04:52.0173 2312 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:04:52.0189 2312 MRxDAV - ok
20:04:52.0220 2312 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:04:52.0236 2312 mrxsmb - ok
20:04:52.0282 2312 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:04:52.0314 2312 mrxsmb10 - ok
20:04:52.0329 2312 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:04:52.0329 2312 mrxsmb20 - ok
20:04:52.0360 2312 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:04:52.0376 2312 msahci - ok
20:04:52.0392 2312 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:04:52.0392 2312 msdsm - ok
20:04:52.0407 2312 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe
20:04:52.0454 2312 MSDTC - ok
20:04:52.0485 2312 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:04:52.0485 2312 Msfs - ok
20:04:52.0516 2312 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:04:52.0516 2312 mshidkmdf - ok
20:04:52.0548 2312 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:04:52.0563 2312 msisadrv - ok
20:04:52.0704 2312 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:04:52.0735 2312 MSiSCSI - ok
20:04:52.0735 2312 msiserver - ok
20:04:52.0782 2312 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:04:52.0782 2312 MSKSSRV - ok
20:04:52.0813 2312 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:04:52.0813 2312 MSPCLOCK - ok
20:04:52.0828 2312 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:04:52.0844 2312 MSPQM - ok
20:04:52.0891 2312 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:04:52.0891 2312 MsRPC - ok
20:04:52.0953 2312 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:04:52.0969 2312 mssmbios - ok
20:04:52.0984 2312 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:04:53.0000 2312 MSTEE - ok
20:04:53.0016 2312 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:04:53.0016 2312 MTConfig - ok
20:04:53.0062 2312 [ 032d35c996f21d19a205a7c8f0b76f3c ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
20:04:53.0062 2312 MTsensor - ok
20:04:53.0094 2312 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:04:53.0109 2312 Mup - ok
20:04:53.0203 2312 [ d78b5f8b2181a6ade0ef08ce6ebeb627 ] MyEpson Portal Service C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe
20:04:53.0203 2312 MyEpson Portal Service - ok
20:04:53.0265 2312 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll
20:04:53.0312 2312 napagent - ok
20:04:53.0359 2312 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:04:53.0359 2312 NativeWifiP - ok
20:04:53.0406 2312 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys
20:04:53.0437 2312 NDIS - ok
20:04:53.0468 2312 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:04:53.0468 2312 NdisCap - ok
20:04:53.0499 2312 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:04:53.0499 2312 NdisTapi - ok
20:04:53.0546 2312 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:04:53.0546 2312 Ndisuio - ok
20:04:53.0608 2312 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:04:53.0640 2312 NdisWan - ok
20:04:53.0686 2312 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:04:53.0686 2312 NDProxy - ok
20:04:53.0702 2312 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:04:53.0718 2312 NetBIOS - ok
20:04:53.0749 2312 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:04:53.0764 2312 NetBT - ok
20:04:53.0780 2312 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe
20:04:53.0796 2312 Netlogon - ok
20:04:53.0889 2312 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll
20:04:53.0920 2312 Netman - ok
20:04:53.0952 2312 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll
20:04:53.0967 2312 netprofm - ok
20:04:53.0998 2312 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:04:54.0014 2312 NetTcpPortSharing - ok
20:04:54.0030 2312 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:04:54.0045 2312 nfrd960 - ok
20:04:54.0092 2312 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:04:54.0123 2312 NlaSvc - ok
20:04:54.0170 2312 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:04:54.0170 2312 Npfs - ok
20:04:54.0217 2312 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:04:54.0232 2312 nsi - ok
20:04:54.0264 2312 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:04:54.0264 2312 nsiproxy - ok
20:04:54.0357 2312 [ 05d78aa5cb5f3f5c31160bdb955d0b7c ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:04:54.0420 2312 Ntfs - ok
20:04:54.0451 2312 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys
20:04:54.0451 2312 Null - ok
20:04:54.0482 2312 [ 5d9fd91f3d38dc9da01e3cb5fa89cd48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:04:54.0482 2312 nvraid - ok
20:04:54.0529 2312 [ f7cd50fe7139f07e77da8ac8033d1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:04:54.0544 2312 nvstor - ok
20:04:54.0576 2312 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:04:54.0591 2312 nv_agp - ok
20:04:54.0716 2312 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:04:54.0716 2312 ohci1394 - ok
20:04:54.0763 2312 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:04:54.0794 2312 p2pimsvc - ok
20:04:54.0825 2312 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:04:54.0856 2312 p2psvc - ok
20:04:54.0888 2312 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:04:54.0888 2312 Parport - ok
20:04:54.0934 2312 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:04:54.0950 2312 partmgr - ok
20:04:54.0997 2312 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:04:55.0012 2312 PcaSvc - ok
20:04:55.0028 2312 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys
20:04:55.0044 2312 pci - ok
20:04:55.0075 2312 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys
20:04:55.0075 2312 pciide - ok
20:04:55.0122 2312 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:04:55.0122 2312 pcmcia - ok
20:04:55.0153 2312 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:04:55.0153 2312 pcw - ok
20:04:55.0184 2312 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:04:55.0215 2312 PEAUTH - ok
20:04:55.0387 2312 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:04:55.0418 2312 PerfHost - ok
20:04:55.0512 2312 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll
20:04:55.0574 2312 pla - ok
20:04:55.0621 2312 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:04:55.0652 2312 PlugPlay - ok
20:04:55.0683 2312 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:04:55.0714 2312 PNRPAutoReg - ok
20:04:55.0730 2312 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:04:55.0761 2312 PNRPsvc - ok
20:04:55.0808 2312 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:04:55.0839 2312 PolicyAgent - ok
20:04:55.0886 2312 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll
20:04:55.0917 2312 Power - ok
20:04:55.0948 2312 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:04:55.0948 2312 PptpMiniport - ok
20:04:55.0980 2312 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:04:55.0995 2312 Processor - ok
20:04:56.0026 2312 [ 5c78838b4d166d1a27db3a8a820c799a ] ProfSvc C:\Windows\system32\profsvc.dll
20:04:56.0058 2312 ProfSvc - ok
20:04:56.0073 2312 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:04:56.0089 2312 ProtectedStorage - ok
20:04:56.0136 2312 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:04:56.0136 2312 Psched - ok
20:04:56.0198 2312 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:04:56.0292 2312 ql2300 - ok
20:04:56.0338 2312 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:04:56.0354 2312 ql40xx - ok
20:04:56.0401 2312 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll
20:04:56.0432 2312 QWAVE - ok
20:04:56.0463 2312 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:04:56.0463 2312 QWAVEdrv - ok
20:04:56.0479 2312 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:04:56.0479 2312 RasAcd - ok
20:04:56.0526 2312 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:04:56.0541 2312 RasAgileVpn - ok
20:04:56.0728 2312 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll
20:04:56.0744 2312 RasAuto - ok
20:04:56.0806 2312 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:04:56.0806 2312 Rasl2tp - ok
20:04:56.0838 2312 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll
20:04:56.0931 2312 RasMan - ok
20:04:56.0978 2312 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:04:56.0994 2312 RasPppoe - ok
20:04:57.0009 2312 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:04:57.0009 2312 RasSstp - ok
20:04:57.0056 2312 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:04:57.0056 2312 rdbss - ok
20:04:57.0087 2312 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:04:57.0087 2312 rdpbus - ok
20:04:57.0103 2312 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:04:57.0103 2312 RDPCDD - ok
20:04:57.0134 2312 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:04:57.0150 2312 RDPENCDD - ok
20:04:57.0165 2312 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:04:57.0165 2312 RDPREFMP - ok
20:04:57.0228 2312 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:04:57.0259 2312 RDPWD - ok
20:04:57.0321 2312 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:04:57.0337 2312 rdyboost - ok
20:04:57.0352 2312 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:04:57.0384 2312 RemoteAccess - ok
20:04:57.0430 2312 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:04:57.0477 2312 RemoteRegistry - ok
20:04:57.0540 2312 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:04:57.0571 2312 RpcEptMapper - ok
20:04:57.0618 2312 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe
20:04:57.0649 2312 RpcLocator - ok
20:04:57.0727 2312 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\system32\rpcss.dll
20:04:57.0758 2312 RpcSs - ok
20:04:57.0805 2312 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:04:57.0805 2312 rspndr - ok
20:04:57.0820 2312 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe
20:04:57.0836 2312 SamSs - ok
20:04:57.0883 2312 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:04:57.0883 2312 sbp2port - ok
20:04:57.0930 2312 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:04:57.0976 2312 SCardSvr - ok
20:04:58.0008 2312 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:04:58.0008 2312 scfilter - ok
20:04:58.0070 2312 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll
20:04:58.0117 2312 Schedule - ok
20:04:58.0148 2312 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll
20:04:58.0148 2312 SCPolicySvc - ok
20:04:58.0195 2312 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:04:58.0210 2312 sdbus - ok
20:04:58.0242 2312 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:04:58.0273 2312 SDRSVC - ok
20:04:58.0320 2312 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:04:58.0320 2312 secdrv - ok
20:04:58.0335 2312 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll
20:04:58.0382 2312 seclogon - ok
20:04:58.0429 2312 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\System32\sens.dll
20:04:58.0444 2312 SENS - ok
20:04:58.0476 2312 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:04:58.0522 2312 SensrSvc - ok
20:04:58.0554 2312 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:04:58.0569 2312 Serenum - ok
20:04:58.0741 2312 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:04:58.0741 2312 Serial - ok
20:04:58.0788 2312 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:04:58.0788 2312 sermouse - ok
20:04:58.0850 2312 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:04:58.0881 2312 SessionEnv - ok
20:04:58.0944 2312 [ 7251169d5676396840911f64bb4bc3b2 ] SfCtlCom C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
20:04:59.0053 2312 SfCtlCom - ok
20:04:59.0084 2312 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:04:59.0084 2312 sffdisk - ok
20:04:59.0100 2312 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:04:59.0115 2312 sffp_mmc - ok
20:04:59.0115 2312 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:04:59.0115 2312 sffp_sd - ok
20:04:59.0162 2312 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:04:59.0178 2312 sfloppy - ok
20:04:59.0224 2312 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:04:59.0256 2312 SharedAccess - ok
20:04:59.0287 2312 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:04:59.0318 2312 ShellHWDetection - ok
20:04:59.0365 2312 [ 1bc348cf6baa90ec8e533ef6e6a69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
20:04:59.0380 2312 SiSGbeLH - ok
20:04:59.0396 2312 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:04:59.0396 2312 SiSRaid2 - ok
20:04:59.0412 2312 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:04:59.0427 2312 SiSRaid4 - ok
20:04:59.0443 2312 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:04:59.0443 2312 Smb - ok
20:04:59.0490 2312 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:04:59.0521 2312 SNMPTRAP - ok
20:04:59.0646 2312 [ 7aec460dbdd193680f0e77724e40e7b6 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
20:04:59.0692 2312 SNP2UVC - ok
20:04:59.0724 2312 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:04:59.0724 2312 spldr - ok
20:04:59.0786 2312 [ b96c17b5dc1424d56eea3a99e97428cd ] Spooler C:\Windows\System32\spoolsv.exe
20:04:59.0817 2312 Spooler - ok
20:04:59.0942 2312 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe
20:05:00.0067 2312 sppsvc - ok
20:05:00.0114 2312 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:05:00.0160 2312 sppuinotify - ok
20:05:00.0207 2312 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys
20:05:00.0301 2312 srv - ok
20:05:00.0348 2312 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:05:00.0379 2312 srv2 - ok
20:05:00.0410 2312 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:05:00.0426 2312 srvnet - ok
20:05:00.0488 2312 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:05:00.0582 2312 SSDPSRV - ok
20:05:00.0660 2312 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:05:00.0691 2312 SstpSvc - ok
20:05:00.0753 2312 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:05:00.0753 2312 stexstor - ok
20:05:00.0816 2312 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll
20:05:00.0878 2312 stisvc - ok
20:05:00.0909 2312 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:05:00.0909 2312 swenum - ok
20:05:00.0956 2312 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll
20:05:01.0003 2312 swprv - ok
20:05:01.0081 2312 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll
20:05:01.0174 2312 SysMain - ok
20:05:01.0221 2312 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:05:01.0268 2312 TabletInputService - ok
20:05:01.0330 2312 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:05:01.0408 2312 TapiSrv - ok
20:05:01.0440 2312 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll
20:05:01.0486 2312 TBS - ok
20:05:01.0580 2312 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:05:01.0674 2312 Tcpip - ok
20:05:01.0736 2312 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:05:01.0752 2312 TCPIP6 - ok
20:05:01.0798 2312 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:05:01.0814 2312 tcpipreg - ok
20:05:01.0845 2312 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:05:01.0845 2312 TDPIPE - ok
20:05:01.0892 2312 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:05:01.0908 2312 TDTCP - ok
20:05:01.0954 2312 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:05:01.0970 2312 tdx - ok
20:05:01.0986 2312 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:05:01.0986 2312 TermDD - ok
20:05:02.0017 2312 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll
20:05:02.0079 2312 TermService - ok
20:05:02.0110 2312 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll
20:05:02.0157 2312 Themes - ok
20:05:02.0173 2312 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll
20:05:02.0204 2312 THREADORDER - ok
20:05:02.0282 2312 [ 963c903e5176c5cdcae321d48635b21f ] TMBMServer C:\Program Files\Trend Micro\BM\TMBMSRV.exe
20:05:02.0313 2312 TMBMServer - ok
20:05:02.0360 2312 [ 803ee35df92815ea5d41cee7410c8cc1 ] tmpreflt C:\Windows\system32\DRIVERS\tmpreflt.sys
20:05:02.0360 2312 tmpreflt - ok
20:05:02.0407 2312 [ 3ae913b4fbf06ee49831ff9db2330830 ] TmProxy C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
20:05:02.0469 2312 TmProxy - ok
20:05:02.0500 2312 [ 21cc12b7f8b44e91d03ead5b17aaf0b2 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
20:05:02.0516 2312 tmtdi - ok
20:05:02.0578 2312 [ 9bd32132a3470cefb3cbea5fa492bd6f ] tmxpflt C:\Windows\system32\DRIVERS\tmxpflt.sys
20:05:02.0578 2312 tmxpflt - ok
20:05:02.0688 2312 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll
20:05:02.0719 2312 TrkWks - ok
20:05:02.0766 2312 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:05:02.0812 2312 TrustedInstaller - ok
20:05:02.0844 2312 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:05:02.0844 2312 tssecsrv - ok
20:05:02.0875 2312 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:05:02.0875 2312 TsUsbFlt - ok
20:05:02.0937 2312 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:05:02.0937 2312 tunnel - ok
20:05:02.0968 2312 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:05:02.0984 2312 uagp35 - ok
20:05:03.0015 2312 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:05:03.0031 2312 udfs - ok
20:05:03.0062 2312 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:05:03.0109 2312 UI0Detect - ok
20:05:03.0140 2312 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:05:03.0140 2312 uliagpkx - ok
20:05:03.0187 2312 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:05:03.0187 2312 umbus - ok
20:05:03.0234 2312 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:05:03.0234 2312 UmPass - ok
20:05:03.0374 2312 [ 41118d920b2b268c0adc36421248cdcf ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:05:03.0499 2312 UNS - ok
20:05:03.0561 2312 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll
20:05:03.0592 2312 upnphost - ok
20:05:03.0624 2312 [ 481dff26b4dca8f4cbac1f7dce1d6829 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:05:03.0624 2312 usbccgp - ok
20:05:03.0655 2312 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:05:03.0670 2312 usbcir - ok
20:05:03.0686 2312 [ 74ee782b1d9c241efe425565854c661c ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:05:03.0686 2312 usbehci - ok
20:05:03.0717 2312 [ dc96bd9ccb8403251bcf25047573558e ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:05:03.0733 2312 usbhub - ok
20:05:03.0748 2312 [ 58e546bbaf87664fc57e0f6081e4f609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:05:03.0764 2312 usbohci - ok
20:05:03.0795 2312 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:05:03.0811 2312 usbprint - ok
20:05:03.0842 2312 [ aaa2513c8aed8b54b189fd0c6b1634c0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:05:03.0842 2312 usbscan - ok
20:05:03.0873 2312 [ d76510cfa0fc09023077f22c2f979d86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:05:03.0889 2312 USBSTOR - ok
20:05:03.0904 2312 [ 81fb2216d3a60d1284455d511797db3d ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:05:03.0904 2312 usbuhci - ok
20:05:03.0951 2312 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:05:03.0951 2312 usbvideo - ok
20:05:03.0982 2312 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll
20:05:04.0014 2312 UxSms - ok
20:05:04.0045 2312 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe
20:05:04.0060 2312 VaultSvc - ok
20:05:04.0092 2312 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:05:04.0092 2312 vdrvroot - ok
20:05:04.0154 2312 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe
20:05:04.0201 2312 vds - ok
20:05:04.0232 2312 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:05:04.0232 2312 vga - ok
20:05:04.0279 2312 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys
20:05:04.0279 2312 VgaSave - ok
20:05:04.0310 2312 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:05:04.0310 2312 vhdmp - ok
20:05:04.0357 2312 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:05:04.0357 2312 viaide - ok
20:05:04.0419 2312 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:05:04.0419 2312 volmgr - ok
20:05:04.0466 2312 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:05:04.0482 2312 volmgrx - ok
20:05:04.0513 2312 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:05:04.0513 2312 volsnap - ok
20:05:04.0606 2312 [ b01ce1f5a44126892240d179a6dbd43f ] vsapint C:\Windows\system32\DRIVERS\vsapint.sys
20:05:04.0622 2312 vsapint - ok
20:05:04.0747 2312 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:05:04.0778 2312 vsmraid - ok
20:05:04.0856 2312 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe
20:05:04.0950 2312 VSS - ok
20:05:04.0981 2312 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:05:04.0981 2312 vwifibus - ok
20:05:04.0996 2312 [ 6a3d66263414ff0d6fa754c646612f3f ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:05:05.0012 2312 vwififlt - ok
20:05:05.0043 2312 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:05:05.0043 2312 vwifimp - ok
20:05:05.0090 2312 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll
20:05:05.0137 2312 W32Time - ok
20:05:05.0168 2312 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:05:05.0168 2312 WacomPen - ok
20:05:05.0215 2312 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:05:05.0215 2312 WANARP - ok
20:05:05.0230 2312 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:05:05.0246 2312 Wanarpv6 - ok
20:05:05.0308 2312 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:05:05.0355 2312 WatAdminSvc - ok
20:05:05.0449 2312 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe
20:05:05.0558 2312 wbengine - ok
20:05:05.0636 2312 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:05:05.0683 2312 WbioSrvc - ok
20:05:05.0730 2312 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:05:05.0761 2312 wcncsvc - ok
20:05:05.0776 2312 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:05:05.0839 2312 WcsPlugInService - ok
20:05:05.0870 2312 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:05:05.0870 2312 Wd - ok
20:05:05.0917 2312 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:05:05.0948 2312 Wdf01000 - ok
20:05:05.0964 2312 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:05:06.0010 2312 WdiServiceHost - ok
20:05:06.0010 2312 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:05:06.0042 2312 WdiSystemHost - ok
20:05:06.0088 2312 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:05:06.0135 2312 WebClient - ok
20:05:06.0166 2312 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:05:06.0213 2312 Wecsvc - ok
20:05:06.0229 2312 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:05:06.0260 2312 wercplsupport - ok
20:05:06.0276 2312 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:05:06.0322 2312 WerSvc - ok
20:05:06.0369 2312 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:05:06.0369 2312 WfpLwf - ok
20:05:06.0432 2312 [ 52ded146e4797e6ccf94799e8e22bb2a ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:05:06.0432 2312 WimFltr - ok
20:05:06.0447 2312 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:05:06.0463 2312 WIMMount - ok
20:05:06.0478 2312 WinDefend - ok
20:05:06.0494 2312 WinHttpAutoProxySvc - ok
20:05:06.0556 2312 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:05:06.0712 2312 Winmgmt - ok
20:05:06.0806 2312 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll
20:05:06.0931 2312 WinRM - ok
20:05:07.0009 2312 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:05:07.0009 2312 WinUsb - ok
20:05:07.0056 2312 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll
20:05:07.0102 2312 Wlansvc - ok
20:05:07.0149 2312 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:05:07.0149 2312 WmiAcpi - ok
20:05:07.0196 2312 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:05:07.0212 2312 wmiApSrv - ok
20:05:07.0243 2312 WMPNetworkSvc - ok
20:05:07.0274 2312 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:05:07.0336 2312 WPCSvc - ok
20:05:07.0368 2312 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:05:07.0446 2312 WPDBusEnum - ok
20:05:07.0461 2312 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:05:07.0477 2312 ws2ifsl - ok
20:05:07.0492 2312 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\System32\wscsvc.dll
20:05:07.0555 2312 wscsvc - ok
20:05:07.0570 2312 WSearch - ok
20:05:07.0695 2312 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:05:07.0820 2312 wuauserv - ok
20:05:07.0836 2312 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:05:07.0836 2312 WudfPf - ok
20:05:07.0882 2312 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:07.0898 2312 WUDFRd - ok
20:05:07.0945 2312 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:05:07.0976 2312 wudfsvc - ok
20:05:08.0038 2312 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll
20:05:08.0085 2312 WwanSvc - ok
20:05:08.0132 2312 ================ Scan global ===============================
20:05:08.0148 2312 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll
20:05:08.0179 2312 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
20:05:08.0226 2312 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll
20:05:08.0288 2312 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll
20:05:08.0335 2312 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe
20:05:08.0366 2312 [Global] - ok
20:05:08.0366 2312 ================ Scan MBR ==================================
20:05:08.0382 2312 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:05:08.0959 2312 \Device\Harddisk0\DR0 - ok
20:05:08.0974 2312 MBR (0x1B8) (c2036a5bc03d2dbce01110525548670a) \Device\Harddisk1\DR1
20:05:14.0185 2312 \Device\Harddisk1\DR1 - ok
20:05:14.0185 2312 ================ Scan VBR ==================================
20:05:14.0232 2312 Boot (0x1200) (1df07ebb3b9390a4f03c99cd521bf564) \Device\Harddisk0\DR0\Partition1
20:05:14.0232 2312 \Device\Harddisk0\DR0\Partition1 - ok
20:05:14.0247 2312 Boot (0x1200) (3be637fe79d0a2502b07920a3ad09147) \Device\Harddisk0\DR0\Partition2
20:05:14.0263 2312 \Device\Harddisk0\DR0\Partition2 - ok
20:05:14.0263 2312 ============================================================
20:05:14.0263 2312 Scan finished
20:05:14.0263 2312 ============================================================
20:05:14.0278 5732 Detected object count: 0
20:05:14.0278 5732 Actual detected object count: 0


aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2011-07-28 20:07:08
-----------------------------
20:07:08.073 OS Version: Windows x64 6.1.7601 Service Pack 1
20:07:08.073 Number of processors: 4 586 0x2502
20:07:08.073 ComputerName: ASUS-PC UserName: Asus
20:07:11.240 Initialize success
20:14:18.381 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:14:18.396 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 3
20:14:18.412 Disk 0 MBR read successfully
20:14:18.412 Disk 0 MBR scan
20:14:18.427 Disk 0 Windows VISTA default MBR code
20:14:18.427 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 13000 MB offset 2048
20:14:18.443 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119235 MB offset 26626048
20:14:18.443 Disk 0 Partition - 00 0F Extended LBA 344703 MB offset 270819328
20:14:18.490 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 344702 MB offset 270821376
20:14:18.521 Disk 0 scanning C:\Windows\system32\drivers
20:14:28.193 Service scanning
20:14:48.286 Modules scanning
20:14:48.286 Disk 0 trace - called modules:
20:14:48.348 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
20:14:48.348 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c65060]
20:14:48.348 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa80049bb7e0]
20:14:48.348 5 ACPI.sys[fffff88000f827a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049be050]
20:14:48.348 Scan finished successfully
20:15:34.696 Disk 0 MBR has been saved successfully to "C:\Users\Asus\Desktop\Problems\MBR.dat"
20:15:34.696 The log file has been saved successfully to "C:\Users\Asus\Desktop\Problems\aswMBR.txt"


ESET online scanner

C:\$Recycle.Bin\S-1-5-21-2282133819-1002819351-4178962584-1001\$RAWZTDH.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1e1bd3df-1a15fc95 multiple threats deleted - quarantined
C:\Users\Asus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\1d0f2fae-1c078dde Java/Exploit.CVE-2011-3544.F trojan deleted - quarantined
C:\Users\Asus\Documents\Downloads\cnet_Pazera_Free_MP4_to_AVI_Converter_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined



Rogue killer

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Asus [Admin rights]
Mode: HOSTSFix -- Date: 07/28/2011 20:38:22

Bad processes: 0

Driver: [NOT LOADED]

HOSTS File:
127.0.0.1 localhost


Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt



adware cleaner

# AdwCleaner v1.801 - Logfile created 07/29/2011 at 02:46:04
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Asus - ASUS-PC
# Boot Mode : Normal
# Running from : C:\Users\Asus\Desktop\Problems\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Zugo

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\te61amsp.default\prefs.js

C:\Users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\te61amsp.default\user.js ... Deleted !

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [296 octets] - [28/07/2011 20:28:21]
AdwCleaner[R1].txt - [990 octets] - [29/07/2011 02:41:19]
AdwCleaner[S2].txt - [983 octets] - [29/07/2011 02:46:04]

########## EOF - C:\AdwCleaner[S2].txt - [1110 octets] ##########



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:02 AM

Posted 15 August 2012 - 03:58 AM

Thanks for the reply! I used the "Fix It" link. Unfortunately, I'm still getting those silly ads (the ad right now says "Find Orange Content Forum Stats Language"). Here is what the hosts fill looks like right now:


Do you still have this pop up? Which browser?

#7 Gus B.

Gus B.
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:02 AM

Posted 15 August 2012 - 11:59 AM

Do you still have this pop up? Which browser?

Something up there seems to have solved the problem. Thanks so much, Naren!! I really appreciate your help. It's people like you who really help make computers usable. :thumbsup:

Gus

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:02 AM

Posted 15 August 2012 - 07:37 PM

Thankyou for your feedback :thumbsup:

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

Edited by narenxp, 15 August 2012 - 07:37 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users