Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Uh-oh, I tried Combofix unsupervised


  • This topic is locked This topic is locked
45 replies to this topic

#16 thisisu

thisisu

    U


  • Malware Response Team
  • 2,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:04 PM

Posted 18 October 2012 - 02:47 PM

You're infected with ZeroAccess / Sirefef.
Here is some recommending reading material incase you are interested: http://www.sophos.com/en-us/medialibrary/PDFs/technical%20papers/Sophos_ZeroAccess_Botnet.pdf

__

Here is how I'd like you to proceed. You can do these steps in Safe Mode as well.

Posted Image Please download RogueKiller to your desktop.
  • Now rename RogueKiller.exe to winlogon.exe
  • Double-click winlogon.exe to run. Right-click winlogon.exe and select "Run as administrator"
  • When it opens, press the Scan button
  • When the scan is finished, press the Delete button.
  • If the Delete process requires a reboot, do it, but allow it to reboot into Normal Mode.
  • If the computer was rebooted, rescan with RogueKiller and post the contents of the latest numbered RKReport in your next message.


BC AdBot (Login to Remove)

 


#17 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 20 October 2012 - 05:06 AM

RogueKiller V8.1.1 [10/01/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : dan [Admin rights]
Mode : Scan -- Date : 10/20/2012 06:04:57

Bad processes : 0

Registry Entries : 1
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (192.168.0.1:80) -> FOUND

Particular Files / Folders:

Driver : [LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


MBR Check:

+++++ PhysicalDrive0: TOSHIBA MK8037GSX ATA Device +++++
--- User ---
[MBR] ad1e7cb54916c3954e5663df400326c7
[BSP] 046f1053e8fae3ab60a9bfd89a3e21d9 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 74818 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: HP Photosmart D7300 USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

#18 thisisu

thisisu

    U


  • Malware Response Team
  • 2,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:04 PM

Posted 20 October 2012 - 10:58 AM

Posted Image From Programs and Features (via Control Panel), please uninstall the below:
  • Ask Toolbar
  • Java™ SE Runtime Environment 6

__

Posted Image Please download and run TDSSKiller
  • VERY IMPORTANT: In the event that threats are detected, allow TDSSKiller to perform the default action by simply pressing the Continue button.
  • Do NOT change the default action on your own unless instructed by a malware helper! Doing so may render your computer unbootable.
  • If threats were detected, TDSSKiller will require a reboot in order to attempt to clean the system.
  • After the scan is complete, you can find the TDSSKiller log at the root of your C: drive.
    • Example: C:\TDSSKiller.2.8.10.0_29.09.2012_00.22.50_log.txt
  • Post the contents of this log in your next message.

__

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

__

Posted Image Fix items using OTL by OldTimer

Double-click OTL.exe to run the program.
Shutdown your antivirus to avoid any conflicts.
Copy the text in the code box below and paste it into the Posted Image text-field.
:otl
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - File not found [Auto | Stopped] -- C:\32788R22FWJFW\pev.3XE EXEC /i CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:15 C:\32788R22FWJFW\KNetSvcs.vbs -- (PEVSystemStart)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{5774D5C3-9164-44E1-8AC3-FD61A5B66963}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=CE80A390-6721-4C63-8073-3C80215AC907&apn_sauid=B23E1CBA-63B9-4C61-9E92-318887BA1352
IE - HKU\S-1-5-21-3610413377-4144677444-2941747277-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=IQyVYSNBS_aY67f5a4YqmgHU1zE?q={searchTerms}
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab (PCPitstop Utility)
[2012/10/17 14:08:42 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin\S-1-5-18\$522957ca8c2ee38b796ebb70ae92ed99\U
[2006/11/02 08:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
:commands
[resethosts]
[emptytemp]
Now click the Posted Image button.
Follow the prompts.
When OTL is finished, Notepad will open with a log report.
Post the contents of this report into your next message.

#19 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 21 October 2012 - 07:03 AM

07:56:57.0006 1632 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
07:56:57.0386 1632 ============================================================
07:56:57.0387 1632 Current date / time: 2012/10/21 07:56:57.0386
07:56:57.0387 1632 SystemInfo:
07:56:57.0387 1632
07:56:57.0387 1632 OS Version: 6.0.6002 ServicePack: 2.0
07:56:57.0387 1632 Product type: Workstation
07:56:57.0387 1632 ComputerName: DAN-PC
07:56:57.0387 1632 UserName: dan
07:56:57.0387 1632 Windows directory: C:\Windows
07:56:57.0387 1632 System windows directory: C:\Windows
07:56:57.0387 1632 Processor architecture: Intel x86
07:56:57.0387 1632 Number of processors: 1
07:56:57.0387 1632 Page size: 0x1000
07:56:57.0387 1632 Boot type: Normal boot
07:56:57.0387 1632 ============================================================
07:57:01.0959 1632 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:57:01.0964 1632 ============================================================
07:57:01.0965 1632 \Device\Harddisk0\DR0:
07:57:01.0965 1632 MBR partitions:
07:57:01.0965 1632 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x9221000
07:57:01.0965 1632 ============================================================
07:57:02.0044 1632 C: <-> \Device\Harddisk0\DR0\Partition1
07:57:02.0044 1632 ============================================================
07:57:02.0044 1632 Initialize success
07:57:02.0044 1632 ============================================================
07:57:22.0771 3800 ============================================================
07:57:22.0771 3800 Scan started
07:57:22.0771 3800 Mode: Manual;
07:57:22.0771 3800 ============================================================
07:57:29.0620 3800 ================ Scan system memory ========================
07:57:29.0620 3800 System memory - ok
07:57:29.0621 3800 ================ Scan services =============================
07:57:30.0986 3800 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
07:57:31.0004 3800 ACPI - ok
07:57:31.0168 3800 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:57:31.0300 3800 adp94xx - ok
07:57:31.0405 3800 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:57:31.0449 3800 adpahci - ok
07:57:31.0512 3800 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
07:57:31.0586 3800 adpu160m - ok
07:57:31.0672 3800 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:57:31.0729 3800 adpu320 - ok
07:57:31.0817 3800 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:57:31.0818 3800 AeLookupSvc - ok
07:57:31.0992 3800 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
07:57:31.0999 3800 AFD - ok
07:57:32.0063 3800 [ 1CB677BF1DABD3BAF4F944E2C90D6C73 ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
07:57:32.0075 3800 AgereModemAudio - ok
07:57:32.0244 3800 [ 4E6294A06BE883C9BD685A8DFD9FCD4E ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
07:57:32.0418 3800 AgereSoftModem - ok
07:57:32.0502 3800 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
07:57:32.0739 3800 agp440 - ok
07:57:32.0796 3800 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
07:57:32.0810 3800 aic78xx - ok
07:57:32.0878 3800 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
07:57:32.0900 3800 ALG - ok
07:57:32.0956 3800 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
07:57:32.0981 3800 aliide - ok
07:57:33.0060 3800 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
07:57:33.0091 3800 amdagp - ok
07:57:33.0132 3800 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
07:57:33.0135 3800 amdide - ok
07:57:33.0239 3800 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
07:57:33.0256 3800 AmdK7 - ok
07:57:33.0280 3800 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:57:33.0297 3800 AmdK8 - ok
07:57:33.0398 3800 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
07:57:33.0415 3800 Appinfo - ok
07:57:34.0005 3800 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:57:34.0055 3800 Apple Mobile Device - ok
07:57:34.0144 3800 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
07:57:34.0163 3800 arc - ok
07:57:34.0200 3800 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:57:34.0217 3800 arcsas - ok
07:57:34.0288 3800 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:57:34.0355 3800 AsyncMac - ok
07:57:34.0412 3800 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
07:57:34.0412 3800 atapi - ok
07:57:34.0722 3800 [ 8BE56F8300E1C37B578DA23C71816B7A ] athr C:\Windows\system32\DRIVERS\athr.sys
07:57:34.0845 3800 athr - ok
07:57:35.0175 3800 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:57:35.0183 3800 AudioEndpointBuilder - ok
07:57:35.0196 3800 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
07:57:35.0199 3800 Audiosrv - ok
07:57:35.0409 3800 [ C82F03AD43E253E7004D9C77DB014D8C ] AX88772 C:\Windows\system32\DRIVERS\ax88772.sys
07:57:35.0548 3800 AX88772 - ok
07:57:35.0830 3800 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
07:57:35.0881 3800 Beep - ok
07:57:36.0035 3800 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
07:57:36.0135 3800 BFE - ok
07:57:36.0368 3800 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
07:57:36.0581 3800 BITS - ok
07:57:36.0589 3800 blbdrive - ok
07:57:36.0824 3800 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:57:36.0850 3800 Bonjour Service - ok
07:57:36.0931 3800 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:57:36.0934 3800 bowser - ok
07:57:37.0019 3800 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
07:57:37.0035 3800 BrFiltLo - ok
07:57:37.0079 3800 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
07:57:37.0102 3800 BrFiltUp - ok
07:57:37.0208 3800 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
07:57:37.0241 3800 Browser - ok
07:57:37.0303 3800 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
07:57:37.0365 3800 Brserid - ok
07:57:37.0473 3800 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
07:57:37.0552 3800 BrSerWdm - ok
07:57:37.0582 3800 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
07:57:37.0616 3800 BrUsbMdm - ok
07:57:37.0798 3800 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
07:57:37.0864 3800 BrUsbSer - ok
07:57:37.0965 3800 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:57:37.0984 3800 BTHMODEM - ok
07:57:38.0087 3800 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:57:38.0111 3800 cdfs - ok
07:57:38.0177 3800 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:57:38.0207 3800 cdrom - ok
07:57:38.0302 3800 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
07:57:38.0321 3800 CertPropSvc - ok
07:57:38.0451 3800 [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
07:57:38.0466 3800 CFSvcs - ok
07:57:38.0584 3800 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
07:57:38.0605 3800 circlass - ok
07:57:38.0692 3800 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
07:57:38.0725 3800 CLFS - ok
07:57:39.0152 3800 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:57:39.0156 3800 clr_optimization_v2.0.50727_32 - ok
07:57:39.0301 3800 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:57:39.0331 3800 clr_optimization_v4.0.30319_32 - ok
07:57:39.0399 3800 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
07:57:39.0401 3800 CmBatt - ok
07:57:39.0428 3800 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:57:39.0430 3800 cmdide - ok
07:57:39.0483 3800 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
07:57:39.0485 3800 Compbatt - ok
07:57:39.0509 3800 COMSysApp - ok
07:57:39.0556 3800 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:57:39.0557 3800 crcdisk - ok
07:57:39.0579 3800 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
07:57:39.0581 3800 Crusoe - ok
07:57:39.0679 3800 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:57:39.0683 3800 CryptSvc - ok
07:57:39.0767 3800 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:57:39.0826 3800 DcomLaunch - ok
07:57:39.0893 3800 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:57:39.0921 3800 DfsC - ok
07:57:40.0448 3800 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
07:57:40.0926 3800 DFSR - ok
07:57:41.0053 3800 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
07:57:41.0087 3800 Dhcp - ok
07:57:41.0194 3800 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
07:57:41.0217 3800 disk - ok
07:57:41.0279 3800 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:57:41.0297 3800 Dnscache - ok
07:57:41.0376 3800 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
07:57:41.0392 3800 dot3svc - ok
07:57:41.0476 3800 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
07:57:41.0551 3800 Dot4 - ok
07:57:41.0613 3800 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
07:57:41.0629 3800 Dot4Print - ok
07:57:41.0685 3800 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
07:57:41.0707 3800 dot4usb - ok
07:57:41.0822 3800 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
07:57:41.0846 3800 DPS - ok
07:57:41.0915 3800 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:57:41.0930 3800 drmkaud - ok
07:57:42.0020 3800 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:57:42.0275 3800 DXGKrnl - ok
07:57:42.0369 3800 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
07:57:42.0392 3800 E1G60 - ok
07:57:42.0444 3800 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
07:57:42.0447 3800 EapHost - ok
07:57:42.0687 3800 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
07:57:42.0774 3800 Ecache - ok
07:57:42.0923 3800 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:57:43.0104 3800 elxstor - ok
07:57:43.0205 3800 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
07:57:43.0428 3800 EMDMgmt - ok
07:57:43.0709 3800 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
07:57:43.0717 3800 EventSystem - ok
07:57:43.0792 3800 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
07:57:43.0806 3800 exfat - ok
07:57:43.0869 3800 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:57:43.0897 3800 fastfat - ok
07:57:43.0969 3800 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
07:57:43.0994 3800 fdc - ok
07:57:44.0053 3800 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
07:57:44.0071 3800 fdPHost - ok
07:57:44.0126 3800 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
07:57:44.0128 3800 FDResPub - ok
07:57:44.0213 3800 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:57:44.0215 3800 FileInfo - ok
07:57:44.0289 3800 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:57:44.0304 3800 Filetrace - ok
07:57:44.0373 3800 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
07:57:44.0423 3800 flpydisk - ok
07:57:44.0645 3800 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:57:44.0680 3800 FltMgr - ok
07:57:44.0888 3800 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
07:57:45.0037 3800 FontCache - ok
07:57:45.0179 3800 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:57:45.0181 3800 FontCache3.0.0.0 - ok
07:57:45.0234 3800 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:57:45.0251 3800 Fs_Rec - ok
07:57:45.0292 3800 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:57:45.0308 3800 gagp30kx - ok
07:57:45.0365 3800 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:57:45.0384 3800 GEARAspiWDM - ok
07:57:45.0497 3800 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
07:57:45.0531 3800 GoogleDesktopManager-051210-111108 - ok
07:57:45.0666 3800 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
07:57:45.0780 3800 gpsvc - ok
07:57:45.0971 3800 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
07:57:45.0975 3800 gupdate - ok
07:57:45.0984 3800 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
07:57:45.0985 3800 gupdatem - ok
07:57:46.0071 3800 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:57:46.0111 3800 gusvc - ok
07:57:46.0201 3800 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:57:46.0240 3800 HdAudAddService - ok
07:57:46.0393 3800 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:57:46.0449 3800 HDAudBus - ok
07:57:46.0514 3800 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:57:46.0689 3800 HidBth - ok
07:57:46.0872 3800 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
07:57:46.0909 3800 HidIr - ok
07:57:47.0074 3800 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
07:57:47.0076 3800 hidserv - ok
07:57:47.0140 3800 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:57:47.0141 3800 HidUsb - ok
07:57:47.0190 3800 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:57:47.0238 3800 hkmsvc - ok
07:57:47.0296 3800 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
07:57:47.0387 3800 HpCISSs - ok
07:57:48.0690 3800 [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
07:57:48.0696 3800 hpqcxs08 - ok
07:57:48.0854 3800 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
07:57:48.0893 3800 hpqddsvc - ok
07:57:48.0995 3800 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:57:49.0099 3800 HTTP - ok
07:57:49.0159 3800 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
07:57:49.0161 3800 i2omp - ok
07:57:49.0336 3800 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
07:57:49.0399 3800 i8042prt - ok
07:57:49.0783 3800 [ 9378D57E2B96C0A185D844770AD49948 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
07:57:50.0446 3800 ialm - ok
07:57:50.0562 3800 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
07:57:50.0583 3800 iaStorV - ok
07:57:50.0629 3800 IDriverT - ok
07:57:50.0846 3800 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:57:50.0982 3800 idsvc - ok
07:57:51.0693 3800 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
07:57:51.0714 3800 igfx - ok
07:57:51.0734 3800 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:57:51.0814 3800 iirsp - ok
07:57:51.0982 3800 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
07:57:52.0071 3800 IKEEXT - ok
07:57:52.0416 3800 [ A47B2875680AD67B35C6150BD0203056 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
07:57:52.0826 3800 IntcAzAudAddService - ok
07:57:52.0927 3800 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
07:57:52.0963 3800 intelide - ok
07:57:53.0033 3800 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:57:53.0080 3800 intelppm - ok
07:57:53.0261 3800 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
07:57:53.0311 3800 IntuitUpdateService - ok
07:57:53.0479 3800 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
07:57:53.0511 3800 IntuitUpdateServiceV4 - ok
07:57:53.0557 3800 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:57:53.0688 3800 IPBusEnum - ok
07:57:53.0755 3800 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:57:53.0999 3800 IpFilterDriver - ok
07:57:54.0007 3800 IpInIp - ok
07:57:54.0161 3800 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
07:57:54.0205 3800 IPMIDRV - ok
07:57:54.0270 3800 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
07:57:54.0295 3800 IPNAT - ok
07:57:54.0428 3800 [ 49918803B661367023BF325CF602AFDC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:57:54.0578 3800 iPod Service - ok
07:57:54.0618 3800 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:57:54.0644 3800 IRENUM - ok
07:57:54.0679 3800 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:57:54.0698 3800 isapnp - ok
07:57:54.0740 3800 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
07:57:54.0746 3800 iScsiPrt - ok
07:57:54.0765 3800 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
07:57:54.0767 3800 iteatapi - ok
07:57:54.0779 3800 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
07:57:54.0799 3800 iteraid - ok
07:57:54.0851 3800 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:57:54.0853 3800 kbdclass - ok
07:57:54.0905 3800 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:57:54.0906 3800 kbdhid - ok
07:57:54.0954 3800 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
07:57:54.0956 3800 KeyIso - ok
07:57:55.0002 3800 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
07:57:55.0129 3800 KR10I - ok
07:57:55.0156 3800 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
07:57:55.0168 3800 KR10N - ok
07:57:55.0261 3800 [ 485E005CD51FF502FB16483EB4B69C17 ] KR3NPXP C:\Windows\system32\drivers\kr3npxp.sys
07:57:55.0527 3800 KR3NPXP - ok
07:57:55.0594 3800 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:57:55.0719 3800 KSecDD - ok
07:57:55.0877 3800 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
07:57:55.0912 3800 KtmRm - ok
07:57:55.0986 3800 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
07:57:56.0009 3800 LanmanServer - ok
07:57:56.0101 3800 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:57:56.0128 3800 LanmanWorkstation - ok
07:57:56.0178 3800 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:57:56.0180 3800 lltdio - ok
07:57:56.0228 3800 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:57:56.0235 3800 lltdsvc - ok
07:57:56.0271 3800 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:57:56.0274 3800 lmhosts - ok
07:57:56.0339 3800 [ 515FC18CABEE0158A324B08B1C2667CF ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
07:57:56.0356 3800 LPCFilter - ok
07:57:56.0387 3800 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:57:56.0400 3800 LSI_FC - ok
07:57:56.0421 3800 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:57:56.0426 3800 LSI_SAS - ok
07:57:56.0446 3800 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:57:56.0449 3800 LSI_SCSI - ok
07:57:56.0501 3800 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
07:57:56.0550 3800 luafv - ok
07:57:56.0654 3800 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
07:57:56.0671 3800 MBAMProtector - ok
07:57:56.0863 3800 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
07:57:56.0911 3800 MBAMScheduler - ok
07:57:57.0138 3800 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
07:57:57.0219 3800 MBAMService - ok
07:57:57.0472 3800 [ 2ED44415685945D691F5089CC33DD237 ] McAfee SiteAdvisor Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
07:57:57.0520 3800 McAfee SiteAdvisor Service - ok
07:57:57.0630 3800 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
07:57:57.0680 3800 megasas - ok
07:57:58.0044 3800 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
07:57:58.0086 3800 Microsoft Office Groove Audit Service - ok
07:57:58.0155 3800 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
07:57:58.0158 3800 MMCSS - ok
07:57:58.0202 3800 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
07:57:58.0222 3800 Modem - ok
07:57:58.0272 3800 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:57:58.0274 3800 monitor - ok
07:57:58.0299 3800 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:57:58.0324 3800 mouclass - ok
07:57:58.0355 3800 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:57:58.0376 3800 mouhid - ok
07:57:58.0440 3800 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
07:57:58.0457 3800 MountMgr - ok
07:57:58.0785 3800 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
07:57:58.0865 3800 MpFilter - ok
07:57:58.0970 3800 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
07:57:59.0019 3800 mpio - ok
07:57:59.0154 3800 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:57:59.0187 3800 mpsdrv - ok
07:57:59.0210 3800 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
07:57:59.0229 3800 Mraid35x - ok
07:57:59.0285 3800 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:57:59.0321 3800 MRxDAV - ok
07:57:59.0376 3800 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:57:59.0404 3800 mrxsmb - ok
07:57:59.0491 3800 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:57:59.0525 3800 mrxsmb10 - ok
07:57:59.0597 3800 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:57:59.0635 3800 mrxsmb20 - ok
07:57:59.0703 3800 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
07:57:59.0705 3800 msahci - ok
07:57:59.0729 3800 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:57:59.0744 3800 msdsm - ok
07:57:59.0785 3800 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
07:57:59.0819 3800 MSDTC - ok
07:57:59.0875 3800 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:57:59.0893 3800 Msfs - ok
07:58:00.0012 3800 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:58:00.0040 3800 msisadrv - ok
07:58:00.0099 3800 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:58:00.0116 3800 MSiSCSI - ok
07:58:00.0124 3800 msiserver - ok
07:58:00.0164 3800 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:58:00.0204 3800 MSKSSRV - ok
07:58:00.0373 3800 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:58:00.0374 3800 MsMpSvc - ok
07:58:00.0445 3800 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:58:00.0458 3800 MSPCLOCK - ok
07:58:00.0492 3800 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:58:00.0515 3800 MSPQM - ok
07:58:00.0602 3800 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:58:00.0637 3800 MsRPC - ok
07:58:00.0676 3800 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
07:58:00.0692 3800 mssmbios - ok
07:58:00.0745 3800 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:58:00.0765 3800 MSTEE - ok
07:58:00.0797 3800 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
07:58:00.0813 3800 Mup - ok
07:58:00.0921 3800 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
07:58:00.0965 3800 napagent - ok
07:58:01.0022 3800 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:58:01.0075 3800 NativeWifiP - ok
07:58:01.0145 3800 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
07:58:01.0170 3800 NDIS - ok
07:58:01.0236 3800 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:58:01.0238 3800 NdisTapi - ok
07:58:01.0338 3800 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:58:01.0352 3800 Ndisuio - ok
07:58:01.0410 3800 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:58:01.0439 3800 NdisWan - ok
07:58:01.0495 3800 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:58:01.0517 3800 NDProxy - ok
07:58:01.0667 3800 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
07:58:01.0682 3800 Net Driver HPZ12 - ok
07:58:01.0746 3800 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:58:01.0762 3800 NetBIOS - ok
07:58:01.0836 3800 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
07:58:01.0855 3800 netbt - ok
07:58:01.0887 3800 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
07:58:01.0889 3800 Netlogon - ok
07:58:02.0040 3800 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
07:58:02.0091 3800 Netman - ok
07:58:02.0147 3800 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
07:58:02.0222 3800 netprofm - ok
07:58:02.0286 3800 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:58:02.0317 3800 NetTcpPortSharing - ok
07:58:02.0648 3800 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
07:58:03.0139 3800 NETw3v32 - ok
07:58:03.0198 3800 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:58:03.0200 3800 nfrd960 - ok
07:58:03.0255 3800 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:58:03.0273 3800 NisDrv - ok
07:58:03.0340 3800 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
07:58:03.0401 3800 NisSrv - ok
07:58:03.0447 3800 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:58:03.0481 3800 NlaSvc - ok
07:58:03.0551 3800 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:58:03.0574 3800 Npfs - ok
07:58:03.0630 3800 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
07:58:03.0651 3800 nsi - ok
07:58:03.0729 3800 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:58:03.0747 3800 nsiproxy - ok
07:58:03.0982 3800 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:58:04.0283 3800 Ntfs - ok
07:58:04.0368 3800 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
07:58:04.0371 3800 ntrigdigi - ok
07:58:04.0432 3800 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
07:58:04.0467 3800 NuidFltr - ok
07:58:04.0507 3800 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
07:58:04.0509 3800 Null - ok
07:58:04.0535 3800 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:58:04.0549 3800 nvraid - ok
07:58:04.0576 3800 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:58:04.0623 3800 nvstor - ok
07:58:04.0686 3800 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:58:04.0690 3800 nv_agp - ok
07:58:04.0698 3800 NwlnkFlt - ok
07:58:04.0711 3800 NwlnkFwd - ok
07:58:04.0860 3800 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:58:04.0892 3800 odserv - ok
07:58:04.0959 3800 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
07:58:04.0962 3800 ohci1394 - ok
07:58:05.0024 3800 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:58:05.0053 3800 ose - ok
07:58:05.0166 3800 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
07:58:05.0195 3800 p2pimsvc - ok
07:58:05.0216 3800 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
07:58:05.0224 3800 p2psvc - ok
07:58:05.0254 3800 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
07:58:05.0257 3800 Parport - ok
07:58:05.0302 3800 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:58:05.0305 3800 partmgr - ok
07:58:05.0329 3800 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
07:58:05.0331 3800 Parvdm - ok
07:58:05.0389 3800 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
07:58:05.0392 3800 PcaSvc - ok
07:58:05.0483 3800 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
07:58:05.0519 3800 pci - ok
07:58:05.0546 3800 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
07:58:05.0581 3800 pciide - ok
07:58:05.0804 3800 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
07:58:05.0822 3800 pcmcia - ok
07:58:06.0007 3800 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:58:06.0168 3800 PEAUTH - ok
07:58:06.0196 3800 PEVSystemStart - ok
07:58:06.0288 3800 [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1 ] pinger C:\TOSHIBA\IVP\ISM\pinger.exe
07:58:06.0628 3800 pinger - ok
07:58:07.0081 3800 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
07:58:07.0550 3800 pla - ok
07:58:07.0623 3800 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:58:07.0711 3800 PlugPlay - ok
07:58:07.0780 3800 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
07:58:07.0784 3800 Pml Driver HPZ12 - ok
07:58:07.0823 3800 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
07:58:07.0831 3800 PNRPAutoReg - ok
07:58:07.0851 3800 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
07:58:07.0860 3800 PNRPsvc - ok
07:58:07.0912 3800 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:58:07.0923 3800 PolicyAgent - ok
07:58:07.0996 3800 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:58:07.0999 3800 PptpMiniport - ok
07:58:08.0065 3800 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
07:58:08.0107 3800 Processor - ok
07:58:08.0164 3800 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
07:58:08.0186 3800 ProfSvc - ok
07:58:08.0209 3800 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
07:58:08.0211 3800 ProtectedStorage - ok
07:58:08.0249 3800 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
07:58:08.0269 3800 PSched - ok
07:58:08.0333 3800 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
07:58:08.0336 3800 PxHelp20 - ok
07:58:08.0523 3800 [ B1AD87B4C97B6B59FCD075001E76865F ] QCDonner C:\Windows\system32\DRIVERS\LVCD.sys
07:58:08.0600 3800 QCDonner - ok
07:58:08.0753 3800 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:58:08.0830 3800 ql2300 - ok
07:58:08.0903 3800 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:58:08.0933 3800 ql40xx - ok
07:58:09.0010 3800 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
07:58:09.0043 3800 QWAVE - ok
07:58:09.0080 3800 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:58:09.0107 3800 QWAVEdrv - ok
07:58:09.0150 3800 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:58:09.0153 3800 RasAcd - ok
07:58:09.0201 3800 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
07:58:09.0235 3800 RasAuto - ok
07:58:09.0298 3800 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:58:09.0329 3800 Rasl2tp - ok
07:58:09.0404 3800 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
07:58:09.0448 3800 RasMan - ok
07:58:09.0539 3800 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:58:09.0577 3800 RasPppoe - ok
07:58:09.0672 3800 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:58:09.0733 3800 RasSstp - ok
07:58:09.0856 3800 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:58:09.0899 3800 rdbss - ok
07:58:09.0965 3800 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:58:09.0989 3800 RDPCDD - ok
07:58:10.0067 3800 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
07:58:10.0116 3800 rdpdr - ok
07:58:10.0144 3800 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:58:10.0166 3800 RDPENCDD - ok
07:58:10.0271 3800 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:58:10.0290 3800 RDPWD - ok
07:58:10.0369 3800 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:58:10.0404 3800 RemoteAccess - ok
07:58:10.0466 3800 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:58:10.0495 3800 RemoteRegistry - ok
07:58:10.0659 3800 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
07:58:10.0661 3800 RimUsb - ok
07:58:10.0683 3800 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
07:58:10.0704 3800 RimVSerPort - ok
07:58:10.0751 3800 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
07:58:10.0752 3800 ROOTMODEM - ok
07:58:10.0881 3800 RoxLiveShare9 - ok
07:58:10.0967 3800 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
07:58:10.0969 3800 RpcLocator - ok
07:58:11.0176 3800 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
07:58:11.0184 3800 RpcSs - ok
07:58:11.0219 3800 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:58:11.0242 3800 rspndr - ok
07:58:11.0346 3800 [ F875E277A79EF9D6F3AC89ABB557A689 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
07:58:11.0350 3800 RTL8169 - ok
07:58:11.0409 3800 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
07:58:11.0411 3800 SamSs - ok
07:58:11.0488 3800 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:58:11.0523 3800 sbp2port - ok
07:58:11.0596 3800 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:58:11.0637 3800 SCardSvr - ok
07:58:11.0766 3800 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
07:58:11.0803 3800 Schedule - ok
07:58:11.0846 3800 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
07:58:11.0847 3800 SCPolicySvc - ok
07:58:11.0903 3800 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
07:58:11.0906 3800 sdbus - ok
07:58:11.0959 3800 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:58:11.0964 3800 SDRSVC - ok
07:58:11.0998 3800 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:58:12.0000 3800 secdrv - ok
07:58:12.0048 3800 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
07:58:12.0052 3800 seclogon - ok
07:58:12.0075 3800 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
07:58:12.0079 3800 SENS - ok
07:58:12.0152 3800 [ B97E1D0E59A128394F24E9F31E227EF2 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl.sys
07:58:12.0170 3800 Ser2pl - ok
07:58:12.0198 3800 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
07:58:12.0219 3800 Serenum - ok
07:58:12.0248 3800 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
07:58:12.0280 3800 Serial - ok
07:58:12.0339 3800 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:58:12.0370 3800 sermouse - ok
07:58:12.0449 3800 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
07:58:12.0454 3800 SessionEnv - ok
07:58:12.0485 3800 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:58:12.0513 3800 sffdisk - ok
07:58:12.0542 3800 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:58:12.0556 3800 sffp_mmc - ok
07:58:12.0582 3800 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:58:12.0599 3800 sffp_sd - ok
07:58:12.0627 3800 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:58:12.0654 3800 sfloppy - ok
07:58:12.0771 3800 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:58:12.0857 3800 ShellHWDetection - ok
07:58:12.0897 3800 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
07:58:12.0930 3800 sisagp - ok
07:58:12.0956 3800 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
07:58:12.0973 3800 SiSRaid2 - ok
07:58:13.0005 3800 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:58:13.0423 3800 SiSRaid4 - ok
07:58:13.0752 3800 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
07:58:14.0006 3800 slsvc - ok
07:58:14.0081 3800 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
07:58:14.0086 3800 SLUINotify - ok
07:58:14.0126 3800 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:58:14.0155 3800 Smb - ok
07:58:14.0215 3800 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:58:14.0218 3800 SNMPTRAP - ok
07:58:14.0278 3800 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
07:58:14.0299 3800 spldr - ok
07:58:14.0351 3800 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
07:58:14.0356 3800 Spooler - ok
07:58:14.0478 3800 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
07:58:14.0507 3800 srv - ok
07:58:14.0594 3800 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:58:14.0599 3800 srv2 - ok
07:58:14.0623 3800 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:58:14.0647 3800 srvnet - ok
07:58:14.0733 3800 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:58:14.0781 3800 SSDPSRV - ok
07:58:14.0846 3800 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:58:14.0879 3800 SstpSvc - ok
07:58:15.0043 3800 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
07:58:15.0117 3800 stisvc - ok
07:58:15.0223 3800 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
07:58:15.0277 3800 swenum - ok
07:58:15.0427 3800 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
07:58:15.0482 3800 swprv - ok
07:58:15.0574 3800 [ 327786C5D6BCF284FAB14C2B5751F514 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
07:58:16.0294 3800 Swupdtmr - ok
07:58:16.0372 3800 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
07:58:16.0393 3800 Symc8xx - ok
07:58:16.0420 3800 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
07:58:16.0443 3800 Sym_hi - ok
07:58:16.0467 3800 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
07:58:16.0498 3800 Sym_u3 - ok
07:58:16.0573 3800 [ 5EFCEDCF3DAF5C8D9E8B77A34A4EEC99 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
07:58:16.0604 3800 SynTP - ok
07:58:16.0803 3800 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
07:58:16.0893 3800 SysMain - ok
07:58:16.0960 3800 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:58:17.0131 3800 TabletInputService - ok
07:58:17.0264 3800 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
07:58:17.0273 3800 TapiSrv - ok
07:58:17.0315 3800 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
07:58:17.0318 3800 TBS - ok
07:58:17.0559 3800 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:58:17.0616 3800 Tcpip - ok
07:58:17.0918 3800 [ EE7E10BED85C312C1D5D30C435BDDA9F ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
07:58:17.0928 3800 Tcpip6 - ok
07:58:17.0987 3800 [ 2C2D4CFF5E09C73908F9B5AF49A51365 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:58:18.0088 3800 tcpipreg - ok
07:58:18.0133 3800 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
07:58:18.0134 3800 tdcmdpst - ok
07:58:18.0206 3800 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:58:18.0230 3800 TDPIPE - ok
07:58:18.0269 3800 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:58:18.0272 3800 TDTCP - ok
07:58:18.0322 3800 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:58:18.0345 3800 tdx - ok
07:58:18.0403 3800 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
07:58:18.0418 3800 TermDD - ok
07:58:18.0552 3800 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
07:58:18.0637 3800 TermService - ok
07:58:18.0698 3800 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
07:58:18.0704 3800 Themes - ok
07:58:18.0732 3800 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
07:58:18.0735 3800 THREADORDER - ok
07:58:18.0835 3800 [ 28B7F973C36D157A7885B1AE42A4A2A9 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
07:58:18.0946 3800 tifm21 - ok
07:58:19.0016 3800 [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv C:\Windows\system32\TODDSrv.exe
07:58:19.0447 3800 TODDSrv - ok
07:58:19.0697 3800 [ AF41337C08D1C240AF14BA4CAB02BF02 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
07:58:19.0781 3800 TosCoSrv - ok
07:58:19.0948 3800 [ 76148C3159718B701252F87B067904A6 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
07:58:20.0245 3800 TOSHIBA Bluetooth Service - ok
07:58:20.0289 3800 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\Windows\system32\drivers\Tosrfcom.sys
07:58:20.0315 3800 Tosrfcom - ok
07:58:20.0434 3800 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
07:58:20.0469 3800 TrkWks - ok
07:58:20.0568 3800 [ C11362058918CD38C8B8D3E265DA80F5 ] TrueSight C:\Windows\system32\drivers\TrueSight.sys
07:58:20.0659 3800 TrueSight - ok
07:58:20.0857 3800 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:58:20.0875 3800 TrustedInstaller - ok
07:58:20.0965 3800 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:58:21.0010 3800 tssecsrv - ok
07:58:21.0076 3800 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
07:58:21.0097 3800 tunmp - ok
07:58:21.0155 3800 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:58:21.0167 3800 tunnel - ok
07:58:21.0214 3800 [ 792A8B80F8188ABA4B2BE271583F3E46 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
07:58:21.0216 3800 TVALZ - ok
07:58:21.0286 3800 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:58:21.0305 3800 uagp35 - ok
07:58:21.0389 3800 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:58:21.0439 3800 udfs - ok
07:58:21.0498 3800 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:58:21.0502 3800 UI0Detect - ok
07:58:21.0696 3800 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
07:58:21.0772 3800 UleadBurningHelper - ok
07:58:21.0830 3800 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:58:21.0848 3800 uliagpkx - ok
07:58:21.0911 3800 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
07:58:21.0937 3800 uliahci - ok
07:58:21.0966 3800 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
07:58:21.0986 3800 UlSata - ok
07:58:22.0058 3800 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
07:58:22.0085 3800 ulsata2 - ok
07:58:22.0146 3800 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:58:22.0170 3800 umbus - ok
07:58:22.0242 3800 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
07:58:22.0289 3800 upnphost - ok
07:58:22.0363 3800 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
07:58:22.0386 3800 USBAAPL - ok
07:58:22.0433 3800 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:58:22.0436 3800 usbccgp - ok
07:58:22.0488 3800 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:58:22.0520 3800 usbcir - ok
07:58:22.0604 3800 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
07:58:22.0629 3800 usbehci - ok
07:58:22.0706 3800 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:58:22.0712 3800 usbhub - ok
07:58:22.0744 3800 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:58:22.0758 3800 usbohci - ok
07:58:22.0929 3800 [ CBFAD6A88B2C99C8455030EA6CC5CCC4 ] USBPNPA C:\Windows\system32\drivers\CM108.sys
07:58:23.0079 3800 USBPNPA - ok
07:58:23.0119 3800 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:58:23.0121 3800 usbprint - ok
07:58:23.0297 3800 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:58:23.0306 3800 USBSTOR - ok
07:58:23.0409 3800 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
07:58:23.0432 3800 usbuhci - ok
07:58:23.0485 3800 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
07:58:23.0506 3800 UxSms - ok
07:58:23.0582 3800 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
07:58:23.0609 3800 vds - ok
07:58:23.0639 3800 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:58:23.0672 3800 vga - ok
07:58:23.0723 3800 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
07:58:23.0743 3800 VgaSave - ok
07:58:23.0781 3800 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
07:58:23.0803 3800 viaagp - ok
07:58:23.0822 3800 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
07:58:23.0837 3800 ViaC7 - ok
07:58:23.0864 3800 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
07:58:23.0880 3800 viaide - ok
07:58:23.0927 3800 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:58:23.0936 3800 volmgr - ok
07:58:24.0036 3800 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:58:24.0074 3800 volmgrx - ok
07:58:24.0174 3800 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:58:24.0227 3800 volsnap - ok
07:58:24.0289 3800 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:58:24.0302 3800 vsmraid - ok
07:58:24.0610 3800 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
07:58:24.0807 3800 VSS - ok
07:58:24.0926 3800 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
07:58:25.0041 3800 W32Time - ok
07:58:25.0090 3800 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:58:25.0092 3800 WacomPen - ok
07:58:25.0153 3800 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
07:58:25.0180 3800 Wanarp - ok
07:58:25.0187 3800 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:58:25.0188 3800 Wanarpv6 - ok
07:58:25.0341 3800 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:58:25.0525 3800 wcncsvc - ok
07:58:25.0622 3800 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:58:25.0643 3800 WcsPlugInService - ok
07:58:25.0674 3800 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
07:58:25.0694 3800 Wd - ok
07:58:25.0834 3800 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:58:25.0937 3800 Wdf01000 - ok
07:58:26.0008 3800 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:58:26.0038 3800 WdiServiceHost - ok
07:58:26.0097 3800 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:58:26.0101 3800 WdiSystemHost - ok
07:58:26.0207 3800 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
07:58:26.0275 3800 WebClient - ok
07:58:26.0391 3800 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:58:26.0439 3800 Wecsvc - ok
07:58:26.0538 3800 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:58:26.0553 3800 wercplsupport - ok
07:58:26.0589 3800 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
07:58:26.0595 3800 WerSvc - ok
07:58:26.0720 3800 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
07:58:26.0761 3800 WinDefend - ok
07:58:26.0787 3800 WinHttpAutoProxySvc - ok
07:58:26.0975 3800 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:58:27.0005 3800 Winmgmt - ok
07:58:27.0291 3800 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
07:58:27.0423 3800 WinRM - ok
07:58:27.0551 3800 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
07:58:27.0607 3800 Wlansvc - ok
07:58:28.0081 3800 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:58:28.0507 3800 wlidsvc - ok
07:58:28.0553 3800 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:58:28.0555 3800 WmiAcpi - ok
07:58:28.0613 3800 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:58:28.0617 3800 wmiApSrv - ok
07:58:28.0761 3800 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
07:58:28.0817 3800 WMPNetworkSvc - ok
07:58:28.0942 3800 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:58:29.0038 3800 WPCSvc - ok
07:58:29.0085 3800 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:58:29.0143 3800 WPDBusEnum - ok
07:58:29.0265 3800 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
07:58:29.0285 3800 WpdUsb - ok
07:58:29.0621 3800 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:58:29.0638 3800 WPFFontCache_v0400 - ok
07:58:29.0707 3800 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:58:29.0729 3800 ws2ifsl - ok
07:58:29.0777 3800 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
07:58:29.0782 3800 wscsvc - ok
07:58:29.0793 3800 WSearch - ok
07:58:29.0999 3800 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
07:58:30.0073 3800 wuauserv - ok
07:58:30.0119 3800 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:58:30.0122 3800 WUDFRd - ok
07:58:30.0169 3800 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:58:30.0174 3800 wudfsvc - ok
07:58:30.0231 3800 ================ Scan global ===============================
07:58:30.0294 3800 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
07:58:30.0440 3800 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
07:58:30.0515 3800 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
07:58:30.0565 3800 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
07:58:30.0601 3800 [Global] - ok
07:58:30.0602 3800 ================ Scan MBR ==================================
07:58:30.0626 3800 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
07:58:32.0700 3800 \Device\Harddisk0\DR0 - ok
07:58:32.0705 3800 ================ Scan VBR ==================================
07:58:32.0746 3800 [ 74C4101671042F91D1544FA86CFBA0F9 ] \Device\Harddisk0\DR0\Partition1
07:58:32.0842 3800 \Device\Harddisk0\DR0\Partition1 - ok
07:58:32.0846 3800 ============================================================
07:58:32.0846 3800 Scan finished
07:58:32.0846 3800 ============================================================
07:58:32.0879 2976 Detected object count: 0
07:58:32.0880 2976 Actual detected object count: 0
07:59:16.0856 4516 Deinitialize success

#20 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 21 October 2012 - 07:23 AM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.8.8 (10.21.2012)
OS: Windows Vista ™ Home Basic x86
Ran by dan on Sun 10/21/2012 at 8:05:21.37
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] "hkey_local_machine\software\freeze.com"



*** Files:

Successfully deleted: [FILE] C:\eula.1028.txt
Successfully deleted: [FILE] C:\eula.1031.txt
Successfully deleted: [FILE] C:\eula.1033.txt
Successfully deleted: [FILE] C:\eula.1036.txt
Successfully deleted: [FILE] C:\eula.1040.txt
Successfully deleted: [FILE] C:\eula.1041.txt
Successfully deleted: [FILE] C:\eula.1042.txt
Successfully deleted: [FILE] C:\eula.2052.txt
Successfully deleted: [FILE] C:\install.res.1028.dll
Successfully deleted: [FILE] C:\install.res.1031.dll
Successfully deleted: [FILE] C:\install.res.1033.dll
Successfully deleted: [FILE] C:\install.res.1036.dll
Successfully deleted: [FILE] C:\install.res.1040.dll
Successfully deleted: [FILE] C:\install.res.1041.dll
Successfully deleted: [FILE] C:\install.res.1042.dll
Successfully deleted: [FILE] C:\install.res.2052.dll
Successfully deleted: [FILE] C:\install.res.3082.dll



*** Folders: 0 Detections



*** Ask Toolbar Cleanup:

Successfully deleted: [VALUE] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{d4027c7f-154a-4066-a1ad-4243d8127440}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{d4027c7f-154a-4066-a1ad-4243d8127440}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{d4027c7f-154a-4066-a1ad-4243d8127440}
Successfully deleted: [FOLDER] "C:\ProgramData\ask"



*** Event Viewer Logs - Cleared





**************************************************************
Scan was completed on Sun 10/21/2012 at 8:19:58.94
End of Report

#21 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 21 October 2012 - 07:32 AM

A window popped up saying that OTL stopped working, and now my desktop appears blank save for the wallpaper.

Also, it was suggested that I switch from google to searc..com, so I agreed.

#22 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 21 October 2012 - 07:34 AM

make that search.com; also, when I said my desktop is blank save for the wallpaper, I mean everything including the toolbar, etc. is gone. Somehow I can still minimize this page and it is the only thing there.

#23 thisisu

thisisu

    U


  • Malware Response Team
  • 2,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:04 PM

Posted 21 October 2012 - 11:58 AM

Also, it was suggested that I switch from google to search.com, so I agreed.

Do you know what search.com is? Is that what you wanted?

__

  • Press and hold the Windows key Posted Image and then press the letter R on your keyboard.
  • This opens the Run dialog box.
  • Copy and paste the below text inside the text-field:
    • explorer
  • Now press ENTER

Do you see your desktop now?

#24 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 21 October 2012 - 05:51 PM

When I press and hold the windows key then press the letter R, I get a "ding" sound and nothing happens.

#25 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 October 2012 - 07:27 AM

I'll repost in case my last one didn't quite appear as it looks here.

When I press and hold the windows key then press the letter R, I get a "ding" sound and nothing happens.

Appreciate the help. It's not usable now, just a blank screen and a mouse.

#26 thisisu

thisisu

    U


  • Malware Response Team
  • 2,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:04 PM

Posted 23 October 2012 - 01:39 PM

Try this instead:

Press and hold CTRL, then press and hold SHIFT, and then press Esc. Now let go of CTRL and SHIFT.
This should launch Task Manager
From the top menu, select File => New Task (Run...)
In the Create New Task window, type in explorer and press OK

#27 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 October 2012 - 02:50 PM

Okay, I've got my desktop back and my computer works. I believe I left off last at

"A window popped up saying that OTL stopped working, and now my desktop appears blank save for the wallpaper.

Also, it was suggested that I switch from google to search.com, so I agreed."

You asked If I knew what Search.com was and if that's what I wanted. I've heard of it; it's not what I wanted, but I assumed the suggestion was prompted to me as a result of the problems I'm having, especially with the original Google redirect problem, so I said yes.

#28 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 October 2012 - 02:52 PM

I believe OTL did not finish, and I did not post it's log.
Thank you for your help.

#29 thisisu

thisisu

    U


  • Malware Response Team
  • 2,214 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:04:04 PM

Posted 23 October 2012 - 03:19 PM

Check to see if there is a log at C:\_OTL\MovedFiles
  • If there is, post its contents here for review.
  • If not, please try the OTL FIX while you are in Safe Mode using the same code as before.

Edited by thisisu, 23 October 2012 - 03:20 PM.


#30 CaptainW

CaptainW
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:05:04 PM

Posted 23 October 2012 - 04:13 PM

Okay, did it in Safe Mode; it rebooted (in regular mode), and this notepad item popped up on the screen.

All processes killed
========== OTL ==========
Error: No service named RoxLiveShare9 was found to stop!
Service\Driver key RoxLiveShare9 not found.
File C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe not found.
Error: No service named PEVSystemStart was found to stop!
Service\Driver key PEVSystemStart not found.
File C:\32788R22FWJFW\pev.3XE EXEC /i CSCRIPT.exe //NOLOGO //E:VBSCRIPT //B //T:15 C:\32788R22FWJFW\KNetSvcs.vbs not found.
Error: No service named IDriverT was found to stop!
Service\Driver key IDriverT not found.
File C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe not found.
Registry key HKEY_USERS\S-1-5-21-3610413377-4144677444-2941747277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5774D5C3-9164-44E1-8AC3-FD61A5B66963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5774D5C3-9164-44E1-8AC3-FD61A5B66963}\ not found.
Registry key HKEY_USERS\S-1-5-21-3610413377-4144677444-2941747277-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
File C:\Program Files\Ask.com\Updater\Updater.exe not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {0E5F0222-96B9-11D3-8997-00104BD12D94}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E5F0222-96B9-11D3-8997-00104BD12D94}\ not found.
Folder C:\$Recycle.Bin\S-1-5-18\$522957ca8c2ee38b796ebb70ae92ed99\U\ not found.
File C:\Windows\assembly\Desktop.ini not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: dan
->Temp folder emptied: 231758 bytes
->Temporary Internet Files folder emptied: 22918628 bytes
->Java cache emptied: 72885649 bytes
->Flash cache emptied: 311306 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 229669987 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 311.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10232012_170204

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users