Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

WIN7 redirect, reboots and more


  • Please log in to reply
8 replies to this topic

#1 pjdm

pjdm

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 07 April 2012 - 08:36 AM

Hello: I have a WIN7-64 PC that is experiencing reboots, redirects and various problems on reboot. Updates are failing, notices of secure connections during browsing, fake GMAIL pages, Trojan.OSX.something was reported by Immunet and some other recent problems. I have taken prior steps but the issues do not go away. I have removed Chrome now. Our home wireless and internet service now drops daily and I have restored all three nodes but the issues continue. I have just run TDSSkiller and posting the log. I would appreciate help in getting this machine healthy again. Thanks in advance.

09:20:00.0455 1300 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
09:20:00.0860 1300 ============================================================
09:20:00.0860 1300 Current date / time: 2012/04/07 09:20:00.0860
09:20:00.0860 1300 SystemInfo:
09:20:00.0860 1300
09:20:00.0860 1300 OS Version: 6.1.7601 ServicePack: 1.0
09:20:00.0860 1300 Product type: Workstation
09:20:00.0860 1300 ComputerName: PAUL-ANTEC
09:20:00.0860 1300 UserName: paul miller
09:20:00.0860 1300 Windows directory: C:\Windows
09:20:00.0860 1300 System windows directory: C:\Windows
09:20:00.0860 1300 Running under WOW64
09:20:00.0860 1300 Processor architecture: Intel x64
09:20:00.0860 1300 Number of processors: 2
09:20:00.0860 1300 Page size: 0x1000
09:20:00.0860 1300 Boot type: Normal boot
09:20:00.0860 1300 ============================================================
09:20:01.0703 1300 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:20:01.0703 1300 \Device\Harddisk0\DR0:
09:20:01.0703 1300 MBR used
09:20:01.0703 1300 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x30D409B2
09:20:01.0718 1300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x30D40A30, BlocksNum 0x439C4F91
09:20:01.0749 1300 Initialize success
09:20:01.0749 1300 ============================================================
09:20:21.0640 0596 ============================================================
09:20:21.0640 0596 Scan started
09:20:21.0640 0596 Mode: Manual; SigCheck; TDLFS;
09:20:21.0640 0596 ============================================================
09:20:22.0295 0596 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:20:22.0373 0596 1394ohci - ok
09:20:22.0451 0596 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:20:22.0482 0596 ACPI - ok
09:20:22.0560 0596 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:20:22.0669 0596 AcpiPmi - ok
09:20:22.0778 0596 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:20:22.0825 0596 AdobeARMservice - ok
09:20:22.0919 0596 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
09:20:22.0981 0596 adp94xx - ok
09:20:23.0028 0596 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
09:20:23.0075 0596 adpahci - ok
09:20:23.0122 0596 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
09:20:23.0184 0596 adpu320 - ok
09:20:23.0215 0596 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:20:23.0371 0596 AeLookupSvc - ok
09:20:23.0465 0596 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:20:23.0527 0596 AFD - ok
09:20:23.0590 0596 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:20:23.0636 0596 agp440 - ok
09:20:23.0683 0596 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:20:23.0792 0596 ALG - ok
09:20:23.0855 0596 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:20:23.0870 0596 aliide - ok
09:20:23.0933 0596 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:20:23.0948 0596 amdide - ok
09:20:24.0011 0596 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
09:20:24.0073 0596 AmdK8 - ok
09:20:24.0120 0596 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
09:20:24.0198 0596 AmdPPM - ok
09:20:24.0276 0596 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:20:24.0292 0596 amdsata - ok
09:20:24.0370 0596 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
09:20:24.0401 0596 amdsbs - ok
09:20:24.0463 0596 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:20:24.0479 0596 amdxata - ok
09:20:24.0557 0596 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:20:24.0650 0596 AppID - ok
09:20:24.0697 0596 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:20:24.0791 0596 AppIDSvc - ok
09:20:24.0853 0596 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:20:24.0900 0596 Appinfo - ok
09:20:24.0978 0596 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
09:20:25.0072 0596 AppMgmt - ok
09:20:25.0150 0596 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
09:20:25.0165 0596 arc - ok
09:20:25.0228 0596 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
09:20:25.0259 0596 arcsas - ok
09:20:25.0415 0596 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:20:25.0446 0596 aspnet_state - ok
09:20:25.0524 0596 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:20:25.0586 0596 AsyncMac - ok
09:20:25.0696 0596 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:20:25.0711 0596 atapi - ok
09:20:25.0883 0596 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:20:25.0976 0596 AudioEndpointBuilder - ok
09:20:25.0992 0596 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:20:26.0039 0596 AudioSrv - ok
09:20:26.0132 0596 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:20:26.0242 0596 AxInstSV - ok
09:20:26.0366 0596 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
09:20:26.0413 0596 b06bdrv - ok
09:20:26.0507 0596 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:20:26.0554 0596 b57nd60a - ok
09:20:26.0678 0596 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:20:26.0756 0596 BDESVC - ok
09:20:26.0850 0596 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:20:26.0881 0596 Beep - ok
09:20:27.0022 0596 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:20:27.0084 0596 BFE - ok
09:20:27.0193 0596 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
09:20:27.0271 0596 BITS - ok
09:20:27.0349 0596 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
09:20:27.0380 0596 blbdrive - ok
09:20:27.0458 0596 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:20:27.0536 0596 bowser - ok
09:20:27.0568 0596 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:20:27.0661 0596 BrFiltLo - ok
09:20:27.0692 0596 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:20:27.0755 0596 BrFiltUp - ok
09:20:27.0864 0596 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
09:20:27.0911 0596 BridgeMP - ok
09:20:27.0942 0596 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:20:28.0036 0596 Browser - ok
09:20:28.0082 0596 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:20:28.0160 0596 Brserid - ok
09:20:28.0207 0596 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:20:28.0270 0596 BrSerWdm - ok
09:20:28.0332 0596 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:20:28.0363 0596 BrUsbMdm - ok
09:20:28.0441 0596 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:20:28.0488 0596 BrUsbSer - ok
09:20:28.0550 0596 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
09:20:28.0613 0596 BTHMODEM - ok
09:20:28.0691 0596 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:20:28.0769 0596 bthserv - ok
09:20:28.0784 0596 catchme - ok
09:20:28.0847 0596 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:20:28.0909 0596 cdfs - ok
09:20:29.0018 0596 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
09:20:29.0065 0596 cdrom - ok
09:20:29.0159 0596 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:20:29.0237 0596 CertPropSvc - ok
09:20:29.0299 0596 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
09:20:29.0362 0596 circlass - ok
09:20:29.0424 0596 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:20:29.0486 0596 CLFS - ok
09:20:29.0580 0596 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:20:29.0658 0596 clr_optimization_v2.0.50727_32 - ok
09:20:29.0736 0596 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:20:29.0798 0596 clr_optimization_v2.0.50727_64 - ok
09:20:29.0861 0596 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:20:29.0892 0596 clr_optimization_v4.0.30319_32 - ok
09:20:29.0970 0596 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:20:29.0986 0596 clr_optimization_v4.0.30319_64 - ok
09:20:30.0064 0596 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
09:20:30.0110 0596 CmBatt - ok
09:20:30.0204 0596 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:20:30.0220 0596 cmdide - ok
09:20:30.0313 0596 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:20:30.0407 0596 CNG - ok
09:20:30.0469 0596 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
09:20:30.0485 0596 Compbatt - ok
09:20:30.0578 0596 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:20:30.0625 0596 CompositeBus - ok
09:20:30.0688 0596 COMSysApp - ok
09:20:30.0719 0596 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
09:20:30.0734 0596 crcdisk - ok
09:20:30.0812 0596 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:20:30.0906 0596 CryptSvc - ok
09:20:31.0015 0596 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
09:20:31.0078 0596 CSC - ok
09:20:31.0156 0596 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
09:20:31.0218 0596 CscService - ok
09:20:31.0327 0596 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:20:31.0436 0596 DcomLaunch - ok
09:20:31.0499 0596 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:20:31.0577 0596 defragsvc - ok
09:20:31.0624 0596 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:20:31.0686 0596 DfsC - ok
09:20:31.0748 0596 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:20:31.0858 0596 Dhcp - ok
09:20:31.0936 0596 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:20:32.0014 0596 discache - ok
09:20:32.0076 0596 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
09:20:32.0107 0596 Disk - ok
09:20:32.0170 0596 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:20:32.0248 0596 Dnscache - ok
09:20:32.0310 0596 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:20:32.0388 0596 dot3svc - ok
09:20:32.0435 0596 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:20:32.0528 0596 DPS - ok
09:20:32.0653 0596 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:20:32.0731 0596 drmkaud - ok
09:20:32.0809 0596 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:20:32.0840 0596 DXGKrnl - ok
09:20:32.0918 0596 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:20:32.0996 0596 EapHost - ok
09:20:33.0137 0596 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
09:20:33.0230 0596 ebdrv - ok
09:20:33.0277 0596 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:20:33.0340 0596 EFS - ok
09:20:33.0433 0596 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:20:33.0527 0596 ehRecvr - ok
09:20:33.0558 0596 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:20:33.0667 0596 ehSched - ok
09:20:33.0761 0596 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
09:20:33.0792 0596 elxstor - ok
09:20:33.0854 0596 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:20:33.0917 0596 ErrDev - ok
09:20:33.0995 0596 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:20:34.0057 0596 EventSystem - ok
09:20:34.0120 0596 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:20:34.0198 0596 exfat - ok
09:20:34.0244 0596 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:20:34.0322 0596 fastfat - ok
09:20:34.0416 0596 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:20:34.0494 0596 Fax - ok
09:20:34.0556 0596 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
09:20:34.0588 0596 fdc - ok
09:20:34.0697 0596 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:20:34.0790 0596 fdPHost - ok
09:20:34.0837 0596 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:20:34.0962 0596 FDResPub - ok
09:20:35.0024 0596 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:20:35.0040 0596 FileInfo - ok
09:20:35.0134 0596 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:20:35.0196 0596 Filetrace - ok
09:20:35.0258 0596 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
09:20:35.0290 0596 flpydisk - ok
09:20:35.0368 0596 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:20:35.0414 0596 FltMgr - ok
09:20:35.0524 0596 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:20:35.0602 0596 FontCache - ok
09:20:35.0742 0596 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:20:35.0758 0596 FontCache3.0.0.0 - ok
09:20:35.0836 0596 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:20:35.0851 0596 FsDepends - ok
09:20:35.0945 0596 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
09:20:35.0960 0596 Fs_Rec - ok
09:20:36.0054 0596 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:20:36.0116 0596 fvevol - ok
09:20:36.0194 0596 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
09:20:36.0210 0596 gagp30kx - ok
09:20:36.0288 0596 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:20:36.0382 0596 gpsvc - ok
09:20:36.0460 0596 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:20:36.0506 0596 hcw85cir - ok
09:20:36.0616 0596 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:20:36.0647 0596 HdAudAddService - ok
09:20:36.0740 0596 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:20:36.0803 0596 HDAudBus - ok
09:20:36.0865 0596 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
09:20:36.0928 0596 HidBatt - ok
09:20:36.0990 0596 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
09:20:37.0037 0596 HidBth - ok
09:20:37.0099 0596 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
09:20:37.0162 0596 HidIr - ok
09:20:37.0208 0596 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
09:20:37.0302 0596 hidserv - ok
09:20:37.0396 0596 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:20:37.0442 0596 HidUsb - ok
09:20:37.0536 0596 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:20:37.0630 0596 hkmsvc - ok
09:20:37.0692 0596 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:20:37.0754 0596 HomeGroupListener - ok
09:20:37.0864 0596 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:20:37.0895 0596 HomeGroupProvider - ok
09:20:37.0942 0596 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:20:37.0957 0596 HpSAMD - ok
09:20:38.0066 0596 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:20:38.0144 0596 HTTP - ok
09:20:38.0222 0596 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:20:38.0222 0596 hwpolicy - ok
09:20:38.0300 0596 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:20:38.0347 0596 i8042prt - ok
09:20:38.0425 0596 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:20:38.0441 0596 iaStorV - ok
09:20:38.0550 0596 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:20:38.0612 0596 idsvc - ok
09:20:38.0659 0596 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
09:20:38.0675 0596 iirsp - ok
09:20:38.0753 0596 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:20:38.0846 0596 IKEEXT - ok
09:20:38.0924 0596 ImmunetProtect (3d7b7be7fbe0b05bfbb530c89c060394) C:\Program Files\Immunet\3.0.5\agent.exe
09:20:39.0018 0596 ImmunetProtect - ok
09:20:39.0080 0596 ImmunetProtectDriver (a06c24a303e609f75cf8e327c7e7afaa) C:\Windows\system32\DRIVERS\ImmunetProtect.sys
09:20:39.0096 0596 ImmunetProtectDriver - ok
09:20:39.0252 0596 ImmunetSelfProtectDriver (ba31f068ede38f505724e4893fa0c5a8) C:\Windows\system32\DRIVERS\ImmunetSelfProtect.sys
09:20:39.0268 0596 ImmunetSelfProtectDriver - ok
09:20:39.0346 0596 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:20:39.0346 0596 intelide - ok
09:20:39.0424 0596 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
09:20:39.0486 0596 intelppm - ok
09:20:39.0564 0596 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:20:39.0626 0596 IPBusEnum - ok
09:20:39.0720 0596 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:20:39.0798 0596 IpFilterDriver - ok
09:20:39.0876 0596 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:20:39.0970 0596 iphlpsvc - ok
09:20:40.0016 0596 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:20:40.0079 0596 IPMIDRV - ok
09:20:40.0157 0596 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:20:40.0235 0596 IPNAT - ok
09:20:40.0282 0596 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:20:40.0360 0596 IRENUM - ok
09:20:40.0438 0596 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:20:40.0453 0596 isapnp - ok
09:20:40.0531 0596 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:20:40.0578 0596 iScsiPrt - ok
09:20:40.0672 0596 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:20:40.0703 0596 kbdclass - ok
09:20:40.0781 0596 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:20:40.0812 0596 kbdhid - ok
09:20:40.0906 0596 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:20:40.0937 0596 KeyIso - ok
09:20:40.0984 0596 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:20:41.0030 0596 KSecDD - ok
09:20:41.0093 0596 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:20:41.0108 0596 KSecPkg - ok
09:20:41.0186 0596 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:20:41.0249 0596 ksthunk - ok
09:20:41.0311 0596 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:20:41.0389 0596 KtmRm - ok
09:20:41.0436 0596 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
09:20:41.0514 0596 LanmanServer - ok
09:20:41.0592 0596 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:20:41.0670 0596 LanmanWorkstation - ok
09:20:41.0748 0596 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:20:41.0795 0596 lltdio - ok
09:20:41.0888 0596 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:20:41.0982 0596 lltdsvc - ok
09:20:42.0029 0596 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:20:42.0107 0596 lmhosts - ok
09:20:42.0185 0596 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
09:20:42.0216 0596 LSI_FC - ok
09:20:42.0278 0596 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
09:20:42.0310 0596 LSI_SAS - ok
09:20:42.0372 0596 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:20:42.0403 0596 LSI_SAS2 - ok
09:20:42.0512 0596 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:20:42.0528 0596 LSI_SCSI - ok
09:20:42.0622 0596 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:20:42.0746 0596 luafv - ok
09:20:42.0824 0596 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:20:42.0856 0596 Mcx2Svc - ok
09:20:42.0887 0596 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
09:20:42.0902 0596 megasas - ok
09:20:42.0934 0596 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
09:20:42.0996 0596 MegaSR - ok
09:20:43.0090 0596 MEMSWEEP2 (f9ce67e9e0226079b59107b649851f96) C:\Windows\system32\8FFA.tmp
09:20:43.0136 0596 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
09:20:43.0136 0596 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
09:20:43.0199 0596 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:20:43.0261 0596 MMCSS - ok
09:20:43.0324 0596 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:20:43.0402 0596 Modem - ok
09:20:43.0464 0596 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:20:43.0526 0596 monitor - ok
09:20:43.0589 0596 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:20:43.0604 0596 mouclass - ok
09:20:43.0651 0596 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:20:43.0714 0596 mouhid - ok
09:20:43.0776 0596 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:20:43.0807 0596 mountmgr - ok
09:20:43.0885 0596 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
09:20:43.0901 0596 MpFilter - ok
09:20:43.0963 0596 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:20:43.0979 0596 mpio - ok
09:20:44.0026 0596 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
09:20:44.0041 0596 MpNWMon - ok
09:20:44.0104 0596 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:20:44.0135 0596 mpsdrv - ok
09:20:44.0213 0596 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:20:44.0322 0596 MpsSvc - ok
09:20:44.0369 0596 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:20:44.0431 0596 MRxDAV - ok
09:20:44.0509 0596 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:20:44.0572 0596 mrxsmb - ok
09:20:44.0618 0596 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:20:44.0681 0596 mrxsmb10 - ok
09:20:44.0743 0596 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:20:44.0759 0596 mrxsmb20 - ok
09:20:44.0852 0596 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:20:44.0868 0596 msahci - ok
09:20:44.0930 0596 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:20:44.0946 0596 msdsm - ok
09:20:45.0024 0596 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:20:45.0086 0596 MSDTC - ok
09:20:45.0164 0596 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:20:45.0211 0596 Msfs - ok
09:20:45.0274 0596 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:20:45.0352 0596 mshidkmdf - ok
09:20:45.0398 0596 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:20:45.0445 0596 msisadrv - ok
09:20:45.0523 0596 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:20:45.0617 0596 MSiSCSI - ok
09:20:45.0648 0596 msiserver - ok
09:20:45.0695 0596 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:20:45.0757 0596 MSKSSRV - ok
09:20:45.0851 0596 MsMpSvc (157e9e498206a3366baa7e4697bdd947) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
09:20:45.0882 0596 MsMpSvc - ok
09:20:45.0913 0596 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:20:45.0976 0596 MSPCLOCK - ok
09:20:46.0054 0596 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:20:46.0100 0596 MSPQM - ok
09:20:46.0194 0596 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:20:46.0241 0596 MsRPC - ok
09:20:46.0319 0596 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:20:46.0334 0596 mssmbios - ok
09:20:46.0397 0596 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:20:46.0459 0596 MSTEE - ok
09:20:46.0537 0596 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
09:20:46.0600 0596 MTConfig - ok
09:20:46.0678 0596 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:20:46.0709 0596 Mup - ok
09:20:46.0771 0596 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:20:46.0912 0596 napagent - ok
09:20:46.0990 0596 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:20:47.0068 0596 NativeWifiP - ok
09:20:47.0177 0596 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:20:47.0224 0596 NDIS - ok
09:20:47.0302 0596 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:20:47.0364 0596 NdisCap - ok
09:20:47.0458 0596 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:20:47.0504 0596 NdisTapi - ok
09:20:47.0676 0596 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:20:47.0754 0596 Ndisuio - ok
09:20:47.0863 0596 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:20:47.0941 0596 NdisWan - ok
09:20:47.0988 0596 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:20:48.0035 0596 NDProxy - ok
09:20:48.0082 0596 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:20:48.0160 0596 NetBIOS - ok
09:20:48.0222 0596 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:20:48.0269 0596 NetBT - ok
09:20:48.0331 0596 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:20:48.0362 0596 Netlogon - ok
09:20:48.0472 0596 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:20:48.0565 0596 Netman - ok
09:20:48.0674 0596 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:20:48.0752 0596 NetMsmqActivator - ok
09:20:48.0752 0596 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:20:48.0784 0596 NetPipeActivator - ok
09:20:48.0815 0596 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:20:48.0940 0596 netprofm - ok
09:20:48.0955 0596 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:20:48.0986 0596 NetTcpActivator - ok
09:20:48.0986 0596 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:20:49.0002 0596 NetTcpPortSharing - ok
09:20:49.0142 0596 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
09:20:49.0158 0596 nfrd960 - ok
09:20:49.0220 0596 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:20:49.0236 0596 NisDrv - ok
09:20:49.0361 0596 NisSrv (566ddd5d82520da01d75f81428ac4c38) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
09:20:49.0408 0596 NisSrv - ok
09:20:49.0454 0596 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:20:49.0548 0596 NlaSvc - ok
09:20:49.0579 0596 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:20:49.0626 0596 Npfs - ok
09:20:49.0657 0596 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:20:49.0751 0596 nsi - ok
09:20:49.0798 0596 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:20:49.0891 0596 nsiproxy - ok
09:20:50.0000 0596 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:20:50.0063 0596 Ntfs - ok
09:20:50.0141 0596 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:20:50.0203 0596 Null - ok
09:20:50.0531 0596 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:20:51.0326 0596 nvlddmkm - ok
09:20:51.0373 0596 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:20:51.0389 0596 nvraid - ok
09:20:51.0436 0596 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:20:51.0482 0596 nvstor - ok
09:20:51.0560 0596 nvsvc (34e5498528bb3d5a951f889f8756ad26) C:\Windows\system32\nvvsvc.exe
09:20:51.0685 0596 nvsvc - ok
09:20:51.0826 0596 nvUpdatusService (cd0bfaa6872cfe38c908d313ae17c350) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:20:51.0935 0596 nvUpdatusService - ok
09:20:51.0966 0596 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:20:51.0997 0596 nv_agp - ok
09:20:52.0044 0596 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:20:52.0106 0596 ohci1394 - ok
09:20:52.0184 0596 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:20:52.0278 0596 p2pimsvc - ok
09:20:52.0356 0596 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:20:52.0434 0596 p2psvc - ok
09:20:52.0481 0596 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
09:20:52.0496 0596 Parport - ok
09:20:52.0574 0596 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:20:52.0590 0596 partmgr - ok
09:20:52.0652 0596 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:20:52.0762 0596 PcaSvc - ok
09:20:52.0886 0596 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:20:52.0918 0596 pci - ok
09:20:52.0980 0596 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:20:53.0011 0596 pciide - ok
09:20:53.0058 0596 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
09:20:53.0120 0596 pcmcia - ok
09:20:53.0152 0596 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:20:53.0183 0596 pcw - ok
09:20:53.0230 0596 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:20:53.0308 0596 PEAUTH - ok
09:20:53.0417 0596 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
09:20:53.0479 0596 PeerDistSvc - ok
09:20:53.0557 0596 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:20:53.0604 0596 PerfHost - ok
09:20:53.0698 0596 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:20:53.0776 0596 pla - ok
09:20:53.0869 0596 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:20:53.0916 0596 PlugPlay - ok
09:20:53.0963 0596 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:20:54.0025 0596 PNRPAutoReg - ok
09:20:54.0119 0596 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:20:54.0150 0596 PNRPsvc - ok
09:20:54.0212 0596 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:20:54.0290 0596 PolicyAgent - ok
09:20:54.0368 0596 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:20:54.0446 0596 Power - ok
09:20:54.0524 0596 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:20:54.0618 0596 PptpMiniport - ok
09:20:54.0665 0596 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
09:20:54.0712 0596 Processor - ok
09:20:54.0805 0596 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:20:54.0852 0596 ProfSvc - ok
09:20:54.0899 0596 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:20:54.0930 0596 ProtectedStorage - ok
09:20:55.0008 0596 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:20:55.0039 0596 Psched - ok
09:20:55.0086 0596 pwdrvio (595a22c4cce855e72d475835f3df2d53) C:\Windows\system32\pwdrvio.sys
09:20:55.0117 0596 pwdrvio - ok
09:20:55.0180 0596 pwdspio (70eb529f6fedac79d0a8e3bb79999277) C:\Windows\system32\pwdspio.sys
09:20:55.0211 0596 pwdspio - ok
09:20:55.0336 0596 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
09:20:55.0398 0596 ql2300 - ok
09:20:55.0476 0596 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
09:20:55.0523 0596 ql40xx - ok
09:20:55.0601 0596 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:20:55.0694 0596 QWAVE - ok
09:20:55.0772 0596 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:20:55.0804 0596 QWAVEdrv - ok
09:20:55.0866 0596 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:20:55.0897 0596 RasAcd - ok
09:20:55.0975 0596 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:20:56.0022 0596 RasAgileVpn - ok
09:20:56.0069 0596 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:20:56.0162 0596 RasAuto - ok
09:20:56.0225 0596 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:20:56.0303 0596 Rasl2tp - ok
09:20:56.0381 0596 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:20:56.0474 0596 RasMan - ok
09:20:56.0568 0596 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:20:56.0630 0596 RasPppoe - ok
09:20:56.0771 0596 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:20:56.0833 0596 RasSstp - ok
09:20:56.0896 0596 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:20:56.0974 0596 rdbss - ok
09:20:57.0036 0596 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
09:20:57.0114 0596 rdpbus - ok
09:20:57.0223 0596 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:20:57.0317 0596 RDPCDD - ok
09:20:57.0395 0596 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
09:20:57.0457 0596 RDPDR - ok
09:20:57.0535 0596 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:20:57.0613 0596 RDPENCDD - ok
09:20:57.0676 0596 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:20:57.0707 0596 RDPREFMP - ok
09:20:57.0816 0596 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:20:57.0878 0596 RDPWD - ok
09:20:58.0003 0596 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:20:58.0034 0596 rdyboost - ok
09:20:58.0175 0596 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:20:58.0268 0596 RemoteAccess - ok
09:20:58.0331 0596 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:20:58.0393 0596 RemoteRegistry - ok
09:20:58.0456 0596 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:20:58.0502 0596 RpcEptMapper - ok
09:20:58.0534 0596 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:20:58.0565 0596 RpcLocator - ok
09:20:58.0658 0596 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:20:58.0705 0596 RpcSs - ok
09:20:58.0768 0596 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:20:58.0830 0596 rspndr - ok
09:20:58.0908 0596 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:20:58.0939 0596 RTL8167 - ok
09:20:59.0064 0596 RTL8192su (5edfcee5682237607082880338415aa6) C:\Windows\system32\DRIVERS\RTL8192su.sys
09:20:59.0095 0596 RTL8192su - ok
09:20:59.0173 0596 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
09:20:59.0220 0596 s3cap - ok
09:20:59.0282 0596 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:20:59.0298 0596 SamSs - ok
09:20:59.0402 0596 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:20:59.0452 0596 sbp2port - ok
09:20:59.0602 0596 scan (dcc3bfee397b32ba4b6bd698be07941a) C:\Program Files\Immunet\tetra\scan.dll
09:20:59.0842 0596 scan ( UnsignedFile.Multi.Generic ) - warning
09:20:59.0842 0596 scan - detected UnsignedFile.Multi.Generic (1)
09:20:59.0882 0596 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:20:59.0942 0596 SCardSvr - ok
09:21:00.0012 0596 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:21:00.0112 0596 scfilter - ok
09:21:00.0212 0596 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:21:00.0312 0596 Schedule - ok
09:21:00.0392 0596 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:21:00.0432 0596 SCPolicySvc - ok
09:21:00.0492 0596 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:21:00.0562 0596 SDRSVC - ok
09:21:00.0712 0596 SDScannerService (8dcd2c2aa1debe7edaac90e398765976) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
09:21:00.0762 0596 SDScannerService - ok
09:21:00.0832 0596 SDUpdateService (5de1be0423c8cc00e8c47dbf4f987dd4) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
09:21:00.0892 0596 SDUpdateService - ok
09:21:00.0942 0596 SDWSCService (92c58389ecab46b7a47c7fb6a8cf5526) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
09:21:00.0962 0596 SDWSCService - ok
09:21:01.0082 0596 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:21:01.0132 0596 secdrv - ok
09:21:01.0182 0596 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:21:01.0292 0596 seclogon - ok
09:21:01.0342 0596 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
09:21:01.0402 0596 SENS - ok
09:21:01.0467 0596 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:21:01.0514 0596 SensrSvc - ok
09:21:01.0623 0596 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
09:21:01.0639 0596 Serenum - ok
09:21:01.0717 0596 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
09:21:01.0748 0596 Serial - ok
09:21:01.0779 0596 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
09:21:01.0826 0596 sermouse - ok
09:21:01.0888 0596 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:21:01.0998 0596 SessionEnv - ok
09:21:02.0076 0596 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:21:02.0138 0596 sffdisk - ok
09:21:02.0200 0596 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:21:02.0263 0596 sffp_mmc - ok
09:21:02.0341 0596 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:21:02.0403 0596 sffp_sd - ok
09:21:02.0481 0596 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
09:21:02.0575 0596 sfloppy - ok
09:21:02.0700 0596 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:21:02.0778 0596 SharedAccess - ok
09:21:02.0840 0596 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:21:02.0934 0596 ShellHWDetection - ok
09:21:03.0012 0596 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:21:03.0027 0596 SiSRaid2 - ok
09:21:03.0105 0596 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
09:21:03.0136 0596 SiSRaid4 - ok
09:21:03.0246 0596 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:21:03.0277 0596 Smb - ok
09:21:03.0386 0596 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:21:03.0464 0596 SNMPTRAP - ok
09:21:03.0511 0596 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:21:03.0526 0596 spldr - ok
09:21:03.0604 0596 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:21:03.0698 0596 Spooler - ok
09:21:03.0870 0596 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:21:03.0979 0596 sppsvc - ok
09:21:03.0994 0596 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:21:04.0041 0596 sppuinotify - ok
09:21:04.0104 0596 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:21:04.0228 0596 srv - ok
09:21:04.0322 0596 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:21:04.0353 0596 srv2 - ok
09:21:04.0447 0596 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:21:04.0462 0596 srvnet - ok
09:21:04.0540 0596 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:21:04.0603 0596 SSDPSRV - ok
09:21:04.0634 0596 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:21:04.0696 0596 SstpSvc - ok
09:21:04.0821 0596 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:21:06.0537 0596 Stereo Service - ok
09:21:06.0631 0596 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
09:21:06.0646 0596 stexstor - ok
09:21:06.0724 0596 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:21:06.0818 0596 stisvc - ok
09:21:06.0880 0596 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
09:21:06.0896 0596 storflt - ok
09:21:06.0958 0596 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll
09:21:07.0036 0596 StorSvc - ok
09:21:07.0099 0596 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
09:21:07.0114 0596 storvsc - ok
09:21:07.0192 0596 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:21:07.0255 0596 swenum - ok
09:21:07.0302 0596 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:21:07.0395 0596 swprv - ok
09:21:07.0536 0596 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:21:07.0629 0596 SysMain - ok
09:21:07.0692 0596 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:21:07.0738 0596 TabletInputService - ok
09:21:07.0801 0596 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:21:07.0879 0596 TapiSrv - ok
09:21:07.0957 0596 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:21:08.0004 0596 TBS - ok
09:21:08.0113 0596 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:21:08.0175 0596 Tcpip - ok
09:21:08.0269 0596 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:21:08.0331 0596 TCPIP6 - ok
09:21:08.0409 0596 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:21:08.0456 0596 tcpipreg - ok
09:21:08.0518 0596 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:21:08.0581 0596 TDPIPE - ok
09:21:08.0674 0596 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:21:08.0706 0596 TDTCP - ok
09:21:08.0799 0596 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:21:08.0846 0596 tdx - ok
09:21:09.0064 0596 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
09:21:09.0985 0596 TeamViewer7 - ok
09:21:10.0032 0596 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:21:10.0047 0596 TermDD - ok
09:21:10.0172 0596 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:21:10.0250 0596 TermService - ok
09:21:10.0266 0596 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:21:10.0312 0596 Themes - ok
09:21:10.0375 0596 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:21:10.0422 0596 THREADORDER - ok
09:21:10.0500 0596 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:21:10.0593 0596 TrkWks - ok
09:21:10.0702 0596 Trufos (110ebba2290fd37f8c0e7f68623ed50c) C:\Windows\system32\DRIVERS\Trufos.sys
09:21:10.0734 0596 Trufos - ok
09:21:10.0812 0596 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:21:10.0921 0596 TrustedInstaller - ok
09:21:10.0983 0596 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:21:11.0030 0596 tssecsrv - ok
09:21:11.0139 0596 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:21:11.0155 0596 TsUsbFlt - ok
09:21:11.0217 0596 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:21:11.0295 0596 tunnel - ok
09:21:11.0358 0596 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
09:21:11.0404 0596 uagp35 - ok
09:21:11.0467 0596 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:21:11.0529 0596 udfs - ok
09:21:11.0623 0596 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:21:11.0685 0596 UI0Detect - ok
09:21:11.0763 0596 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:21:11.0794 0596 uliagpkx - ok
09:21:11.0872 0596 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:21:11.0935 0596 umbus - ok
09:21:11.0982 0596 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
09:21:12.0044 0596 UmPass - ok
09:21:12.0138 0596 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
09:21:12.0231 0596 UmRdpService - ok
09:21:12.0294 0596 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:21:12.0387 0596 upnphost - ok
09:21:12.0434 0596 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys
09:21:12.0512 0596 usbccgp - ok
09:21:12.0637 0596 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:21:12.0668 0596 usbcir - ok
09:21:12.0715 0596 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
09:21:12.0777 0596 usbehci - ok
09:21:12.0824 0596 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
09:21:12.0933 0596 usbhub - ok
09:21:12.0996 0596 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:21:13.0058 0596 usbohci - ok
09:21:13.0152 0596 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
09:21:13.0214 0596 usbprint - ok
09:21:13.0308 0596 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:21:13.0401 0596 USBSTOR - ok
09:21:13.0432 0596 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
09:21:13.0526 0596 usbuhci - ok
09:21:13.0557 0596 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:21:13.0666 0596 UxSms - ok
09:21:13.0729 0596 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:21:13.0760 0596 VaultSvc - ok
09:21:13.0807 0596 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:21:13.0822 0596 vdrvroot - ok
09:21:13.0932 0596 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:21:14.0025 0596 vds - ok
09:21:14.0072 0596 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:21:14.0088 0596 vga - ok
09:21:14.0134 0596 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:21:14.0228 0596 VgaSave - ok
09:21:14.0275 0596 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:21:14.0306 0596 vhdmp - ok
09:21:14.0353 0596 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:21:14.0384 0596 viaide - ok
09:21:14.0431 0596 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
09:21:14.0462 0596 vmbus - ok
09:21:14.0509 0596 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
09:21:14.0571 0596 VMBusHID - ok
09:21:14.0649 0596 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:21:14.0680 0596 volmgr - ok
09:21:14.0758 0596 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:21:14.0821 0596 volmgrx - ok
09:21:14.0899 0596 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:21:14.0946 0596 volsnap - ok
09:21:15.0039 0596 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
09:21:15.0055 0596 vsmraid - ok
09:21:15.0148 0596 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:21:15.0242 0596 VSS - ok
09:21:15.0273 0596 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:21:15.0351 0596 vwifibus - ok
09:21:15.0414 0596 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:21:15.0492 0596 vwififlt - ok
09:21:15.0570 0596 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
09:21:15.0601 0596 vwifimp - ok
09:21:15.0679 0596 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:21:15.0757 0596 W32Time - ok
09:21:15.0850 0596 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
09:21:15.0866 0596 WacomPen - ok
09:21:15.0960 0596 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:21:16.0006 0596 WANARP - ok
09:21:16.0022 0596 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:21:16.0053 0596 Wanarpv6 - ok
09:21:16.0162 0596 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:21:16.0459 0596 WatAdminSvc - ok
09:21:16.0568 0596 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:21:16.0677 0596 wbengine - ok
09:21:16.0724 0596 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:21:16.0771 0596 WbioSrvc - ok
09:21:16.0818 0596 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:21:16.0896 0596 wcncsvc - ok
09:21:16.0942 0596 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:21:17.0005 0596 WcsPlugInService - ok
09:21:17.0114 0596 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
09:21:17.0145 0596 Wd - ok
09:21:17.0239 0596 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:21:17.0301 0596 Wdf01000 - ok
09:21:17.0395 0596 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:21:17.0535 0596 WdiServiceHost - ok
09:21:17.0535 0596 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:21:17.0566 0596 WdiSystemHost - ok
09:21:17.0676 0596 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:21:17.0738 0596 WebClient - ok
09:21:17.0816 0596 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:21:17.0894 0596 Wecsvc - ok
09:21:17.0988 0596 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:21:18.0081 0596 wercplsupport - ok
09:21:18.0206 0596 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:21:18.0253 0596 WerSvc - ok
09:21:18.0331 0596 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:21:18.0409 0596 WfpLwf - ok
09:21:18.0518 0596 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:21:18.0549 0596 WIMMount - ok
09:21:18.0580 0596 WinDefend - ok
09:21:18.0596 0596 WinHttpAutoProxySvc - ok
09:21:18.0690 0596 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:21:18.0783 0596 Winmgmt - ok
09:21:18.0892 0596 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:21:18.0986 0596 WinRM - ok
09:21:19.0080 0596 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:21:19.0158 0596 WinUsb - ok
09:21:19.0220 0596 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:21:19.0298 0596 Wlansvc - ok
09:21:19.0360 0596 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:21:19.0423 0596 WmiAcpi - ok
09:21:19.0485 0596 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:21:19.0548 0596 wmiApSrv - ok
09:21:19.0594 0596 WMPNetworkSvc - ok
09:21:19.0657 0596 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:21:19.0688 0596 WPCSvc - ok
09:21:19.0766 0596 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:21:19.0797 0596 WPDBusEnum - ok
09:21:19.0844 0596 WRkrn - ok
09:21:19.0891 0596 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:21:19.0938 0596 ws2ifsl - ok
09:21:20.0000 0596 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
09:21:20.0062 0596 wscsvc - ok
09:21:20.0140 0596 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
09:21:20.0172 0596 WSDPrintDevice - ok
09:21:20.0203 0596 WSearch - ok
09:21:20.0312 0596 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:21:20.0437 0596 wuauserv - ok
09:21:20.0530 0596 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:21:20.0593 0596 WudfPf - ok
09:21:20.0671 0596 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:21:20.0718 0596 WUDFRd - ok
09:21:20.0764 0596 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:21:20.0827 0596 wudfsvc - ok
09:21:20.0889 0596 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:21:20.0983 0596 WwanSvc - ok
09:21:21.0076 0596 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:21:21.0170 0596 \Device\Harddisk0\DR0 - ok
09:21:21.0170 0596 Boot (0x1200) (d9e7ff1448f0c79d73fe60961c57f7e0) \Device\Harddisk0\DR0\Partition0
09:21:21.0170 0596 \Device\Harddisk0\DR0\Partition0 - ok
09:21:21.0170 0596 Boot (0x1200) (41a58c8ea08ab1c6883501c30ed8a3ef) \Device\Harddisk0\DR0\Partition1
09:21:21.0170 0596 \Device\Harddisk0\DR0\Partition1 - ok
09:21:21.0170 0596 ============================================================
09:21:21.0170 0596 Scan finished
09:21:21.0170 0596 ============================================================
09:21:21.0186 2484 Detected object count: 2
09:21:21.0186 2484 Actual detected object count: 2
09:21:35.0085 2484 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:35.0085 2484 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:21:35.0085 2484 scan ( UnsignedFile.Multi.Generic ) - skipped by user
09:21:35.0085 2484 scan ( UnsignedFile.Multi.Generic ) - User select action: Skip

BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:51 AM

Posted 07 April 2012 - 10:47 AM

Welcome aboard Posted Image

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

====================================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 pjdm

pjdm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 07 April 2012 - 10:53 AM

Thank you for helping. In the interim, the PC has now crashed, rebooted, stalled at the windows logo, crashed dumped again on startup twice. I am posting this with another PC. I will see if I can get a good start otherwise SAFE Boot may be my only choice. So far, I can only go to safe mode at this time.

UPDATE: I can no longer boot into SAFE MODE with networking without BSOD and crash dump reporting. Startup repair is now running. System Volume was reported as corrupted.

Edited by pjdm, 07 April 2012 - 11:00 AM.


#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:51 AM

Posted 07 April 2012 - 10:56 AM

Safe mode will be fine for now.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#5 pjdm

pjdm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 07 April 2012 - 12:35 PM

I can only run SAFE MODE without networking else BSOD and minidump.
1) In SAFE MODE I ran SecurityCheck.exe no problem with results below.
2) In SAFE MODE I ran Farbar Service Scanner (FSS) no problem results below.
3) In SAFE MODE I ran MiniToolBox no problem, results below.
4) MBAM Quick scan resulted in one detection, rebooted as directed then was unable to perform full scan without BSOD either in normal Windows mode or SAFE MODE with networking. Have gone back to SAFE MODE without networking but "file not found mbamcode" runtime error results. I will wait for further direction before downloading and running MBAM again.
UPDATE: 5) I can no longer run MBAM. I downloaded a fresh install of MBAM from another PC onto a USB key and it will not run without the same "mbamcore" error. I have not run uninstall on the prior MBAM. At this point I am stopped from using MBAM. Will wait for further. Thank you for your time and efforts.

Results of screen317's Security Check version 0.99.24
Windows 7 x64 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:

MVPS Hosts File
Spybot - Search & Destroy 2
Adobe Reader X (10.1.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent

``````````End of Log````````````

Farbar Service Scanner Version: 01-03-2012
Ran by paul miller (administrator) on 07-04-2012 at 12:42:24
Running from "C:\Users\paul miller\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Minimal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.


Connection Status:
==============
Localhost is blocked.
There is no connection to network.
Attempt to access Google IP returned error: Other errors
Attempt to access Yahoo IP returend error: Other errors


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Defender:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


MiniToolBox by Farbar Version: 18-01-2012
Ran by paul miller (administrator) on 07-04-2012 at 12:45:11
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Minimal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 15177 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================



# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : paul-antec
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1

Ping request could not find host bleepingcomputer.com. Please check the name and try again.
Unable to contact IP driver. General failure.
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/07/2012 00:12:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x2fc
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3

Error: (04/07/2012 11:55:39 AM) (Source: Application Error) (User: )
Description: Faulting application name: MpCmdRun.exe, version: 3.0.8402.0, time stamp: 0x4db8b210
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000004e4b4
Faulting process id: 0x484
Faulting application start time: 0xMpCmdRun.exe0
Faulting application path: MpCmdRun.exe1
Faulting module path: MpCmdRun.exe2
Report Id: MpCmdRun.exe3

Error: (04/07/2012 11:33:43 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_MpsSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: bfe.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c4f7
Exception code: 0xc0000005
Fault offset: 0x0000000000003043
Faulting process id: 0x5dc
Faulting application start time: 0xsvchost.exe_MpsSvc0
Faulting application path: svchost.exe_MpsSvc1
Faulting module path: svchost.exe_MpsSvc2
Report Id: svchost.exe_MpsSvc3

Error: (04/07/2012 03:05:40 AM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (04/07/2012 03:05:37 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000005324e
Faulting process id: 0x4c8
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3

Error: (04/07/2012 02:56:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: sysmain.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9db
Exception code: 0xc0000005
Fault offset: 0x00000000000170c2
Faulting process id: 0x8ec
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report Id: svchost.exe_SysMain3

Error: (04/07/2012 02:56:57 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_MpsSvc, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x00000000000532d0
Faulting process id: 0x698
Faulting application start time: 0xsvchost.exe_MpsSvc0
Faulting application path: svchost.exe_MpsSvc1
Faulting module path: svchost.exe_MpsSvc2
Report Id: svchost.exe_MpsSvc3

Error: (04/07/2012 02:56:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: TeamViewer_Service.exe, version: 7.0.12979.0, time stamp: 0x4f67193e
Faulting module name: TeamViewer_Service.exe, version: 7.0.12979.0, time stamp: 0x4f67193e
Exception code: 0xc0000005
Fault offset: 0x00179d0f
Faulting process id: 0xb74
Faulting application start time: 0xTeamViewer_Service.exe0
Faulting application path: TeamViewer_Service.exe1
Faulting module path: TeamViewer_Service.exe2
Report Id: TeamViewer_Service.exe3

Error: (04/07/2012 02:56:38 AM) (Source: TeamViewer7) (User: )
Description: TeamViewer7TeamViewer7 failed with error "Verification of the TeamViewer service failed!" (1008)

Error: (04/07/2012 02:56:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x00000000000532d0
Faulting process id: 0x52c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3


System errors:
=============
Error: (04/07/2012 00:23:52 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated with the following error:
%%-2147017840

Error: (04/07/2012 00:23:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 grace period has expired. Protection against viruses, spyware, and other potentially unwanted software is disabled.

Expiration Reason: %%873

Expiration Date (UTC): ?4/?7/?2012 4:23:51 PM

Error Code: 0x80096010

Error Description: The digital signature of the object did not verify.

Error: (04/07/2012 00:19:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY59

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/07/2012 00:15:47 PM) (Source: Service Control Manager) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (04/07/2012 00:14:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/07/2012 00:14:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/07/2012 00:14:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/07/2012 00:14:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/07/2012 00:14:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (04/07/2012 00:14:51 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 0.0.0.0

Update Source: %NT AUTHORITY51

Update Stage: 3.0.8402.00

Source Path: 3.0.8402.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\NETWORK SERVICE

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (04/07/2012 00:12:07 PM) (Source: Application Error)(User: )
Description: LogonUI.exe6.1.7601.175144ce79f70unknown0.0.0.000000000c000000500000000000000002fc01cd14d923e60576C:\Windows\system32\LogonUI.exeunknown6bcf5b64-80cc-11e1-a5ac-00212f398520

Error: (04/07/2012 11:55:39 AM) (Source: Application Error)(User: )
Description: MpCmdRun.exe3.0.8402.04db8b210ntdll.dll6.1.7601.177254ec4aa8ec0000005000000000004e4b448401cd14d6d7bc0403c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exeC:\Windows\SYSTEM32\ntdll.dll1e8ed8f1-80ca-11e1-a931-6cf0490e46fc

Error: (04/07/2012 11:33:43 AM) (Source: Application Error)(User: )
Description: svchost.exe_MpsSvc6.1.7600.163854a5bc3c1bfe.dll6.1.7601.175144ce7c4f7c000000500000000000030435dc01cd14d3c825ced6C:\Windows\system32\svchost.exec:\windows\system32\bfe.dll0e791b8f-80c7-11e1-aae8-6cf0490e46fc

Error: (04/07/2012 03:05:40 AM) (Source: SecurityCenter)(User: )
Description:

Error: (04/07/2012 03:05:37 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.177254ec4aa8ec0000005000000000005324e4c801cd148cc81d5a80C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll13090e2b-8080-11e1-8bfa-6cf0490e46fc

Error: (04/07/2012 02:56:57 AM) (Source: Application Error)(User: )
Description: svchost.exe_SysMain6.1.7600.163854a5bc3c1sysmain.dll6.1.7601.175144ce7c9dbc000000500000000000170c28ec01cd148b868452a8C:\Windows\system32\svchost.exec:\windows\system32\sysmain.dlldd852903-807e-11e1-9073-6cf0490e46fc

Error: (04/07/2012 02:56:57 AM) (Source: Application Error)(User: )
Description: svchost.exe_MpsSvc6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.177254ec4aa8ec000000500000000000532d069801cd148b83e9b007C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dlldd82c7a3-807e-11e1-9073-6cf0490e46fc

Error: (04/07/2012 02:56:41 AM) (Source: Application Error)(User: )
Description: TeamViewer_Service.exe7.0.12979.04f67193eTeamViewer_Service.exe7.0.12979.04f67193ec000000500179d0fb7401cd148b90ddd549C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exeC:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exed3a533a0-807e-11e1-9073-6cf0490e46fc

Error: (04/07/2012 02:56:38 AM) (Source: TeamViewer7)(User: )
Description: TeamViewer7TeamViewer7 failed with error "Verification of the TeamViewer service failed!" (1008)

Error: (04/07/2012 02:56:31 AM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.177254ec4aa8ec000000500000000000532d052c01cd148b83664744C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllcde15e76-807e-11e1-9073-6cf0490e46fc


=========================== Installed Programs ============================

Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.63)
Adobe Reader X (10.1.2) (Version: 10.1.2)
CCleaner (Version: 3.16)
Firetip (Version: 4.1.0.0)
Immunet 3.0 (Version: 3.0.5.7688)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MiniTool Partition Wizard Home Edition 7.0
NVIDIA 3D Vision Controller Driver 295.73 (Version: 295.73)
NVIDIA 3D Vision Driver 295.73 (Version: 295.73)
NVIDIA Control Panel 295.73 (Version: 295.73)
NVIDIA Graphics Driver 295.73 (Version: 295.73)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0209)
NVIDIA PhysX System Software 9.12.0209 (Version: 9.12.0209)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9573)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
RoboForm 7-7-0 (All Users) (Version: 7-7-0)
Spybot - Search & Destroy 2 (Version: 2.0.7)
T4 Simulator (Version: )
TeamViewer 7 (Version: 7.0.12979)
TradeStation 9.1 (Version: 9.01.00.11828)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VS10Runtimex64 (Version: 1.0.0)
World of Warcraft (Version: 4.3.3.15354)

========================= Devices: ================================

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 14%
Total physical RAM: 4094.3 MB
Available physical RAM: 3495.95 MB
Total Pagefile: 8186.8 MB
Available Pagefile: 7610.84 MB
Total Virtual: 4095.88 MB
Available Virtual: 3980.14 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:390.63 GB) (Free:336.07 GB) NTFS
3 Drive d: (UNTITLED) (Removable) (Total:3.72 GB) (Free:3.63 GB) FAT32
4 Drive e: () (Fixed) (Total:540.88 GB) (Free:540.71 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator Barbara Miller Guest
paul miller UpdatusUser


**** End of log ****


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.02.03

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
paul miller :: PAUL-ANTEC [administrator]

4/7/2012 12:48:11 PM
mbam-log-2012-04-07 (12-48-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 209269
Time elapsed: 1 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\paul miller\Downloads\uSeRiNiT.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

(end)

Edited by pjdm, 07 April 2012 - 01:06 PM.


#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:51 AM

Posted 07 April 2012 - 01:09 PM

What about aswMBR?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#7 pjdm

pjdm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 07 April 2012 - 01:46 PM

No networking in safe mode so the latest Avast was not downloaded and here is the report (and thanks for your time):

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-07 14:42:20
-----------------------------
14:42:20.035 OS Version: Windows x64 6.1.7601 Service Pack 1
14:42:20.035 Number of processors: 2 586 0x170A
14:42:20.035 ComputerName: PAUL-ANTEC UserName:
14:42:20.597 Initialize success
14:43:04.714 AVAST engine download error: 0
14:43:24.464 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-7
14:43:24.464 Disk 0 Vendor: WDC_WD1001FALS-00E8B0 05.00K05 Size: 953869MB BusType: 3
14:43:24.479 Disk 0 MBR read successfully
14:43:24.479 Disk 0 MBR scan
14:43:24.479 Disk 0 Windows 7 default MBR code
14:43:24.479 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 400001 MB offset 63
14:43:24.479 Disk 0 Partition - 00 0F Extended LBA 553865 MB offset 819202545
14:43:24.495 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 553865 MB offset 819202608
14:43:24.526 Disk 0 scanning C:\Windows\system32\drivers
14:43:28.301 Service scanning
14:43:31.562 Service MpNWMon C:\Windows\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
14:43:36.382 Modules scanning
14:43:36.382 Disk 0 trace - called modules:
14:43:36.398 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
14:43:36.398 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045f3060]
14:43:36.398 3 CLASSPNP.SYS[fffff8800196d43f] -> nt!IofCallDriver -> [0xfffffa8003ff6e40]
14:43:36.413 5 ACPI.sys[fffff88000ee87a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T1L0-7[0xfffffa80041d0060]
14:43:36.413 Scan finished successfully
14:44:04.493 Disk 0 MBR has been saved successfully to "D:\MBR.dat"
14:44:04.509 The log file has been saved successfully to "D:\aswMBR.txt"

Edited by pjdm, 07 April 2012 - 01:49 PM.


#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,665 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:03:51 AM

Posted 07 April 2012 - 03:06 PM

I think you need more advanced checkup.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#9 pjdm

pjdm
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:06:51 AM

Posted 07 April 2012 - 04:52 PM

I am performing those steps now. Thanks for your time in this matter.

UPDATE: I have now posted in this link and my PC is completely unusable now. It will not boot, repair, safe mode or anything any longer.

Edited by pjdm, 07 April 2012 - 08:56 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users