Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Annoying cell phone shaped popup and random redirects


  • Please log in to reply
12 replies to this topic

#1 northernmom

northernmom

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 13 April 2012 - 09:42 AM

Hello - thank you for your service - I have searched for my problem and haven't found a solution.

I recently started to receive a cell phone shaped popup in the lower right corner of my browser when on certain websites. It will allow me to close it then reduces to a small window labeled "Recommended for You". I have tried to determine who is responsible for this by right clicking and checking the menu options, but there is no information that I can see. There is no option to unsubscribe or uninstall.

At the same time I have noticed occasional redirects on web links. They appear to be from random sites. I don't know if the two are related.

In assuming that I or one of the kids accidentally clicked and installed something, I attempted to run a system restore. I was surprise to see that even though I have system protection turned on for all drives, I had no restore points. Within the past 2 weeks I used system restore and had several points to choose from. Maybe doing a restore wipes out other restore points. I'm not super computer savvy. Or maybe this is related too.

I am running Windows 7 64 bit, Firefox and have McAfee installed. I have run a scan and have turned up no issues.

Thank you in advance for any help you can offer.

I have a screen shot of the irritating popup but I can't figure out how to insert it. Please give directions if you'd like to see it. Thanks.

BC AdBot (Login to Remove)

 


#2 ITGeekGirl

ITGeekGirl

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Michigan
  • Local time:11:19 AM

Posted 13 April 2012 - 09:44 AM

Sounds like you have a hijacker-ish problem. Have you tried running malwarebytes? We had something similar on some of the game design hard drives here and malwarebytes cleaned it right up.

P.S. McAfee only scans for Viruses, and not really rogue programs.

P.P.S. I'm only slightly more computer savvy than the average bear, but virus problems usually come to me here at the college.

Edited by ITGeekGirl, 13 April 2012 - 09:49 AM.


#3 northernmom

northernmom
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 13 April 2012 - 11:58 AM

yes, I did run a full scan with Malwarebytes and there were no issues.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 PM

Posted 13 April 2012 - 10:32 PM

Hello. take it a bit further.
First some system info.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.





Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.



EDIT: Inserting An Image Within A Post

Edited by boopme, 13 April 2012 - 10:34 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Scooter Trash

Scooter Trash

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:19 PM

Posted 14 April 2012 - 07:34 AM

I recently started to receive a cell phone shaped popup in the lower right corner of my browser when on certain websites. It will allow me to close it then reduces to a small window labeled "Recommended for You". I have tried to determine who is responsible for this by right clicking and checking the menu options, but there is no information that I can see. There is no option to unsubscribe or uninstall.

At the same time I have noticed occasional redirects on web links. They appear to be from random sites. I don't know if the two are related.


I am running Windows 7 64 bit, Firefox and have McAfee installed.


FWIW: I had the same two issues on a similar machine. I ran several antivirus and anti-malware apps. Finally I installed the 30 day evaluation version of Kaspersky antivirus. Kasperski found a Java exploit. I removed the java exploit and then still got one of the random redirects. But Kaspersky blocked the redirect. I checked the Kaspersky report and it showed that the redirect came from Yahoo Messenger. I've uninstalled Yahoo Messenger and no longer have the "recommended for you" issue in FireFox, and have not yet had a random redirect.

#6 northernmom

northernmom
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 16 April 2012 - 11:05 AM

I've completed the steps.

1) MiniToolBox results

MiniToolBox by Farbar Version: 18-01-2012
Ran by Rengos (administrator) on 16-04-2012 at 08:10:27
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

(lots of blank lines I deleted)

188.119.151.111 www.google-analytics.com.
188.119.151.111 ad-emea.doubleclick.net.
188.119.151.111 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : HomeLaptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 4C-80-93-4F-E2-60
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 4C-80-93-4F-E2-60
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
Physical Address. . . . . . . . . : 4C-80-93-4F-E2-5F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8962:8bc7:7fdf:bdb2%14(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, April 16, 2012 6:05:39 AM
Lease Expires . . . . . . . . . . : Tuesday, April 17, 2012 6:05:39 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 357335187
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-7E-14-6B-24-B6-FD-0A-3A-51
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 24-B6-FD-0A-3A-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 4C-80-93-4F-E2-63
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{B7A9740D-317D-49E4-9007-CC3B43631CCD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9C20BD1F-426B-410F-B966-AFB09F583BDD}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{2993047A-4DBA-4E7B-A7C8-AB5B738F5A7B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2c0d:23e8:b45c:e2c8(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c0d:23e8:b45c:e2c8%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{E513E814-C457-4943-8CEA-11CFF576EB9C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{363A3617-637E-4AAA-BBC1-BB7430DCEA75}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.225.5
74.125.225.6
74.125.225.7
74.125.225.8
74.125.225.9
74.125.225.14
74.125.225.0
74.125.225.1
74.125.225.2
74.125.225.3
74.125.225.4


Pinging google.com [74.125.225.6] with 32 bytes of data:
Reply from 74.125.225.6: bytes=32 time=147ms TTL=55
Reply from 74.125.225.6: bytes=32 time=61ms TTL=55

Ping statistics for 74.125.225.6:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 61ms, Maximum = 147ms, Average = 104ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=80ms TTL=52
Reply from 209.191.122.70: bytes=32 time=79ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 79ms, Maximum = 80ms, Average = 79ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...4c 80 93 4f e2 60 ......Microsoft Virtual WiFi Miniport Adapter #2
15...4c 80 93 4f e2 60 ......Microsoft Virtual WiFi Miniport Adapter
14...4c 80 93 4f e2 5f ......Intel® Centrino® Wireless-N 1030
13...24 b6 fd 0a 3a 51 ......Realtek PCIe FE Family Controller
12...4c 80 93 4f e2 63 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.5 281
192.168.1.5 255.255.255.255 On-link 192.168.1.5 281
192.168.1.255 255.255.255.255 On-link 192.168.1.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:2c0d:23e8:b45c:e2c8/128
On-link
14 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::2c0d:23e8:b45c:e2c8/128
On-link
14 281 fe80::8962:8bc7:7fdf:bdb2/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
14 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/16/2012 06:05:31 AM) (Source: McLogEvent) (User: SYSTEM)SYSTEM
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 4116 (0x1014)

Thread address : 0x0000000077C9138A

Thread message :

Build VSCORE.14.4.0.380 / 5400.1158
Object being scanned = \Device\HarddiskVolume3\windows\system32\clfs.sys
by C:\windows\system32\svchost.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (04/15/2012 07:51:55 PM) (Source: Application Error) (User: )
Description: Faulting application name: Adobe Premiere Elements.exe, version: 9.0.0.0, time stamp: 0x4ca3d37f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1f98
Faulting application start time: 0xAdobe Premiere Elements.exe0
Faulting application path: Adobe Premiere Elements.exe1
Faulting module path: Adobe Premiere Elements.exe2
Report Id: Adobe Premiere Elements.exe3

Error: (04/15/2012 04:54:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: Adobe Premiere Elements.exe, version: 9.0.0.0, time stamp: 0x4ca3d37f
Faulting module name: xerces-c_3_0.dll, version: 3.0.0.0, time stamp: 0x4936a5bb
Exception code: 0xc0000005
Fault offset: 0x00008277
Faulting process id: 0x1bd8
Faulting application start time: 0xAdobe Premiere Elements.exe0
Faulting application path: Adobe Premiere Elements.exe1
Faulting module path: Adobe Premiere Elements.exe2
Report Id: Adobe Premiere Elements.exe3

Error: (04/15/2012 04:46:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: Adobe Premiere Elements.exe, version: 9.0.0.0, time stamp: 0x4ca3d37f
Faulting module name: xerces-c_3_0.dll, version: 3.0.0.0, time stamp: 0x4936a5bb
Exception code: 0xc0000005
Fault offset: 0x00008277
Faulting process id: 0x1f90
Faulting application start time: 0xAdobe Premiere Elements.exe0
Faulting application path: Adobe Premiere Elements.exe1
Faulting module path: Adobe Premiere Elements.exe2
Report Id: Adobe Premiere Elements.exe3

Error: (04/15/2012 04:29:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: EXPLORERFRAME.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c6a8
Exception code: 0xc0000005
Fault offset: 0x000000000002f5dd
Faulting process id: 0x5bc
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (04/15/2012 04:06:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2012 01:34:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/12/2012 10:59:53 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2012 03:29:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2012 03:07:27 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (04/16/2012 06:05:40 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (04/15/2012 04:04:49 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/13/2012 03:11:01 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/12/2012 03:30:56 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/12/2012 03:30:26 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (04/09/2012 09:07:32 AM) (Source: BugCheck) (User: )
Description: 0x000000c2 (0x0000000000000007, 0x000000000000109b, 0x0000000000040008, 0xfffffa800cb525e0)C:\windows\MEMORY.DMP040912-22245-01

Error: (04/09/2012 09:07:24 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:05:54 AM on ?4/?9/?2012 was unexpected.

Error: (04/07/2012 10:45:05 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (04/06/2012 06:14:34 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer NORDICLAPTOP
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9C20BD1F-426B-410F-B966-AFB09F583BDD}.
The master browser is stopping or an election is being forced.

Error: (04/06/2012 00:27:33 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Accidental Damage Services Agreement (Version: 2.0.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.0.1.152)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Adobe Photoshop Elements 9 (Version: 9.0)
Adobe Photoshop.com Inspiration Browser (Version: 3.09)
Adobe Premiere Elements 9 (Version: 9.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
Ashampoo Burning Studio 6 FREE v.6.80 (Version: 6.8.0)
Banctec Service Agreement (Version: 2.0.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.3.7140)
Bounce Symphony (Version: 2.2.0.95)
Build-a-lot 2 (Version: 2.2.0.95)
BurnAware Free 4.8
Cake Mania (Version: 2.2.0.95)
Chuzzle Deluxe (Version: 2.2.0.95)
Complete Care Business Service Agreement (Version: 2.0.0)
Conduit Engine (Version: )
Consumer In-Home Service Agreement (Version: 2.0.0)
Cozi (Version: 1.0.6505.38692)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 2.1.19634)
Dell Digital Delivery (Version: 2.0.1012.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Stage (Version: 1.5.420.0)
Dell Support Center (Version: 3.1.5907.23)
Dell Touchpad (Version: 7.1209.101.204)
Dell VideoStage (Version: 1.2.0.1712)
Dell Webcam Central (Version: 2.00.44)
Diner Dash 2 Restaurant Rescue (Version: 2.2.0.95)
DirectX 9 Runtime (Version: 1.00.0000)
Dora's World Adventure (Version: 2.2.0.95)
Elements 9 Organizer (Version: 9.0)
Elements STI Installer (Version: 1.0)
Escape Whisper Valley ™ (Version: 2.2.0.95)
Farm Frenzy (Version: 2.2.0.95)
FATE (Version: 2.2.0.95)
Final Drive Fury (Version: 2.2.0.95)
Final Drive Nitro (Version: 2.2.0.95)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
High-Definition Video Playback (Version: 7.3.10000.0.0)
IDT Audio (Version: 1.0.6324.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1118)
Intel® Processor Graphics (Version: 8.15.10.2361)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.2.0.0587)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.1000)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® WiDi (Version: 2.1.41.0)
Intel® Wireless Display
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 27 (64-bit) (Version: 6.0.270)
Java™ 6 Update 30 (Version: 6.0.300)
Jewel Quest (Version: 2.2.0.95)
Jewel Quest Solitaire 2 (Version: 2.2.0.95)
Junk Mail filter update (Version: 15.4.3502.0922)
Luxor (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee SecurityCenter (Version: 11.0.654)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.6106.5001)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Mozilla Firefox 11.0 (x86 en-US) (Version: 11.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyAshampoo Toolbar (Version: 6.2.6.0)
Namco All-Stars PAC-MAN (Version: 2.2.0.95)
Nero 10 Movie ThemePack Basic (Version: 10.2.10200.0.0)
Nero Control Center 10 (Version: 10.6.12500.0.5)
Nero ControlCenter 10 Help (CHM) (Version: 10.2.10800)
Nero Core Components 10 (Version: 2.0.20000.9.12)
Nero Update (Version: 1.0.0018)
Nike+ Connect (Version: 3.3.0)
Penguins! (Version: 2.2.0.95)
PhotoShowExpress (Version: 2.0.063)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.95)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Premium Service Agreement (Version: 2.0.0)
QualxServ Service Agreement (Version: 2.0.0)
Quickset64 (Version: 10.09.25)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek Ethernet Controller Driver (Version: 7.31.1025.2010)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Samantha Swift (Version: 2.2.0.95)
Skype™ 5.5 (Version: 5.5.119)
SmartSound Quicktracks for Premiere Elements 9.0 (Version: 3.12.3090)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SyncUP (Version: 1.10.11100.8.106)
SyncUP (Version: 10.2.15400)
TI USB 3.0 Host Controller Driver (Version: 1.12.14.0)
TI USB3 Host Driver (Version: 1.12.14.0)
TrustedID (Version: 5.0)
TrustedID IDMonitor Identity Protection (Version: 1.1.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.95)
Wedding Dash - Ready, Aim, Love! (Version: 2.2.0.95)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (Dell Games) (Version: 4.0.5.36)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Xvid 1.2.2 final uninstall (Version: 1.2)
Zinio Reader 4 (Version: 4.2.4164)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 23%
Total physical RAM: 6050.05 MB
Available physical RAM: 4609.16 MB
Total Pagefile: 12098.3 MB
Available Pagefile: 9488.15 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.72 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:130.9 GB) NTFS
4 Drive y: (Recovery) (Fixed) (Total:14.65 GB) (Free:2.7 GB) NTFS

========================= Users: ========================================

User accounts for \\HOMELAPTOP

Administrator Guest Rengos


**** End of log ****

2) TDSSKiller results:

08:14:30.0382 5672 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
08:14:31.0616 5672 ============================================================
08:14:31.0616 5672 Current date / time: 2012/04/16 08:14:31.0616
08:14:31.0616 5672 SystemInfo:
08:14:31.0616 5672
08:14:31.0616 5672 OS Version: 6.1.7601 ServicePack: 1.0
08:14:31.0616 5672 Product type: Workstation
08:14:31.0616 5672 ComputerName: HOMELAPTOP
08:14:31.0617 5672 UserName: Rengos
08:14:31.0617 5672 Windows directory: C:\windows
08:14:31.0617 5672 System windows directory: C:\windows
08:14:31.0617 5672 Running under WOW64
08:14:31.0617 5672 Processor architecture: Intel x64
08:14:31.0617 5672 Number of processors: 4
08:14:31.0617 5672 Page size: 0x1000
08:14:31.0617 5672 Boot type: Normal boot
08:14:31.0617 5672 ============================================================
08:14:32.0665 5672 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:14:32.0669 5672 \Device\Harddisk0\DR0:
08:14:32.0669 5672 MBR used
08:14:32.0669 5672 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
08:14:32.0669 5672 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
08:14:32.0699 5672 Initialize success
08:14:32.0699 5672 ============================================================
08:14:52.0780 3648 ============================================================
08:14:52.0780 3648 Scan started
08:14:52.0780 3648 Mode: Manual; TDLFS;
08:14:52.0780 3648 ============================================================
08:14:53.0609 3648 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:14:53.0670 3648 1394ohci - ok
08:14:53.0734 3648 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:14:53.0744 3648 ACPI - ok
08:14:53.0790 3648 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:14:53.0846 3648 AcpiPmi - ok
08:14:53.0973 3648 AdobeActiveFileMonitor9.0 (1474f121c3df1232d3e7239c03691ee6) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
08:14:53.0977 3648 AdobeActiveFileMonitor9.0 - ok
08:14:54.0129 3648 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:14:54.0188 3648 AdobeARMservice - ok
08:14:54.0284 3648 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
08:14:54.0322 3648 adp94xx - ok
08:14:54.0386 3648 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
08:14:54.0424 3648 adpahci - ok
08:14:54.0459 3648 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
08:14:54.0475 3648 adpu320 - ok
08:14:54.0536 3648 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:14:54.0539 3648 AeLookupSvc - ok
08:14:54.0607 3648 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
08:14:54.0661 3648 AESTFilters - ok
08:14:54.0827 3648 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:14:54.0835 3648 AFD - ok
08:14:54.0896 3648 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:14:54.0907 3648 agp440 - ok
08:14:54.0968 3648 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:14:54.0980 3648 ALG - ok
08:14:55.0038 3648 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:14:55.0043 3648 aliide - ok
08:14:55.0080 3648 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:14:55.0085 3648 amdide - ok
08:14:55.0129 3648 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
08:14:55.0139 3648 AmdK8 - ok
08:14:55.0171 3648 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
08:14:55.0181 3648 AmdPPM - ok
08:14:55.0233 3648 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
08:14:55.0313 3648 amdsata - ok
08:14:55.0371 3648 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
08:14:55.0389 3648 amdsbs - ok
08:14:55.0430 3648 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
08:14:55.0432 3648 amdxata - ok
08:14:55.0511 3648 AMPPAL (3bc90482a834f998c3b7a9c934a20342) C:\windows\system32\DRIVERS\AMPPAL.sys
08:14:55.0577 3648 AMPPAL - ok
08:14:55.0617 3648 AMPPALP (3bc90482a834f998c3b7a9c934a20342) C:\windows\system32\DRIVERS\amppal.sys
08:14:55.0623 3648 AMPPALP - ok
08:14:55.0730 3648 AMPPALR3 (a47d7febd9381d34ddb4ff38b15a67fe) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
08:14:55.0778 3648 AMPPALR3 - ok
08:14:55.0895 3648 ApfiltrService (24ed0eb2b2558970176ecee680f8f806) C:\windows\system32\DRIVERS\Apfiltr.sys
08:14:55.0955 3648 ApfiltrService - ok
08:14:56.0031 3648 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:14:56.0074 3648 AppID - ok
08:14:56.0164 3648 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:14:56.0174 3648 AppIDSvc - ok
08:14:56.0209 3648 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:14:56.0246 3648 Appinfo - ok
08:14:56.0321 3648 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
08:14:56.0330 3648 arc - ok
08:14:56.0361 3648 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
08:14:56.0376 3648 arcsas - ok
08:14:56.0482 3648 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:14:56.0550 3648 aspnet_state - ok
08:14:56.0606 3648 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:14:56.0617 3648 AsyncMac - ok
08:14:56.0675 3648 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:14:56.0680 3648 atapi - ok
08:14:56.0764 3648 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:14:56.0846 3648 AudioEndpointBuilder - ok
08:14:56.0907 3648 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:14:56.0957 3648 AudioSrv - ok
08:14:57.0011 3648 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:14:57.0055 3648 AxInstSV - ok
08:14:57.0123 3648 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
08:14:57.0160 3648 b06bdrv - ok
08:14:57.0229 3648 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:14:57.0247 3648 b57nd60a - ok
08:14:57.0327 3648 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:14:57.0338 3648 BDESVC - ok
08:14:57.0388 3648 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:14:57.0400 3648 Beep - ok
08:14:57.0472 3648 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
08:14:57.0539 3648 BFE - ok
08:14:57.0599 3648 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
08:14:57.0655 3648 BITS - ok
08:14:57.0696 3648 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:14:57.0708 3648 blbdrive - ok
08:14:57.0836 3648 Bluetooth Device Monitor (5ff7b9916a10e8e69e7c0d16f0b4787a) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
08:14:58.0823 3648 Bluetooth Device Monitor - ok
08:14:58.0867 3648 Bluetooth Media Service (e43d73caf1023976efba1d0f0e69e271) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
08:14:59.0976 3648 Bluetooth Media Service - ok
08:15:00.0032 3648 Bluetooth OBEX Service (20427929646784a482df34ef8c4fed23) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
08:15:01.0071 3648 Bluetooth OBEX Service - ok
08:15:01.0160 3648 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:15:01.0163 3648 bowser - ok
08:15:01.0224 3648 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
08:15:01.0236 3648 BrFiltLo - ok
08:15:01.0267 3648 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
08:15:01.0277 3648 BrFiltUp - ok
08:15:01.0355 3648 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:15:01.0404 3648 Browser - ok
08:15:01.0468 3648 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:15:01.0489 3648 Brserid - ok
08:15:01.0521 3648 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:15:01.0525 3648 BrSerWdm - ok
08:15:01.0565 3648 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:15:01.0574 3648 BrUsbMdm - ok
08:15:01.0615 3648 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:15:01.0622 3648 BrUsbSer - ok
08:15:01.0677 3648 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\DRIVERS\BthEnum.sys
08:15:01.0686 3648 BthEnum - ok
08:15:01.0745 3648 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
08:15:01.0753 3648 BTHMODEM - ok
08:15:01.0795 3648 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
08:15:01.0805 3648 BthPan - ok
08:15:01.0876 3648 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\system32\Drivers\BTHport.sys
08:15:01.0885 3648 BTHPORT - ok
08:15:01.0933 3648 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:15:01.0941 3648 bthserv - ok
08:15:02.0009 3648 BTHSSecurityMgr (9e2af97302b9f4bf97e952a865eb31ae) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
08:15:02.0075 3648 BTHSSecurityMgr - ok
08:15:02.0161 3648 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\system32\Drivers\BTHUSB.sys
08:15:02.0164 3648 BTHUSB - ok
08:15:02.0218 3648 btmaudio (274e47bd9c1367bdbfa9df10c2e6c544) C:\windows\system32\drivers\btmaud.sys
08:15:02.0278 3648 btmaudio - ok
08:15:02.0319 3648 btmaux (75eab5aaf6e9f83739249ce60b4b9c39) C:\windows\system32\DRIVERS\btmaux.sys
08:15:02.0371 3648 btmaux - ok
08:15:02.0423 3648 btmhsf (0b1cc2221dc5990e4557a78ce9afad4f) C:\windows\system32\DRIVERS\btmhsf.sys
08:15:02.0488 3648 btmhsf - ok
08:15:02.0526 3648 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:15:02.0531 3648 cdfs - ok
08:15:02.0593 3648 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
08:15:02.0642 3648 cdrom - ok
08:15:02.0698 3648 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:15:02.0776 3648 CertPropSvc - ok
08:15:02.0843 3648 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\windows\system32\drivers\cfwids.sys
08:15:02.0907 3648 cfwids - ok
08:15:02.0947 3648 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
08:15:02.0954 3648 circlass - ok
08:15:02.0996 3648 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:15:03.0019 3648 CLFS - ok
08:15:03.0094 3648 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:15:03.0104 3648 clr_optimization_v2.0.50727_32 - ok
08:15:03.0137 3648 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:15:03.0151 3648 clr_optimization_v2.0.50727_64 - ok
08:15:03.0201 3648 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:15:03.0276 3648 clr_optimization_v4.0.30319_32 - ok
08:15:03.0352 3648 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:15:03.0425 3648 clr_optimization_v4.0.30319_64 - ok
08:15:03.0501 3648 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:15:03.0511 3648 CmBatt - ok
08:15:03.0555 3648 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:15:03.0565 3648 cmdide - ok
08:15:03.0640 3648 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
08:15:03.0666 3648 CNG - ok
08:15:03.0702 3648 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
08:15:03.0712 3648 Compbatt - ok
08:15:03.0751 3648 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
08:15:03.0812 3648 CompositeBus - ok
08:15:03.0846 3648 COMSysApp - ok
08:15:03.0888 3648 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
08:15:03.0895 3648 crcdisk - ok
08:15:03.0961 3648 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
08:15:04.0012 3648 CryptSvc - ok
08:15:04.0093 3648 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\windows\system32\DRIVERS\CtClsFlt.sys
08:15:04.0164 3648 CtClsFlt - ok
08:15:04.0291 3648 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
08:15:04.0325 3648 cvhsvc - ok
08:15:04.0410 3648 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:15:04.0465 3648 DcomLaunch - ok
08:15:04.0505 3648 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:15:04.0507 3648 defragsvc - ok
08:15:04.0591 3648 DellDigitalDelivery (742e683ce96ec699ad74926f4f65551d) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
08:15:04.0676 3648 DellDigitalDelivery - ok
08:15:04.0758 3648 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:15:04.0803 3648 DfsC - ok
08:15:04.0873 3648 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:15:04.0918 3648 Dhcp - ok
08:15:04.0958 3648 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:15:04.0958 3648 discache - ok
08:15:04.0999 3648 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
08:15:05.0001 3648 Disk - ok
08:15:05.0042 3648 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:15:05.0072 3648 Dnscache - ok
08:15:05.0087 3648 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:15:05.0115 3648 dot3svc - ok
08:15:05.0125 3648 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:15:05.0150 3648 DPS - ok
08:15:05.0195 3648 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:15:05.0203 3648 drmkaud - ok
08:15:05.0253 3648 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:15:05.0373 3648 DXGKrnl - ok
08:15:05.0400 3648 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:15:05.0403 3648 EapHost - ok
08:15:05.0503 3648 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
08:15:05.0597 3648 ebdrv - ok
08:15:05.0635 3648 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:15:05.0669 3648 EFS - ok
08:15:05.0734 3648 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:15:05.0822 3648 ehRecvr - ok
08:15:05.0836 3648 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:15:05.0840 3648 ehSched - ok
08:15:05.0922 3648 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
08:15:05.0962 3648 elxstor - ok
08:15:06.0011 3648 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:15:06.0020 3648 ErrDev - ok
08:15:06.0105 3648 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:15:06.0121 3648 EventSystem - ok
08:15:06.0252 3648 EvtEng (b20a788579e443f768aab1a24f705d0a) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
08:15:06.0308 3648 EvtEng - ok
08:15:06.0896 3648 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:15:06.0915 3648 exfat - ok
08:15:06.0973 3648 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:15:06.0987 3648 fastfat - ok
08:15:07.0072 3648 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:15:07.0146 3648 Fax - ok
08:15:07.0197 3648 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
08:15:07.0206 3648 fdc - ok
08:15:07.0260 3648 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:15:07.0269 3648 fdPHost - ok
08:15:07.0301 3648 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:15:07.0305 3648 FDResPub - ok
08:15:07.0341 3648 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:15:07.0346 3648 FileInfo - ok
08:15:07.0381 3648 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:15:07.0389 3648 Filetrace - ok
08:15:07.0431 3648 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
08:15:07.0440 3648 flpydisk - ok
08:15:07.0486 3648 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:15:07.0491 3648 FltMgr - ok
08:15:07.0572 3648 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
08:15:07.0651 3648 FontCache - ok
08:15:07.0740 3648 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:15:07.0741 3648 FontCache3.0.0.0 - ok
08:15:07.0783 3648 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:15:07.0792 3648 FsDepends - ok
08:15:07.0872 3648 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:15:07.0946 3648 Fs_Rec - ok
08:15:08.0006 3648 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:15:08.0011 3648 fvevol - ok
08:15:08.0056 3648 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
08:15:08.0070 3648 gagp30kx - ok
08:15:08.0139 3648 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:15:08.0201 3648 GamesAppService - ok
08:15:08.0282 3648 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:15:08.0367 3648 gpsvc - ok
08:15:08.0441 3648 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:15:08.0445 3648 gupdate - ok
08:15:08.0463 3648 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:15:08.0466 3648 gupdatem - ok
08:15:08.0524 3648 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:15:08.0532 3648 hcw85cir - ok
08:15:08.0593 3648 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:15:08.0668 3648 HdAudAddService - ok
08:15:08.0707 3648 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
08:15:08.0740 3648 HDAudBus - ok
08:15:08.0782 3648 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
08:15:08.0790 3648 HidBatt - ok
08:15:08.0848 3648 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
08:15:08.0858 3648 HidBth - ok
08:15:08.0904 3648 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
08:15:08.0913 3648 HidIr - ok
08:15:08.0974 3648 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:15:08.0984 3648 hidserv - ok
08:15:09.0025 3648 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:15:09.0088 3648 HidUsb - ok
08:15:09.0150 3648 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:15:09.0201 3648 hkmsvc - ok
08:15:09.0237 3648 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:15:09.0286 3648 HomeGroupListener - ok
08:15:09.0315 3648 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:15:09.0319 3648 HomeGroupProvider - ok
08:15:09.0371 3648 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:15:09.0424 3648 HpSAMD - ok
08:15:09.0467 3648 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:15:09.0517 3648 HTTP - ok
08:15:09.0539 3648 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:15:09.0564 3648 hwpolicy - ok
08:15:09.0597 3648 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
08:15:09.0603 3648 i8042prt - ok
08:15:09.0655 3648 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\windows\system32\DRIVERS\iaStor.sys
08:15:09.0699 3648 iaStor - ok
08:15:09.0789 3648 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:15:09.0845 3648 IAStorDataMgrSvc - ok
08:15:09.0925 3648 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
08:15:10.0018 3648 iaStorV - ok
08:15:10.0074 3648 iBtFltCoex (8a4ec1c3f10385181b1066120c610ae5) C:\windows\system32\DRIVERS\iBtFltCoex.sys
08:15:10.0116 3648 iBtFltCoex - ok
08:15:10.0222 3648 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:15:10.0302 3648 idsvc - ok
08:15:10.0608 3648 igfx (174bcac474de13b2650e444cf124828e) C:\windows\system32\DRIVERS\igdkmd64.sys
08:15:10.0971 3648 igfx - ok
08:15:11.0067 3648 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
08:15:11.0080 3648 iirsp - ok
08:15:11.0143 3648 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:15:11.0219 3648 IKEEXT - ok
08:15:11.0277 3648 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\windows\system32\drivers\intelaud.sys
08:15:11.0339 3648 intaud_WaveExtensible - ok
08:15:11.0403 3648 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
08:15:11.0461 3648 IntcDAud - ok
08:15:11.0485 3648 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:15:11.0487 3648 intelide - ok
08:15:11.0523 3648 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:15:11.0537 3648 intelppm - ok
08:15:11.0577 3648 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:15:11.0593 3648 IPBusEnum - ok
08:15:11.0635 3648 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:15:11.0697 3648 IpFilterDriver - ok
08:15:11.0731 3648 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
08:15:11.0738 3648 iphlpsvc - ok
08:15:11.0765 3648 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:15:11.0798 3648 IPMIDRV - ok
08:15:11.0810 3648 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:15:11.0815 3648 IPNAT - ok
08:15:11.0844 3648 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:15:11.0852 3648 IRENUM - ok
08:15:11.0865 3648 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:15:11.0868 3648 isapnp - ok
08:15:11.0911 3648 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:15:11.0973 3648 iScsiPrt - ok
08:15:12.0011 3648 iwdbus (716f66336f10885d935b08174dc54242) C:\windows\system32\DRIVERS\iwdbus.sys
08:15:12.0062 3648 iwdbus - ok
08:15:12.0108 3648 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
08:15:12.0122 3648 kbdclass - ok
08:15:12.0144 3648 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
08:15:12.0187 3648 kbdhid - ok
08:15:12.0227 3648 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:15:12.0260 3648 KeyIso - ok
08:15:12.0287 3648 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
08:15:12.0288 3648 KSecDD - ok
08:15:12.0311 3648 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
08:15:12.0315 3648 KSecPkg - ok
08:15:12.0368 3648 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:15:12.0378 3648 ksthunk - ok
08:15:12.0417 3648 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:15:12.0453 3648 KtmRm - ok
08:15:12.0499 3648 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:15:12.0559 3648 LanmanServer - ok
08:15:12.0605 3648 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:15:12.0652 3648 LanmanWorkstation - ok
08:15:12.0715 3648 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:15:12.0727 3648 lltdio - ok
08:15:12.0794 3648 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:15:12.0825 3648 lltdsvc - ok
08:15:12.0851 3648 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:15:12.0856 3648 lmhosts - ok
08:15:12.0961 3648 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:15:12.0967 3648 LMS - ok
08:15:13.0042 3648 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
08:15:13.0054 3648 LSI_FC - ok
08:15:13.0105 3648 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
08:15:13.0114 3648 LSI_SAS - ok
08:15:13.0144 3648 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
08:15:13.0151 3648 LSI_SAS2 - ok
08:15:13.0202 3648 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
08:15:13.0214 3648 LSI_SCSI - ok
08:15:13.0268 3648 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:15:13.0271 3648 luafv - ok
08:15:13.0368 3648 McAWFwk (9504f1dda1b67fb8d526fd4f8cc882f3) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
08:15:13.0438 3648 McAWFwk - ok
08:15:13.0478 3648 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:15:13.0483 3648 McMPFSvc - ok
08:15:13.0510 3648 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:15:13.0515 3648 mcmscsvc - ok
08:15:13.0535 3648 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:15:13.0538 3648 McNaiAnn - ok
08:15:13.0566 3648 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:15:13.0567 3648 McNASvc - ok
08:15:13.0645 3648 McODS (c6232488cdbf063ce077fc7f8f8c248c) C:\Program Files\mcafee\VirusScan\mcods.exe
08:15:13.0716 3648 McODS - ok
08:15:13.0777 3648 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:15:13.0782 3648 McOobeSv - ok
08:15:13.0819 3648 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
08:15:13.0820 3648 McProxy - ok
08:15:13.0863 3648 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
08:15:13.0920 3648 McShield - ok
08:15:13.0989 3648 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:15:14.0035 3648 Mcx2Svc - ok
08:15:14.0082 3648 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
08:15:14.0095 3648 megasas - ok
08:15:14.0134 3648 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
08:15:14.0154 3648 MegaSR - ok
08:15:14.0197 3648 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\windows\system32\DRIVERS\HECIx64.sys
08:15:14.0199 3648 MEIx64 - ok
08:15:14.0245 3648 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\windows\system32\drivers\mfeapfk.sys
08:15:14.0251 3648 mfeapfk - ok
08:15:14.0296 3648 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\windows\system32\drivers\mfeavfk.sys
08:15:14.0368 3648 mfeavfk - ok
08:15:14.0405 3648 mfeavfk01 - ok
08:15:14.0499 3648 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
08:15:14.0552 3648 mfefire - ok
08:15:14.0617 3648 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\windows\system32\drivers\mfefirek.sys
08:15:14.0701 3648 mfefirek - ok
08:15:14.0784 3648 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\windows\system32\drivers\mfehidk.sys
08:15:14.0795 3648 mfehidk - ok
08:15:14.0848 3648 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\windows\system32\DRIVERS\mfenlfk.sys
08:15:14.0908 3648 mfenlfk - ok
08:15:14.0961 3648 mferkdet (65776bd8029e409935b90de30bf99526) C:\windows\system32\drivers\mferkdet.sys
08:15:15.0026 3648 mferkdet - ok
08:15:15.0061 3648 mfevtp (8f3b3c3625e3aaa11d6d4db8423e1721) C:\Windows\system32\mfevtps.exe
08:15:15.0116 3648 mfevtp - ok
08:15:15.0135 3648 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\windows\system32\drivers\mfewfpk.sys
08:15:15.0136 3648 mfewfpk - ok
08:15:15.0177 3648 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:15:15.0180 3648 MMCSS - ok
08:15:15.0214 3648 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:15:15.0221 3648 Modem - ok
08:15:15.0284 3648 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:15:15.0296 3648 monitor - ok
08:15:15.0323 3648 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:15:15.0328 3648 mouclass - ok
08:15:15.0368 3648 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:15:15.0380 3648 mouhid - ok
08:15:15.0410 3648 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:15:15.0412 3648 mountmgr - ok
08:15:15.0437 3648 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:15:15.0507 3648 mpio - ok
08:15:15.0527 3648 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:15:15.0532 3648 mpsdrv - ok
08:15:15.0585 3648 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
08:15:15.0619 3648 MpsSvc - ok
08:15:15.0648 3648 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:15:15.0696 3648 MRxDAV - ok
08:15:15.0726 3648 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:15:15.0727 3648 mrxsmb - ok
08:15:15.0753 3648 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:15:15.0759 3648 mrxsmb10 - ok
08:15:15.0783 3648 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:15:15.0786 3648 mrxsmb20 - ok
08:15:15.0806 3648 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
08:15:15.0808 3648 msahci - ok
08:15:15.0834 3648 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:15:15.0876 3648 msdsm - ok
08:15:15.0912 3648 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:15:15.0928 3648 MSDTC - ok
08:15:15.0961 3648 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:15:15.0963 3648 Msfs - ok
08:15:15.0990 3648 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:15:15.0998 3648 mshidkmdf - ok
08:15:16.0020 3648 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:15:16.0022 3648 msisadrv - ok
08:15:16.0057 3648 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:15:16.0072 3648 MSiSCSI - ok
08:15:16.0084 3648 msiserver - ok
08:15:16.0144 3648 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
08:15:16.0149 3648 MSK80Service - ok
08:15:16.0190 3648 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:15:16.0202 3648 MSKSSRV - ok
08:15:16.0241 3648 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:15:16.0254 3648 MSPCLOCK - ok
08:15:16.0273 3648 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:15:16.0279 3648 MSPQM - ok
08:15:16.0313 3648 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:15:16.0349 3648 MsRPC - ok
08:15:16.0374 3648 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
08:15:16.0378 3648 mssmbios - ok
08:15:16.0396 3648 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:15:16.0405 3648 MSTEE - ok
08:15:16.0428 3648 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
08:15:16.0434 3648 MTConfig - ok
08:15:16.0459 3648 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:15:16.0460 3648 Mup - ok
08:15:16.0562 3648 MyWiFiDHCPDNS (f217d7718fd7577af331e89910b2d21e) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
08:15:16.0623 3648 MyWiFiDHCPDNS - ok
08:15:16.0697 3648 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:15:16.0812 3648 napagent - ok
08:15:16.0891 3648 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:15:16.0913 3648 NativeWifiP - ok
08:15:16.0978 3648 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe
08:15:17.0078 3648 NAUpdate - ok
08:15:17.0171 3648 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\windows\system32\drivers\ndis.sys
08:15:17.0235 3648 NDIS - ok
08:15:17.0293 3648 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:15:17.0308 3648 NdisCap - ok
08:15:17.0350 3648 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:15:17.0366 3648 NdisTapi - ok
08:15:17.0412 3648 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:15:17.0463 3648 Ndisuio - ok
08:15:17.0529 3648 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:15:17.0582 3648 NdisWan - ok
08:15:17.0617 3648 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:15:17.0671 3648 NDProxy - ok
08:15:17.0724 3648 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:15:17.0735 3648 NetBIOS - ok
08:15:17.0787 3648 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:15:17.0848 3648 NetBT - ok
08:15:17.0907 3648 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:15:17.0951 3648 Netlogon - ok
08:15:18.0019 3648 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:15:18.0052 3648 Netman - ok
08:15:18.0126 3648 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:18.0208 3648 NetMsmqActivator - ok
08:15:18.0216 3648 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:18.0217 3648 NetPipeActivator - ok
08:15:18.0279 3648 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:15:18.0301 3648 netprofm - ok
08:15:18.0368 3648 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:18.0372 3648 NetTcpActivator - ok
08:15:18.0390 3648 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:15:18.0394 3648 NetTcpPortSharing - ok
08:15:18.0657 3648 NETwNs64 (9fd1be1881446d954ff77244ae58fbcb) C:\windows\system32\DRIVERS\NETwNs64.sys
08:15:18.0819 3648 NETwNs64 - ok
08:15:18.0876 3648 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
08:15:18.0886 3648 nfrd960 - ok
08:15:18.0954 3648 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:15:19.0012 3648 NlaSvc - ok
08:15:19.0167 3648 NOBU (b9b72faaaa41d59b73b88fe3dd737ed1) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
08:15:19.0226 3648 NOBU - ok
08:15:19.0292 3648 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:15:19.0297 3648 Npfs - ok
08:15:19.0354 3648 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:15:19.0365 3648 nsi - ok
08:15:19.0401 3648 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:15:19.0408 3648 nsiproxy - ok
08:15:19.0493 3648 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
08:15:19.0560 3648 Ntfs - ok
08:15:19.0616 3648 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:15:19.0628 3648 Null - ok
08:15:19.0688 3648 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
08:15:19.0744 3648 nvraid - ok
08:15:19.0769 3648 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
08:15:19.0827 3648 nvstor - ok
08:15:19.0875 3648 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:15:19.0891 3648 nv_agp - ok
08:15:20.0003 3648 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:15:20.0049 3648 odserv - ok
08:15:20.0121 3648 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:15:20.0136 3648 ohci1394 - ok
08:15:20.0199 3648 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:15:20.0259 3648 ose - ok
08:15:20.0421 3648 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:15:20.0768 3648 osppsvc - ok
08:15:20.0857 3648 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:15:20.0868 3648 p2pimsvc - ok
08:15:20.0907 3648 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:15:20.0946 3648 p2psvc - ok
08:15:20.0986 3648 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
08:15:20.0998 3648 Parport - ok
08:15:21.0030 3648 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\windows\system32\drivers\partmgr.sys
08:15:21.0069 3648 partmgr - ok
08:15:21.0095 3648 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:15:21.0110 3648 PcaSvc - ok
08:15:21.0135 3648 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:15:21.0169 3648 pci - ok
08:15:21.0188 3648 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
08:15:21.0192 3648 pciide - ok
08:15:21.0220 3648 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
08:15:21.0234 3648 pcmcia - ok
08:15:21.0261 3648 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:15:21.0263 3648 pcw - ok
08:15:21.0304 3648 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:15:21.0367 3648 PEAUTH - ok
08:15:21.0416 3648 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:15:21.0424 3648 PerfHost - ok
08:15:21.0506 3648 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:15:21.0612 3648 pla - ok
08:15:21.0667 3648 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:15:21.0677 3648 PlugPlay - ok
08:15:21.0720 3648 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:15:21.0734 3648 PNRPAutoReg - ok
08:15:21.0770 3648 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:15:21.0778 3648 PNRPsvc - ok
08:15:21.0826 3648 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:15:21.0894 3648 PolicyAgent - ok
08:15:21.0924 3648 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\windows\system32\umpo.dll
08:15:21.0928 3648 Power - ok
08:15:21.0999 3648 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:15:22.0031 3648 PptpMiniport - ok
08:15:22.0048 3648 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
08:15:22.0051 3648 Processor - ok
08:15:22.0084 3648 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
08:15:22.0091 3648 ProfSvc - ok
08:15:22.0144 3648 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:15:22.0201 3648 ProtectedStorage - ok
08:15:22.0278 3648 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:15:22.0281 3648 Psched - ok
08:15:22.0320 3648 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\windows\system32\Drivers\PxHlpa64.sys
08:15:22.0321 3648 PxHlpa64 - ok
08:15:22.0401 3648 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
08:15:22.0484 3648 ql2300 - ok
08:15:22.0514 3648 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
08:15:22.0524 3648 ql40xx - ok
08:15:22.0583 3648 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:15:22.0601 3648 QWAVE - ok
08:15:22.0631 3648 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:15:22.0642 3648 QWAVEdrv - ok
08:15:22.0675 3648 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:15:22.0685 3648 RasAcd - ok
08:15:22.0730 3648 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:15:22.0732 3648 RasAgileVpn - ok
08:15:22.0766 3648 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:15:22.0780 3648 RasAuto - ok
08:15:22.0842 3648 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:15:22.0892 3648 Rasl2tp - ok
08:15:22.0944 3648 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:15:23.0002 3648 RasMan - ok
08:15:23.0046 3648 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:15:23.0049 3648 RasPppoe - ok
08:15:23.0094 3648 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:15:23.0099 3648 RasSstp - ok
08:15:23.0130 3648 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:15:23.0136 3648 rdbss - ok
08:15:23.0162 3648 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
08:15:23.0167 3648 rdpbus - ok
08:15:23.0187 3648 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:15:23.0189 3648 RDPCDD - ok
08:15:23.0221 3648 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:15:23.0222 3648 RDPENCDD - ok
08:15:23.0242 3648 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:15:23.0244 3648 RDPREFMP - ok
08:15:23.0300 3648 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
08:15:23.0366 3648 RDPWD - ok
08:15:23.0431 3648 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:15:23.0492 3648 rdyboost - ok
08:15:23.0593 3648 RegSrvc (b9a0810d16ea7935b10a5499aba61dc3) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
08:15:23.0651 3648 RegSrvc - ok
08:15:23.0713 3648 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:15:23.0727 3648 RemoteAccess - ok
08:15:23.0771 3648 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:15:23.0784 3648 RemoteRegistry - ok
08:15:23.0850 3648 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
08:15:23.0865 3648 RFCOMM - ok
08:15:24.0005 3648 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
08:15:24.0156 3648 RoxMediaDB12OEM - ok
08:15:24.0212 3648 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
08:15:24.0282 3648 RoxWatch12 - ok
08:15:24.0337 3648 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:15:24.0344 3648 RpcEptMapper - ok
08:15:24.0375 3648 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:15:24.0389 3648 RpcLocator - ok
08:15:24.0429 3648 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:15:24.0456 3648 RpcSs - ok
08:15:24.0530 3648 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:15:24.0539 3648 rspndr - ok
08:15:24.0615 3648 RSUSBSTOR (be29b0a3ac1e8bd02ffab8cee86badfa) C:\windows\system32\Drivers\RtsUStor.sys
08:15:24.0620 3648 RSUSBSTOR - ok
08:15:24.0680 3648 RTL8167 (2777226ee8bf50b059d7a7c90177e99c) C:\windows\system32\DRIVERS\Rt64win7.sys
08:15:24.0687 3648 RTL8167 - ok
08:15:24.0741 3648 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:15:24.0807 3648 SamSs - ok
08:15:24.0864 3648 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:15:24.0927 3648 sbp2port - ok
08:15:24.0960 3648 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:15:24.0967 3648 SCardSvr - ok
08:15:24.0992 3648 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:15:25.0046 3648 scfilter - ok
08:15:25.0086 3648 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:15:25.0167 3648 Schedule - ok
08:15:25.0204 3648 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:15:25.0204 3648 SCPolicySvc - ok
08:15:25.0229 3648 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:15:25.0282 3648 SDRSVC - ok
08:15:25.0335 3648 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:15:25.0342 3648 secdrv - ok
08:15:25.0383 3648 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:15:25.0433 3648 seclogon - ok
08:15:25.0458 3648 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:15:25.0461 3648 SENS - ok
08:15:25.0487 3648 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:15:25.0495 3648 SensrSvc - ok
08:15:25.0541 3648 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
08:15:25.0548 3648 Serenum - ok
08:15:25.0568 3648 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
08:15:25.0572 3648 Serial - ok
08:15:25.0599 3648 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
08:15:25.0606 3648 sermouse - ok
08:15:25.0652 3648 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:15:25.0701 3648 SessionEnv - ok
08:15:25.0711 3648 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:15:25.0715 3648 sffdisk - ok
08:15:25.0725 3648 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:15:25.0730 3648 sffp_mmc - ok
08:15:25.0753 3648 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:15:25.0802 3648 sffp_sd - ok
08:15:25.0813 3648 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
08:15:25.0816 3648 sfloppy - ok
08:15:25.0887 3648 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
08:15:25.0983 3648 Sftfs - ok
08:15:26.0074 3648 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
08:15:26.0120 3648 sftlist - ok
08:15:26.0178 3648 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
08:15:26.0227 3648 Sftplay - ok
08:15:26.0274 3648 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
08:15:26.0338 3648 Sftredir - ok
08:15:26.0419 3648 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
08:15:26.0487 3648 SftService - ok
08:15:26.0545 3648 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
08:15:26.0609 3648 Sftvol - ok
08:15:26.0673 3648 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
08:15:26.0739 3648 sftvsa - ok
08:15:26.0797 3648 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
08:15:26.0830 3648 SharedAccess - ok
08:15:26.0859 3648 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:15:26.0865 3648 ShellHWDetection - ok
08:15:26.0911 3648 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
08:15:26.0922 3648 SiSRaid2 - ok
08:15:26.0941 3648 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
08:15:26.0951 3648 SiSRaid4 - ok
08:15:26.0981 3648 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:15:26.0996 3648 Smb - ok
08:15:27.0062 3648 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:15:27.0077 3648 SNMPTRAP - ok
08:15:27.0126 3648 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:15:27.0135 3648 spldr - ok
08:15:27.0176 3648 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:15:27.0220 3648 Spooler - ok
08:15:27.0315 3648 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:15:27.0405 3648 sppsvc - ok
08:15:27.0430 3648 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:15:27.0436 3648 sppuinotify - ok
08:15:27.0489 3648 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:15:27.0497 3648 srv - ok
08:15:27.0520 3648 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:15:27.0552 3648 srv2 - ok
08:15:27.0581 3648 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:15:27.0631 3648 srvnet - ok
08:15:27.0663 3648 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:15:27.0672 3648 SSDPSRV - ok
08:15:27.0698 3648 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:15:27.0706 3648 SstpSvc - ok
08:15:27.0805 3648 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
08:15:27.0869 3648 STacSV - ok
08:15:27.0927 3648 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
08:15:27.0937 3648 stexstor - ok
08:15:28.0035 3648 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\windows\system32\DRIVERS\stwrt64.sys
08:15:28.0111 3648 STHDA - ok
08:15:28.0174 3648 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:15:28.0250 3648 stisvc - ok
08:15:28.0319 3648 stllssvr (7731f46ec0d687a931cba063e8f90ef0) c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
08:15:28.0386 3648 stllssvr - ok
08:15:28.0448 3648 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
08:15:28.0459 3648 swenum - ok
08:15:28.0521 3648 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:15:28.0544 3648 swprv - ok
08:15:28.0621 3648 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:15:28.0678 3648 SysMain - ok
08:15:28.0705 3648 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:15:28.0731 3648 TabletInputService - ok
08:15:28.0791 3648 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:15:28.0853 3648 TapiSrv - ok
08:15:28.0869 3648 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:15:28.0871 3648 TBS - ok
08:15:28.0973 3648 Tcpip (fc62769e7bff2896035aeed399108162) C:\windows\system32\drivers\tcpip.sys
08:15:29.0021 3648 Tcpip - ok
08:15:29.0095 3648 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\windows\system32\DRIVERS\tcpip.sys
08:15:29.0113 3648 TCPIP6 - ok
08:15:29.0143 3648 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:15:29.0192 3648 tcpipreg - ok
08:15:29.0212 3648 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:15:29.0217 3648 TDPIPE - ok
08:15:29.0243 3648 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:15:29.0285 3648 TDTCP - ok
08:15:29.0312 3648 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:15:29.0366 3648 tdx - ok
08:15:29.0383 3648 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
08:15:29.0410 3648 TermDD - ok
08:15:29.0446 3648 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:15:29.0496 3648 TermService - ok
08:15:29.0525 3648 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:15:29.0536 3648 Themes - ok
08:15:29.0572 3648 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:15:29.0576 3648 THREADORDER - ok
08:15:29.0635 3648 tihub3 (68fe3d89829e27d4fd5eea7bd2c41985) C:\windows\system32\DRIVERS\tihub3.sys
08:15:29.0674 3648 tihub3 - ok
08:15:29.0731 3648 tixhci (0102c9633ce1f18a6ac021f28b734db5) C:\windows\system32\DRIVERS\tixhci.sys
08:15:29.0772 3648 tixhci - ok
08:15:29.0795 3648 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:15:29.0801 3648 TrkWks - ok
08:15:29.0831 3648 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:15:29.0834 3648 TrustedInstaller - ok
08:15:29.0869 3648 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:15:29.0909 3648 tssecsrv - ok
08:15:29.0928 3648 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:15:29.0970 3648 TsUsbFlt - ok
08:15:29.0991 3648 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
08:15:30.0036 3648 TsUsbGD - ok
08:15:30.0073 3648 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:15:30.0112 3648 tunnel - ok
08:15:30.0143 3648 TurboB (fd24f98d2898be093fe926604be7db99) C:\windows\system32\DRIVERS\TurboB.sys
08:15:30.0184 3648 TurboB - ok
08:15:30.0230 3648 TurboBoost (600b406a04d90f577fea8a88d7379f08) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
08:15:30.0297 3648 TurboBoost - ok
08:15:30.0329 3648 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
08:15:30.0334 3648 uagp35 - ok
08:15:30.0367 3648 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:15:30.0376 3648 udfs - ok
08:15:30.0429 3648 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:15:30.0444 3648 UI0Detect - ok
08:15:30.0501 3648 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:15:30.0511 3648 uliagpkx - ok
08:15:30.0577 3648 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
08:15:30.0630 3648 umbus - ok
08:15:30.0682 3648 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
08:15:30.0688 3648 UmPass - ok
08:15:30.0848 3648 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:15:30.0935 3648 UNS - ok
08:15:31.0014 3648 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:15:31.0046 3648 upnphost - ok
08:15:31.0101 3648 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\windows\system32\DRIVERS\usbccgp.sys
08:15:31.0165 3648 usbccgp - ok
08:15:31.0210 3648 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:15:31.0223 3648 usbcir - ok
08:15:31.0263 3648 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
08:15:31.0317 3648 usbehci - ok
08:15:31.0406 3648 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
08:15:31.0469 3648 usbhub - ok
08:15:31.0495 3648 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
08:15:31.0526 3648 usbohci - ok
08:15:31.0542 3648 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\drivers\usbprint.sys
08:15:31.0545 3648 usbprint - ok
08:15:31.0569 3648 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:15:31.0621 3648 USBSTOR - ok
08:15:31.0644 3648 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
08:15:31.0676 3648 usbuhci - ok
08:15:31.0714 3648 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
08:15:31.0769 3648 usbvideo - ok
08:15:31.0808 3648 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:15:31.0819 3648 UxSms - ok
08:15:31.0872 3648 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:15:31.0923 3648 VaultSvc - ok
08:15:31.0983 3648 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:15:31.0994 3648 vdrvroot - ok
08:15:32.0043 3648 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:15:32.0071 3648 vds - ok
08:15:32.0102 3648 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:15:32.0109 3648 vga - ok
08:15:32.0134 3648 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:15:32.0138 3648 VgaSave - ok
08:15:32.0167 3648 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:15:32.0223 3648 vhdmp - ok
08:15:32.0240 3648 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:15:32.0244 3648 viaide - ok
08:15:32.0267 3648 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:15:32.0314 3648 volmgr - ok
08:15:32.0344 3648 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:15:32.0401 3648 volmgrx - ok
08:15:32.0428 3648 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
08:15:32.0474 3648 volsnap - ok
08:15:32.0506 3648 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
08:15:32.0522 3648 vsmraid - ok
08:15:32.0593 3648 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:15:32.0649 3648 VSS - ok
08:15:32.0667 3648 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
08:15:32.0670 3648 vwifibus - ok
08:15:32.0713 3648 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
08:15:32.0726 3648 vwififlt - ok
08:15:32.0764 3648 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
08:15:32.0776 3648 vwifimp - ok
08:15:32.0807 3648 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:15:32.0810 3648 W32Time - ok
08:15:32.0830 3648 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
08:15:32.0834 3648 WacomPen - ok
08:15:32.0884 3648 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:15:32.0918 3648 WANARP - ok
08:15:32.0928 3648 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:15:32.0929 3648 Wanarpv6 - ok
08:15:32.0994 3648 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:15:33.0137 3648 WatAdminSvc - ok
08:15:33.0213 3648 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:15:33.0272 3648 wbengine - ok
08:15:33.0303 3648 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:15:33.0314 3648 WbioSrvc - ok
08:15:33.0349 3648 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:15:33.0355 3648 wcncsvc - ok
08:15:33.0371 3648 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:15:33.0381 3648 WcsPlugInService - ok
08:15:33.0426 3648 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
08:15:33.0438 3648 Wd - ok
08:15:33.0475 3648 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:15:33.0484 3648 Wdf01000 - ok
08:15:33.0504 3648 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:15:33.0507 3648 WdiServiceHost - ok
08:15:33.0511 3648 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:15:33.0513 3648 WdiSystemHost - ok
08:15:33.0536 3648 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:15:33.0586 3648 WebClient - ok
08:15:33.0611 3648 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:15:33.0619 3648 Wecsvc - ok
08:15:33.0632 3648 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:15:33.0635 3648 wercplsupport - ok
08:15:33.0682 3648 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:15:33.0695 3648 WerSvc - ok
08:15:33.0756 3648 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:15:33.0763 3648 WfpLwf - ok
08:15:33.0806 3648 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
08:15:33.0870 3648 WimFltr - ok
08:15:33.0897 3648 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:15:33.0901 3648 WIMMount - ok
08:15:33.0920 3648 WinDefend - ok
08:15:33.0951 3648 WinHttpAutoProxySvc - ok
08:15:34.0009 3648 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:15:34.0025 3648 Winmgmt - ok
08:15:34.0119 3648 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:15:34.0271 3648 WinRM - ok
08:15:34.0350 3648 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:15:34.0409 3648 WinUsb - ok
08:15:34.0483 3648 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:15:34.0517 3648 Wlansvc - ok
08:15:34.0571 3648 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:15:34.0624 3648 wlcrasvc - ok
08:15:34.0762 3648 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:15:34.0900 3648 wlidsvc - ok
08:15:34.0985 3648 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
08:15:34.0990 3648 WmiAcpi - ok
08:15:35.0069 3648 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:15:35.0088 3648 wmiApSrv - ok
08:15:35.0136 3648 WMPNetworkSvc - ok
08:15:35.0179 3648 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:15:35.0191 3648 WPCSvc - ok
08:15:35.0232 3648 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:15:35.0318 3648 WPDBusEnum - ok
08:15:35.0379 3648 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:15:35.0388 3648 ws2ifsl - ok
08:15:35.0435 3648 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
08:15:35.0445 3648 wscsvc - ok
08:15:35.0478 3648 WSearch - ok
08:15:35.0586 3648 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\windows\system32\wuaueng.dll
08:15:35.0654 3648 wuauserv - ok
08:15:35.0687 3648 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:15:35.0756 3648 WudfPf - ok
08:15:35.0812 3648 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
08:15:35.0856 3648 WUDFRd - ok
08:15:35.0896 3648 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:15:35.0959 3648 wudfsvc - ok
08:15:35.0982 3648 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:15:35.0990 3648 WwanSvc - ok
08:15:36.0026 3648 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:15:36.0277 3648 \Device\Harddisk0\DR0 - ok
08:15:36.0282 3648 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
08:15:36.0287 3648 \Device\Harddisk0\DR0\Partition0 - ok
08:15:36.0326 3648 Boot (0x1200) (9353cf31a6ec515e78353d1600509a2f) \Device\Harddisk0\DR0\Partition1
08:15:36.0330 3648 \Device\Harddisk0\DR0\Partition1 - ok
08:15:36.0331 3648 ============================================================
08:15:36.0331 3648 Scan finished
08:15:36.0331 3648 ============================================================
08:15:36.0362 1692 Detected object count: 0
08:15:36.0362 1692 Actual detected object count: 0

3) ESETSscan results

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Users\Rengos\AppData\Local\Temp\ICReinstall\cnet2_ashampoo_burning_studio_6_free_6_80_4312_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Rengos\Downloads\cnet2_ashampoo_burning_studio_6_free_6_80_4312_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

4) Here is the screen shot I didn't know how to include before in case it helps (if I inserted it correctly!)

.http://i1073.photobucket.com/albums/w392/northernmom24/popupwindow-1.jpg

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 PM

Posted 16 April 2012 - 02:19 PM

Ok,tell me how it is after this.

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the promots in the Fix it wizard.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 northernmom

northernmom
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 17 April 2012 - 09:27 AM

I went to the website and attempted to do the "Let me fix it myself" steps. I don't have a Hosts file in that directory, I do have a file called Imhosts.sam, but no file Hosts. I ran the automatic fix instead, rebooted and when I returned to this page to let you know, I received the Recommended for You box in the lower right corner. It hasn't opened yet to recommend anything, but it's there.

Do I need to create a Hosts file?

Thank you.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 PM

Posted 18 April 2012 - 07:38 PM

Sorry for the delay the Im hosts is OK,
You look good then,, Any issues remain?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 northernmom

northernmom
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 25 April 2012 - 10:01 AM

Dear Boopme - I have been away from the computer for a few days... the cellphone shaped popup and the redirects is still a problem, it actually seems to be happening more frequently. Any other ideas? Thanks, Sandy

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,923 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:12:19 PM

Posted 25 April 2012 - 10:51 AM

Hi Sandy,appears ther must be a protecyed malware. Let's start a new topic and get a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 lopezri

lopezri

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:08:19 AM

Posted 08 November 2012 - 06:36 PM

C:\C\Users\Richard Lopez\Desktop\BitZipperH2010.v12473332.TrialSetupEn.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEIPlug.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEZSETP.dll Win32/Toolbar.MyWebSearch.Q application cleaned by deleting - quarantined
C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISb.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud11.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud28.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud44.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\ProgramData\Spybot - Search & Destroy\Recovery\WiIQfraud54.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined
C:\Users\Richard Lopez\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\493cfab3-44baa1f4 Java/Exploit.CVE-2012-4681.P trojan deleted - quarantined
F:\Users\Richard Lopez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XRGKQ0L7\SoftonicDownloader_for_avipreview[1].exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
F:\Users\Richard Lopez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZX0BATW4\6701-anyone-do-all-day-ball-stretching[1].html HTML/ScrInject.B.Gen virus deleted - quarantined
F:\Users\Richard Lopez\Desktop\BitZipperH2010.v12473332.TrialSetupEn.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined

The above three posts are from my computer that continues to get that stupid "cell phone" pop up. Any help to fix would be great. Thanks.

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:19 AM

Posted 08 November 2012 - 06:38 PM

lopezri

Your new topic is here

http://www.bleepingcomputer.com/forums/topic474530.html

Follow the instructions posted there.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users