Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty Blackhole Rootkit Infection


  • Please log in to reply
11 replies to this topic

#1 Doomhead

Doomhead

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:30 PM

Posted 15 April 2012 - 10:18 PM

Please help. I was running the free version of AVG when it stated that the computer had a infection of Blackhole Rootkit. Java also appears to be infected. What do I need to do to get rid of this nasty virus. It also has highjacked IE8 and it keeps randomizing the websites and blocks access to websites.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 15 April 2012 - 11:48 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 Doomhead

Doomhead
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:30 PM

Posted 16 April 2012 - 09:43 AM

Thanks for the quick response. I will run the programs and post the reports once I get off work this evening. I'm running windows 7 (64bit) edition. Will this affect any of the scanners?

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 16 April 2012 - 09:45 AM

Ignore GMER and run other scans

good luck

#5 Doomhead

Doomhead
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:30 PM

Posted 16 April 2012 - 09:46 AM

Will do. Thanks

#6 Doomhead

Doomhead
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:30 PM

Posted 16 April 2012 - 06:15 PM

Here is the TDSSkiller log:

17:51:10.0630 3404 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
17:51:10.0660 3404 ============================================================
17:51:10.0660 3404 Current date / time: 2012/04/16 17:51:10.0660
17:51:10.0660 3404 SystemInfo:
17:51:10.0660 3404
17:51:10.0660 3404 OS Version: 6.1.7601 ServicePack: 1.0
17:51:10.0660 3404 Product type: Workstation
17:51:10.0660 3404 ComputerName: LISAANN-PC
17:51:10.0660 3404 UserName: Lisa Ann
17:51:10.0660 3404 Windows directory: C:\Windows
17:51:10.0660 3404 System windows directory: C:\Windows
17:51:10.0660 3404 Running under WOW64
17:51:10.0660 3404 Processor architecture: Intel x64
17:51:10.0660 3404 Number of processors: 2
17:51:10.0660 3404 Page size: 0x1000
17:51:10.0660 3404 Boot type: Normal boot
17:51:10.0660 3404 ============================================================
17:51:12.0312 3404 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:51:12.0343 3404 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:51:12.0343 3404 Drive \Device\Harddisk2\DR4 - Size: 0x775F8000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:51:12.0358 3404 \Device\Harddisk0\DR0:
17:51:12.0358 3404 MBR used
17:51:12.0358 3404 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1E00000
17:51:12.0358 3404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E1B800, BlocksNum 0x23612800
17:51:12.0358 3404 \Device\Harddisk1\DR1:
17:51:12.0358 3404 MBR used
17:51:12.0358 3404 \Device\Harddisk1\DR1\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x368AFD40
17:51:12.0390 3404 \Device\Harddisk2\DR4:
17:51:12.0390 3404 MBR used
17:51:12.0452 3404 Initialize success
17:51:12.0452 3404 ============================================================
17:51:39.0166 1520 ============================================================
17:51:39.0166 1520 Scan started
17:51:39.0166 1520 Mode: Manual; TDLFS;
17:51:39.0166 1520 ============================================================
17:51:40.0076 1520 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
17:51:40.0086 1520 !SASCORE - ok
17:51:40.0316 1520 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:51:40.0316 1520 1394ohci - ok
17:51:40.0356 1520 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:51:40.0366 1520 ACPI - ok
17:51:40.0396 1520 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:51:40.0396 1520 AcpiPmi - ok
17:51:40.0526 1520 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:51:40.0526 1520 AdobeARMservice - ok
17:51:40.0736 1520 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:51:40.0756 1520 AdobeFlashPlayerUpdateSvc - ok
17:51:40.0986 1520 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:51:41.0006 1520 adp94xx - ok
17:51:41.0161 1520 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:51:41.0161 1520 adpahci - ok
17:51:41.0270 1520 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:51:41.0270 1520 adpu320 - ok
17:51:41.0364 1520 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:51:41.0379 1520 AeLookupSvc - ok
17:51:41.0551 1520 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:51:41.0567 1520 AFD - ok
17:51:41.0645 1520 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:51:41.0645 1520 agp440 - ok
17:51:41.0754 1520 ahcix64s (0c40b709e6963f6ac64f137894543b50) C:\Windows\system32\drivers\ahcix64s.sys
17:51:41.0769 1520 ahcix64s - ok
17:51:41.0879 1520 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:51:41.0879 1520 ALG - ok
17:51:42.0019 1520 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:51:42.0035 1520 aliide - ok
17:51:42.0144 1520 Amazon Download Agent (ff6f0f6a2d72065ae4300426fa414693) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
17:51:42.0159 1520 Amazon Download Agent - ok
17:51:42.0222 1520 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe
17:51:42.0222 1520 AMD External Events Utility - ok
17:51:42.0284 1520 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:51:42.0284 1520 amdide - ok
17:51:42.0378 1520 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:51:42.0378 1520 AmdK8 - ok
17:51:42.0861 1520 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
17:51:43.0049 1520 amdkmdag - ok
17:51:43.0179 1520 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
17:51:43.0189 1520 amdkmdap - ok
17:51:43.0259 1520 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:51:43.0269 1520 AmdPPM - ok
17:51:43.0319 1520 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:51:43.0319 1520 amdsata - ok
17:51:43.0469 1520 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:51:43.0469 1520 amdsbs - ok
17:51:43.0499 1520 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:51:43.0499 1520 amdxata - ok
17:51:43.0589 1520 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:51:43.0609 1520 AppID - ok
17:51:43.0679 1520 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:51:43.0679 1520 AppIDSvc - ok
17:51:43.0809 1520 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:51:43.0819 1520 Appinfo - ok
17:51:43.0889 1520 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:51:43.0889 1520 arc - ok
17:51:43.0919 1520 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:51:43.0929 1520 arcsas - ok
17:51:44.0039 1520 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:51:44.0039 1520 AsyncMac - ok
17:51:44.0079 1520 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:51:44.0079 1520 atapi - ok
17:51:44.0479 1520 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
17:51:44.0529 1520 atikmdag - ok
17:51:44.0689 1520 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:51:44.0699 1520 AudioEndpointBuilder - ok
17:51:44.0719 1520 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:51:44.0729 1520 AudioSrv - ok
17:51:45.0089 1520 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:51:45.0134 1520 AVGIDSAgent - ok
17:51:45.0261 1520 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:51:45.0261 1520 AVGIDSDriver - ok
17:51:45.0301 1520 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:51:45.0301 1520 AVGIDSEH - ok
17:51:45.0341 1520 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:51:45.0341 1520 AVGIDSFilter - ok
17:51:45.0481 1520 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
17:51:45.0491 1520 Avgldx64 - ok
17:51:45.0641 1520 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
17:51:45.0641 1520 Avgmfx64 - ok
17:51:45.0691 1520 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
17:51:45.0691 1520 Avgrkx64 - ok
17:51:45.0761 1520 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
17:51:45.0761 1520 Avgtdia - ok
17:51:45.0971 1520 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:51:46.0001 1520 avgwd - ok
17:51:46.0131 1520 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:51:46.0141 1520 AxInstSV - ok
17:51:46.0341 1520 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:51:46.0361 1520 b06bdrv - ok
17:51:46.0461 1520 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:51:46.0471 1520 b57nd60a - ok
17:51:46.0621 1520 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
17:51:46.0631 1520 BBSvc - ok
17:51:46.0751 1520 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:51:46.0761 1520 BDESVC - ok
17:51:46.0841 1520 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:51:46.0851 1520 Beep - ok
17:51:47.0021 1520 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:51:47.0051 1520 BFE - ok
17:51:47.0131 1520 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:51:47.0141 1520 BITS - ok
17:51:47.0281 1520 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:51:47.0311 1520 blbdrive - ok
17:51:47.0431 1520 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:51:47.0451 1520 bowser - ok
17:51:47.0481 1520 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:51:47.0481 1520 BrFiltLo - ok
17:51:47.0591 1520 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:51:47.0591 1520 BrFiltUp - ok
17:51:47.0651 1520 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:51:47.0651 1520 Browser - ok
17:51:47.0711 1520 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:51:47.0721 1520 Brserid - ok
17:51:47.0821 1520 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:51:47.0831 1520 BrSerWdm - ok
17:51:47.0851 1520 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:51:47.0861 1520 BrUsbMdm - ok
17:51:47.0881 1520 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:51:47.0881 1520 BrUsbSer - ok
17:51:47.0951 1520 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:51:47.0961 1520 BTHMODEM - ok
17:51:48.0161 1520 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:51:48.0191 1520 bthserv - ok
17:51:48.0241 1520 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:51:48.0241 1520 cdfs - ok
17:51:48.0311 1520 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:51:48.0321 1520 cdrom - ok
17:51:48.0381 1520 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:51:48.0381 1520 CertPropSvc - ok
17:51:48.0451 1520 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:51:48.0451 1520 circlass - ok
17:51:48.0598 1520 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:51:48.0613 1520 CLFS - ok
17:51:48.0738 1520 CLKMSVC10_1628BCEA (de48552360fa8bdf569d83f07cb1b566) C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\BD\NavFilter\kmsvc.exe
17:51:48.0738 1520 CLKMSVC10_1628BCEA - ok
17:51:49.0003 1520 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:51:49.0019 1520 clr_optimization_v2.0.50727_32 - ok
17:51:49.0175 1520 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:51:49.0175 1520 clr_optimization_v2.0.50727_64 - ok
17:51:49.0253 1520 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:51:49.0253 1520 clr_optimization_v4.0.30319_32 - ok
17:51:49.0378 1520 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:51:49.0378 1520 clr_optimization_v4.0.30319_64 - ok
17:51:49.0549 1520 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:51:49.0549 1520 CmBatt - ok
17:51:49.0581 1520 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:51:49.0581 1520 cmdide - ok
17:51:49.0846 1520 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:51:49.0861 1520 CNG - ok
17:51:50.0095 1520 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:51:50.0111 1520 Compbatt - ok
17:51:50.0298 1520 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:51:50.0298 1520 CompositeBus - ok
17:51:50.0361 1520 COMSysApp - ok
17:51:50.0439 1520 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:51:50.0439 1520 crcdisk - ok
17:51:50.0595 1520 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:51:50.0595 1520 CryptSvc - ok
17:51:50.0782 1520 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:51:50.0782 1520 DcomLaunch - ok
17:51:50.0860 1520 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:51:50.0860 1520 defragsvc - ok
17:51:50.0922 1520 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:51:50.0922 1520 DfsC - ok
17:51:51.0047 1520 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:51:51.0063 1520 Dhcp - ok
17:51:51.0125 1520 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:51:51.0125 1520 discache - ok
17:51:51.0172 1520 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:51:51.0172 1520 Disk - ok
17:51:51.0328 1520 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:51:51.0328 1520 Dnscache - ok
17:51:51.0437 1520 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
17:51:51.0437 1520 DockLoginService - ok
17:51:51.0531 1520 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:51:51.0531 1520 dot3svc - ok
17:51:51.0593 1520 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
17:51:51.0593 1520 Dot4 - ok
17:51:51.0671 1520 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
17:51:51.0671 1520 Dot4Print - ok
17:51:51.0749 1520 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
17:51:51.0749 1520 dot4usb - ok
17:51:51.0780 1520 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:51:51.0780 1520 DPS - ok
17:51:51.0843 1520 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:51:51.0843 1520 drmkaud - ok
17:51:51.0983 1520 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:51:51.0999 1520 DXGKrnl - ok
17:51:52.0077 1520 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:51:52.0077 1520 EapHost - ok
17:51:52.0248 1520 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:51:52.0279 1520 ebdrv - ok
17:51:52.0373 1520 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:51:52.0373 1520 EFS - ok
17:51:52.0529 1520 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:51:52.0576 1520 ehRecvr - ok
17:51:52.0638 1520 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:51:52.0685 1520 ehSched - ok
17:51:52.0794 1520 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:51:52.0810 1520 elxstor - ok
17:51:52.0872 1520 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:51:52.0872 1520 ErrDev - ok
17:51:52.0997 1520 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:51:52.0997 1520 EventSystem - ok
17:51:53.0106 1520 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:51:53.0106 1520 exfat - ok
17:51:53.0137 1520 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:51:53.0137 1520 fastfat - ok
17:51:53.0247 1520 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:51:53.0262 1520 Fax - ok
17:51:53.0403 1520 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:51:53.0403 1520 fdc - ok
17:51:53.0465 1520 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:51:53.0481 1520 fdPHost - ok
17:51:53.0543 1520 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:51:53.0543 1520 FDResPub - ok
17:51:53.0683 1520 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:51:53.0683 1520 FileInfo - ok
17:51:53.0715 1520 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:51:53.0715 1520 Filetrace - ok
17:51:53.0730 1520 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:51:53.0730 1520 flpydisk - ok
17:51:53.0808 1520 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:51:53.0824 1520 FltMgr - ok
17:51:53.0933 1520 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:51:53.0964 1520 FontCache - ok
17:51:54.0151 1520 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:51:54.0151 1520 FontCache3.0.0.0 - ok
17:51:54.0292 1520 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:51:54.0292 1520 FsDepends - ok
17:51:54.0339 1520 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:51:54.0354 1520 Fs_Rec - ok
17:51:54.0417 1520 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:51:54.0417 1520 fvevol - ok
17:51:54.0557 1520 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:51:54.0557 1520 gagp30kx - ok
17:51:54.0697 1520 GameConsoleService (67cf4c2e7477b9a01df07e38af293414) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
17:51:54.0697 1520 GameConsoleService - ok
17:51:54.0838 1520 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:51:54.0853 1520 gpsvc - ok
17:51:54.0963 1520 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:51:54.0963 1520 gupdate - ok
17:51:54.0994 1520 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:51:54.0994 1520 gupdatem - ok
17:51:55.0025 1520 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:51:55.0025 1520 gusvc - ok
17:51:55.0212 1520 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:51:55.0212 1520 hcw85cir - ok
17:51:55.0321 1520 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:51:55.0321 1520 HdAudAddService - ok
17:51:55.0368 1520 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:51:55.0368 1520 HDAudBus - ok
17:51:55.0446 1520 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:51:55.0462 1520 HidBatt - ok
17:51:55.0587 1520 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:51:55.0602 1520 HidBth - ok
17:51:55.0665 1520 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:51:55.0665 1520 HidIr - ok
17:51:55.0711 1520 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:51:55.0727 1520 hidserv - ok
17:51:55.0805 1520 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:51:55.0805 1520 HidUsb - ok
17:51:55.0992 1520 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:51:55.0992 1520 hkmsvc - ok
17:51:56.0086 1520 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:51:56.0086 1520 HomeGroupListener - ok
17:51:56.0133 1520 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:51:56.0148 1520 HomeGroupProvider - ok
17:51:56.0164 1520 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:51:56.0164 1520 HpSAMD - ok
17:51:56.0320 1520 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:51:56.0335 1520 HTTP - ok
17:51:56.0445 1520 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:51:56.0445 1520 hwpolicy - ok
17:51:56.0523 1520 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:51:56.0538 1520 i8042prt - ok
17:51:56.0632 1520 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:51:56.0632 1520 iaStorV - ok
17:51:56.0788 1520 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:51:56.0788 1520 IDriverT - ok
17:51:57.0006 1520 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:51:57.0037 1520 idsvc - ok
17:51:57.0115 1520 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:51:57.0131 1520 iirsp - ok
17:51:57.0225 1520 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:51:57.0225 1520 IKEEXT - ok
17:51:57.0412 1520 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:51:57.0412 1520 intelide - ok
17:51:57.0646 1520 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:51:57.0661 1520 intelppm - ok
17:51:57.0817 1520 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:51:57.0817 1520 IPBusEnum - ok
17:51:57.0895 1520 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:51:57.0895 1520 IpFilterDriver - ok
17:51:57.0973 1520 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:51:57.0989 1520 iphlpsvc - ok
17:51:58.0098 1520 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:51:58.0098 1520 IPMIDRV - ok
17:51:58.0161 1520 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:51:58.0176 1520 IPNAT - ok
17:51:58.0207 1520 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:51:58.0223 1520 IRENUM - ok
17:51:58.0239 1520 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:51:58.0239 1520 isapnp - ok
17:51:58.0332 1520 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:51:58.0348 1520 iScsiPrt - ok
17:51:58.0379 1520 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:51:58.0379 1520 kbdclass - ok
17:51:58.0426 1520 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:51:58.0426 1520 kbdhid - ok
17:51:58.0488 1520 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:51:58.0488 1520 KeyIso - ok
17:51:58.0597 1520 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:51:58.0597 1520 KSecDD - ok
17:51:58.0644 1520 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:51:58.0660 1520 KSecPkg - ok
17:51:58.0707 1520 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:51:58.0707 1520 ksthunk - ok
17:51:58.0753 1520 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:51:58.0769 1520 KtmRm - ok
17:51:58.0909 1520 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:51:58.0925 1520 LanmanServer - ok
17:51:58.0972 1520 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:51:58.0972 1520 LanmanWorkstation - ok
17:51:59.0050 1520 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:51:59.0050 1520 lltdio - ok
17:51:59.0190 1520 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:51:59.0206 1520 lltdsvc - ok
17:51:59.0221 1520 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:51:59.0237 1520 lmhosts - ok
17:51:59.0268 1520 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:51:59.0268 1520 LSI_FC - ok
17:51:59.0315 1520 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:51:59.0315 1520 LSI_SAS - ok
17:51:59.0409 1520 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:51:59.0409 1520 LSI_SAS2 - ok
17:51:59.0440 1520 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:51:59.0440 1520 LSI_SCSI - ok
17:51:59.0455 1520 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:51:59.0455 1520 luafv - ok
17:51:59.0533 1520 LVPr2M64 (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:51:59.0533 1520 LVPr2M64 - ok
17:51:59.0565 1520 LVPr2Mon (ded333dbdbbcc3555a6e6244522e2f1a) C:\Windows\system32\DRIVERS\LVPr2M64.sys
17:51:59.0565 1520 LVPr2Mon - ok
17:51:59.0658 1520 LVPrcS64 (a35679e56e78091e1042a2d7adbf2958) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
17:51:59.0658 1520 LVPrcS64 - ok
17:51:59.0799 1520 LVRS64 (986c1cb787a007baa5f74e7d316d7246) C:\Windows\system32\DRIVERS\lvrs64.sys
17:51:59.0799 1520 LVRS64 - ok
17:51:59.0970 1520 LVUVC64 (5747bc465abea2858c5d037252aed84e) C:\Windows\system32\DRIVERS\lvuvc64.sys
17:52:00.0111 1520 LVUVC64 - ok
17:52:00.0251 1520 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:52:00.0251 1520 Mcx2Svc - ok
17:52:00.0313 1520 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:52:00.0313 1520 megasas - ok
17:52:00.0345 1520 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:52:00.0360 1520 MegaSR - ok
17:52:00.0423 1520 mfebopk (dd7b52227da36f2718306c98e474b51b) C:\Windows\system32\drivers\mfebopk.sys
17:52:00.0438 1520 mfebopk - ok
17:52:00.0563 1520 mferkdk (624d717b11e5004f68442b5740f17f21) C:\Windows\system32\drivers\mferkdk.sys
17:52:00.0579 1520 mferkdk - ok
17:52:00.0625 1520 mfesmfk (0cd9de7b96735f33f078c4ea044e8b34) C:\Windows\system32\drivers\mfesmfk.sys
17:52:00.0625 1520 mfesmfk - ok
17:52:00.0750 1520 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:52:00.0750 1520 Microsoft Office Groove Audit Service - ok
17:52:00.0875 1520 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:52:00.0875 1520 MMCSS - ok
17:52:00.0922 1520 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:52:00.0922 1520 Modem - ok
17:52:00.0969 1520 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:52:00.0969 1520 monitor - ok
17:52:01.0000 1520 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:52:01.0000 1520 mouclass - ok
17:52:01.0015 1520 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:52:01.0015 1520 mouhid - ok
17:52:01.0156 1520 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:52:01.0171 1520 mountmgr - ok
17:52:01.0187 1520 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:52:01.0203 1520 mpio - ok
17:52:01.0234 1520 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:52:01.0249 1520 mpsdrv - ok
17:52:01.0312 1520 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:52:01.0312 1520 MpsSvc - ok
17:52:01.0452 1520 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:52:01.0468 1520 MRxDAV - ok
17:52:01.0515 1520 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:52:01.0515 1520 mrxsmb - ok
17:52:01.0561 1520 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:52:01.0561 1520 mrxsmb10 - ok
17:52:01.0671 1520 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:52:01.0671 1520 mrxsmb20 - ok
17:52:01.0733 1520 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:52:01.0733 1520 msahci - ok
17:52:01.0780 1520 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:52:01.0780 1520 msdsm - ok
17:52:01.0889 1520 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:52:01.0905 1520 MSDTC - ok
17:52:01.0967 1520 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:52:01.0967 1520 Msfs - ok
17:52:01.0998 1520 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:52:01.0998 1520 mshidkmdf - ok
17:52:02.0029 1520 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:52:02.0029 1520 msisadrv - ok
17:52:02.0185 1520 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:52:02.0201 1520 MSiSCSI - ok
17:52:02.0217 1520 msiserver - ok
17:52:02.0232 1520 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:52:02.0232 1520 MSKSSRV - ok
17:52:02.0295 1520 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:52:02.0295 1520 MSPCLOCK - ok
17:52:02.0326 1520 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:52:02.0326 1520 MSPQM - ok
17:52:02.0388 1520 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:52:02.0404 1520 MsRPC - ok
17:52:02.0513 1520 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:52:02.0513 1520 mssmbios - ok
17:52:02.0575 1520 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:52:02.0575 1520 MSTEE - ok
17:52:02.0607 1520 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:52:02.0607 1520 MTConfig - ok
17:52:02.0638 1520 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:52:02.0638 1520 Mup - ok
17:52:02.0700 1520 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:52:02.0716 1520 napagent - ok
17:52:02.0872 1520 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:52:02.0872 1520 NativeWifiP - ok
17:52:02.0950 1520 Nccidx64 (93739227222e54a0110a7b8f12be854a) C:\Windows\system32\DRIVERS\Nccidx64.sys
17:52:02.0950 1520 Nccidx64 - ok
17:52:03.0075 1520 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:52:03.0106 1520 NDIS - ok
17:52:03.0246 1520 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:52:03.0246 1520 NdisCap - ok
17:52:03.0293 1520 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:52:03.0309 1520 NdisTapi - ok
17:52:03.0355 1520 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:52:03.0355 1520 Ndisuio - ok
17:52:03.0387 1520 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:52:03.0402 1520 NdisWan - ok
17:52:03.0543 1520 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:52:03.0558 1520 NDProxy - ok
17:52:03.0605 1520 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:52:03.0605 1520 NetBIOS - ok
17:52:03.0683 1520 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:52:03.0683 1520 NetBT - ok
17:52:03.0730 1520 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:03.0730 1520 Netlogon - ok
17:52:03.0870 1520 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:52:03.0886 1520 Netman - ok
17:52:03.0917 1520 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:52:03.0933 1520 netprofm - ok
17:52:04.0011 1520 netr28ux (26672f93749ac9fd28da1b0f94efa78d) C:\Windows\system32\DRIVERS\netr28ux.sys
17:52:04.0026 1520 netr28ux - ok
17:52:04.0229 1520 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:52:04.0229 1520 NetTcpPortSharing - ok
17:52:04.0323 1520 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:52:04.0323 1520 nfrd960 - ok
17:52:04.0401 1520 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:52:04.0416 1520 NlaSvc - ok
17:52:04.0479 1520 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:52:04.0479 1520 Npfs - ok
17:52:04.0557 1520 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:52:04.0572 1520 nsi - ok
17:52:04.0619 1520 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:52:04.0635 1520 nsiproxy - ok
17:52:04.0713 1520 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:52:04.0728 1520 Ntfs - ok
17:52:04.0859 1520 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:52:04.0869 1520 Null - ok
17:52:04.0919 1520 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:52:04.0919 1520 nvraid - ok
17:52:04.0969 1520 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:52:04.0969 1520 nvstor - ok
17:52:05.0109 1520 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:52:05.0119 1520 nv_agp - ok
17:52:05.0269 1520 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:52:05.0279 1520 odserv - ok
17:52:05.0389 1520 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:52:05.0399 1520 ohci1394 - ok
17:52:05.0519 1520 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:52:05.0529 1520 ose - ok
17:52:05.0659 1520 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:52:05.0669 1520 p2pimsvc - ok
17:52:05.0719 1520 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:52:05.0729 1520 p2psvc - ok
17:52:05.0779 1520 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:52:05.0779 1520 Parport - ok
17:52:05.0839 1520 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:52:05.0839 1520 partmgr - ok
17:52:05.0969 1520 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:52:05.0979 1520 PcaSvc - ok
17:52:06.0019 1520 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:52:06.0019 1520 pci - ok
17:52:06.0049 1520 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:52:06.0049 1520 pciide - ok
17:52:06.0089 1520 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:52:06.0089 1520 pcmcia - ok
17:52:06.0119 1520 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:52:06.0129 1520 pcw - ok
17:52:06.0249 1520 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:52:06.0259 1520 PEAUTH - ok
17:52:06.0369 1520 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:52:06.0369 1520 PerfHost - ok
17:52:06.0449 1520 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:52:06.0469 1520 pla - ok
17:52:06.0599 1520 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:52:06.0609 1520 PlugPlay - ok
17:52:06.0629 1520 PnkBstrA - ok
17:52:06.0679 1520 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:52:06.0679 1520 PNRPAutoReg - ok
17:52:06.0709 1520 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:52:06.0709 1520 PNRPsvc - ok
17:52:06.0856 1520 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:52:06.0872 1520 PolicyAgent - ok
17:52:06.0919 1520 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:52:06.0919 1520 Power - ok
17:52:06.0981 1520 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:52:06.0997 1520 PptpMiniport - ok
17:52:07.0059 1520 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:52:07.0059 1520 Processor - ok
17:52:07.0184 1520 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:52:07.0184 1520 ProfSvc - ok
17:52:07.0246 1520 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:07.0246 1520 ProtectedStorage - ok
17:52:07.0309 1520 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:52:07.0309 1520 Psched - ok
17:52:07.0340 1520 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\Windows\system32\Drivers\PxHlpa64.sys
17:52:07.0340 1520 PxHlpa64 - ok
17:52:07.0527 1520 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:52:07.0558 1520 ql2300 - ok
17:52:07.0605 1520 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:52:07.0605 1520 ql40xx - ok
17:52:07.0652 1520 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:52:07.0652 1520 QWAVE - ok
17:52:07.0792 1520 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:52:07.0792 1520 QWAVEdrv - ok
17:52:07.0808 1520 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:52:07.0823 1520 RasAcd - ok
17:52:07.0886 1520 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:52:07.0901 1520 RasAgileVpn - ok
17:52:08.0026 1520 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:52:08.0026 1520 RasAuto - ok
17:52:08.0073 1520 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:52:08.0073 1520 Rasl2tp - ok
17:52:08.0135 1520 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:52:08.0151 1520 RasMan - ok
17:52:08.0213 1520 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:52:08.0229 1520 RasPppoe - ok
17:52:08.0338 1520 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:52:08.0338 1520 RasSstp - ok
17:52:08.0385 1520 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:52:08.0401 1520 rdbss - ok
17:52:08.0416 1520 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:52:08.0432 1520 rdpbus - ok
17:52:08.0479 1520 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:52:08.0479 1520 RDPCDD - ok
17:52:08.0603 1520 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:52:08.0603 1520 RDPENCDD - ok
17:52:08.0619 1520 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:52:08.0619 1520 RDPREFMP - ok
17:52:08.0666 1520 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:52:08.0681 1520 RDPWD - ok
17:52:08.0759 1520 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:52:08.0759 1520 rdyboost - ok
17:52:08.0884 1520 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:52:08.0884 1520 RemoteAccess - ok
17:52:08.0931 1520 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:52:08.0931 1520 RemoteRegistry - ok
17:52:08.0993 1520 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
17:52:08.0993 1520 RimUsb - ok
17:52:09.0118 1520 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:52:09.0118 1520 RpcEptMapper - ok
17:52:09.0165 1520 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:52:09.0165 1520 RpcLocator - ok
17:52:09.0227 1520 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:52:09.0243 1520 RpcSs - ok
17:52:09.0290 1520 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:52:09.0290 1520 rspndr - ok
17:52:09.0415 1520 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:52:09.0430 1520 RTL8167 - ok
17:52:09.0477 1520 RTL8169 (170a66dfaaa22358e08d6f4b38c8f3df) C:\Windows\system32\DRIVERS\Rtlh64.sys
17:52:09.0493 1520 RTL8169 - ok
17:52:09.0539 1520 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:09.0539 1520 SamSs - ok
17:52:09.0617 1520 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
17:52:09.0633 1520 SASDIFSV - ok
17:52:09.0649 1520 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
17:52:09.0649 1520 SASKUTIL - ok
17:52:09.0773 1520 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:52:09.0773 1520 sbp2port - ok
17:52:09.0836 1520 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:52:09.0851 1520 SCardSvr - ok
17:52:09.0898 1520 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:52:09.0898 1520 scfilter - ok
17:52:10.0039 1520 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:52:10.0070 1520 Schedule - ok
17:52:10.0117 1520 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:52:10.0132 1520 SCPolicySvc - ok
17:52:10.0179 1520 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:52:10.0195 1520 SDRSVC - ok
17:52:10.0319 1520 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
17:52:10.0319 1520 SeaPort - ok
17:52:10.0460 1520 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:52:10.0460 1520 secdrv - ok
17:52:10.0507 1520 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:52:10.0507 1520 seclogon - ok
17:52:10.0538 1520 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:52:10.0538 1520 SENS - ok
17:52:10.0553 1520 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:52:10.0553 1520 SensrSvc - ok
17:52:10.0585 1520 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:52:10.0585 1520 Serenum - ok
17:52:10.0725 1520 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:52:10.0725 1520 Serial - ok
17:52:10.0756 1520 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:52:10.0756 1520 sermouse - ok
17:52:10.0819 1520 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:52:10.0819 1520 SessionEnv - ok
17:52:10.0865 1520 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:52:10.0865 1520 sffdisk - ok
17:52:11.0021 1520 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:52:11.0021 1520 sffp_mmc - ok
17:52:11.0037 1520 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:52:11.0037 1520 sffp_sd - ok
17:52:11.0084 1520 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:52:11.0084 1520 sfloppy - ok
17:52:11.0131 1520 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:52:11.0146 1520 SharedAccess - ok
17:52:11.0302 1520 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:52:11.0318 1520 ShellHWDetection - ok
17:52:11.0365 1520 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:52:11.0365 1520 SiSRaid2 - ok
17:52:11.0380 1520 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:52:11.0380 1520 SiSRaid4 - ok
17:52:11.0427 1520 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:52:11.0427 1520 Smb - ok
17:52:11.0567 1520 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:52:11.0583 1520 SNMPTRAP - ok
17:52:11.0645 1520 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:52:11.0645 1520 spldr - ok
17:52:11.0723 1520 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:52:11.0723 1520 Spooler - ok
17:52:11.0926 1520 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:52:11.0973 1520 sppsvc - ok
17:52:12.0098 1520 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:52:12.0098 1520 sppuinotify - ok
17:52:12.0176 1520 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:52:12.0191 1520 srv - ok
17:52:12.0223 1520 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:52:12.0238 1520 srv2 - ok
17:52:12.0254 1520 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:52:12.0254 1520 srvnet - ok
17:52:12.0394 1520 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:52:12.0425 1520 SSDPSRV - ok
17:52:12.0472 1520 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:52:12.0488 1520 SstpSvc - ok
17:52:12.0753 1520 STCFUx64 - ok
17:52:12.0831 1520 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:52:12.0831 1520 stexstor - ok
17:52:12.0909 1520 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:52:12.0925 1520 stisvc - ok
17:52:13.0034 1520 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:52:13.0049 1520 stllssvr - ok
17:52:13.0143 1520 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:52:13.0143 1520 swenum - ok
17:52:13.0205 1520 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:52:13.0221 1520 swprv - ok
17:52:13.0330 1520 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:52:13.0346 1520 SysMain - ok
17:52:13.0471 1520 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:52:13.0486 1520 TabletInputService - ok
17:52:13.0564 1520 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:52:13.0580 1520 TapiSrv - ok
17:52:13.0642 1520 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:52:13.0642 1520 TBS - ok
17:52:13.0751 1520 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:52:13.0767 1520 Tcpip - ok
17:52:13.0923 1520 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:52:13.0939 1520 TCPIP6 - ok
17:52:14.0029 1520 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:52:14.0029 1520 tcpipreg - ok
17:52:14.0089 1520 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:52:14.0099 1520 TDPIPE - ok
17:52:14.0139 1520 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:52:14.0139 1520 TDTCP - ok
17:52:14.0209 1520 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:52:14.0219 1520 tdx - ok
17:52:14.0319 1520 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:52:14.0319 1520 TermDD - ok
17:52:14.0379 1520 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:52:14.0389 1520 TermService - ok
17:52:14.0509 1520 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:52:14.0519 1520 Themes - ok
17:52:14.0629 1520 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:52:14.0629 1520 THREADORDER - ok
17:52:14.0659 1520 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:52:14.0669 1520 TrkWks - ok
17:52:14.0769 1520 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:52:14.0789 1520 TrustedInstaller - ok
17:52:15.0009 1520 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:52:15.0029 1520 tssecsrv - ok
17:52:15.0289 1520 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:52:15.0339 1520 TsUsbFlt - ok
17:52:15.0619 1520 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:52:15.0639 1520 tunnel - ok
17:52:15.0879 1520 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:52:15.0889 1520 uagp35 - ok
17:52:15.0949 1520 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:52:15.0964 1520 udfs - ok
17:52:16.0089 1520 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:52:16.0105 1520 UI0Detect - ok
17:52:16.0167 1520 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:52:16.0167 1520 uliagpkx - ok
17:52:16.0198 1520 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:52:16.0214 1520 umbus - ok
17:52:16.0334 1520 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:52:16.0334 1520 UmPass - ok
17:52:16.0394 1520 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:52:16.0404 1520 upnphost - ok
17:52:16.0444 1520 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
17:52:16.0444 1520 usbaudio - ok
17:52:16.0484 1520 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:52:16.0484 1520 usbccgp - ok
17:52:16.0594 1520 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:52:16.0604 1520 usbcir - ok
17:52:16.0644 1520 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:52:16.0644 1520 usbehci - ok
17:52:16.0704 1520 UsbFltr (68bad03835873d4bbbde95cbb135a395) C:\Windows\system32\Drivers\UsbFltr.sys
17:52:16.0704 1520 UsbFltr - ok
17:52:16.0754 1520 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:52:16.0784 1520 usbhub - ok
17:52:16.0894 1520 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:52:16.0894 1520 usbohci - ok
17:52:16.0954 1520 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:52:16.0964 1520 usbprint - ok
17:52:16.0984 1520 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:52:16.0984 1520 usbscan - ok
17:52:17.0014 1520 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:52:17.0014 1520 USBSTOR - ok
17:52:17.0114 1520 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:52:17.0114 1520 usbuhci - ok
17:52:17.0144 1520 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:52:17.0154 1520 UxSms - ok
17:52:17.0204 1520 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:52:17.0204 1520 VaultSvc - ok
17:52:17.0234 1520 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:52:17.0234 1520 vdrvroot - ok
17:52:17.0294 1520 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:52:17.0294 1520 vds - ok
17:52:17.0434 1520 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:52:17.0434 1520 vga - ok
17:52:17.0464 1520 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:52:17.0474 1520 VgaSave - ok
17:52:17.0504 1520 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:52:17.0514 1520 vhdmp - ok
17:52:17.0574 1520 VIAHdAudAddService (05d2db6c7aa8661c55fb75ed42dd6f4c) C:\Windows\system32\drivers\viahduaa.sys
17:52:17.0604 1520 VIAHdAudAddService - ok
17:52:17.0744 1520 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:52:17.0754 1520 viaide - ok
17:52:17.0784 1520 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:52:17.0784 1520 volmgr - ok
17:52:17.0844 1520 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:52:17.0844 1520 volmgrx - ok
17:52:17.0874 1520 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:52:17.0884 1520 volsnap - ok
17:52:18.0024 1520 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:52:18.0024 1520 vsmraid - ok
17:52:18.0124 1520 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:52:18.0154 1520 VSS - ok
17:52:18.0174 1520 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:52:18.0174 1520 vwifibus - ok
17:52:18.0322 1520 VWiFiFlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:52:18.0337 1520 VWiFiFlt - ok
17:52:18.0384 1520 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:52:18.0400 1520 W32Time - ok
17:52:18.0400 1520 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:52:18.0415 1520 WacomPen - ok
17:52:18.0462 1520 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:52:18.0462 1520 WANARP - ok
17:52:18.0478 1520 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:52:18.0478 1520 Wanarpv6 - ok
17:52:18.0649 1520 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:52:18.0665 1520 WatAdminSvc - ok
17:52:18.0727 1520 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:52:18.0759 1520 wbengine - ok
17:52:18.0883 1520 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:52:18.0915 1520 WbioSrvc - ok
17:52:19.0008 1520 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:52:19.0024 1520 wcncsvc - ok
17:52:19.0071 1520 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:52:19.0071 1520 WcsPlugInService - ok
17:52:19.0133 1520 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:52:19.0149 1520 Wd - ok
17:52:19.0289 1520 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:52:19.0305 1520 Wdf01000 - ok
17:52:19.0429 1520 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:52:19.0445 1520 WdiServiceHost - ok
17:52:19.0461 1520 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:52:19.0461 1520 WdiSystemHost - ok
17:52:19.0601 1520 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:52:19.0617 1520 WebClient - ok
17:52:19.0741 1520 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:52:19.0757 1520 Wecsvc - ok
17:52:19.0819 1520 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:52:19.0835 1520 wercplsupport - ok
17:52:19.0897 1520 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:52:19.0897 1520 WerSvc - ok
17:52:19.0975 1520 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:52:19.0975 1520 WfpLwf - ok
17:52:20.0007 1520 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:52:20.0007 1520 WIMMount - ok
17:52:20.0085 1520 WinDefend - ok
17:52:20.0116 1520 WinHttpAutoProxySvc - ok
17:52:20.0287 1520 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:52:20.0303 1520 Winmgmt - ok
17:52:20.0475 1520 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:52:20.0506 1520 WinRM - ok
17:52:20.0553 1520 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:52:20.0553 1520 WinUsb - ok
17:52:20.0755 1520 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:52:20.0787 1520 Wlansvc - ok
17:52:20.0896 1520 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:52:20.0927 1520 wlidsvc - ok
17:52:21.0021 1520 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:52:21.0021 1520 WmiAcpi - ok
17:52:21.0130 1520 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:52:21.0145 1520 wmiApSrv - ok
17:52:21.0239 1520 WMPNetworkSvc - ok
17:52:21.0364 1520 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:52:21.0364 1520 WPCSvc - ok
17:52:21.0442 1520 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:52:21.0442 1520 WPDBusEnum - ok
17:52:21.0520 1520 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:52:21.0520 1520 ws2ifsl - ok
17:52:21.0567 1520 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:52:21.0582 1520 wscsvc - ok
17:52:21.0598 1520 WSearch - ok
17:52:21.0847 1520 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:52:21.0879 1520 wuauserv - ok
17:52:22.0003 1520 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:52:22.0003 1520 WudfPf - ok
17:52:22.0050 1520 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:52:22.0050 1520 WUDFRd - ok
17:52:22.0097 1520 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:52:22.0097 1520 wudfsvc - ok
17:52:22.0159 1520 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:52:22.0159 1520 WwanSvc - ok
17:52:22.0300 1520 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
17:52:22.0300 1520 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
17:52:22.0347 1520 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
17:52:22.0503 1520 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:52:22.0503 1520 \Device\Harddisk0\DR0 - detected TDSS File System (1)
17:52:22.0518 1520 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk1\DR1
17:52:22.0581 1520 \Device\Harddisk1\DR1 - ok
17:52:22.0596 1520 MBR (0x1B8) (6b2f2e07200248010ff3ac1b13da7bfe) \Device\Harddisk2\DR4
17:52:26.0059 1520 \Device\Harddisk2\DR4 - ok
17:52:26.0075 1520 Boot (0x1200) (cd4e7909014f7d410d50f7d9c3c74ef2) \Device\Harddisk0\DR0\Partition0
17:52:26.0075 1520 \Device\Harddisk0\DR0\Partition0 - ok
17:52:26.0091 1520 Boot (0x1200) (0a4c3296dcbeb22168045d967716a2a8) \Device\Harddisk0\DR0\Partition1
17:52:26.0091 1520 \Device\Harddisk0\DR0\Partition1 - ok
17:52:26.0091 1520 Boot (0x1200) (1296d578abf331287bc13e8f8b50c248) \Device\Harddisk1\DR1\Partition0
17:52:26.0091 1520 \Device\Harddisk1\DR1\Partition0 - ok
17:52:26.0091 1520 ============================================================
17:52:26.0091 1520 Scan finished
17:52:26.0091 1520 ============================================================
17:52:26.0106 6020 Detected object count: 1
17:52:26.0106 6020 Actual detected object count: 1
17:52:57.0397 6020 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:52:57.0397 6020 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip


While I was Running the Scanner AVG also stated that a Trojan Horse Generic27.CPFA located in C:\ProgramData\ededbacfddefdct.exe was detected. HKEY_USERS\S-1-21-195829219-2025185061-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ededbacfddefdct was detected.

#7 Doomhead

Doomhead
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:30 PM

Posted 16 April 2012 - 06:59 PM

Here is the aswMBR file:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-16 18:18:52
-----------------------------
18:18:52.983 OS Version: Windows x64 6.1.7601 Service Pack 1
18:18:52.983 Number of processors: 2 586 0x602
18:18:52.983 ComputerName: LISAANN-PC UserName: Lisa Ann
18:18:54.123 Initialize success
18:18:58.934 AVAST engine defs: 12041601
18:19:05.863 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
18:19:05.863 Disk 0 Vendor: Hitachi_HDT721032SLA360 ST2OA38E Size: 305245MB BusType: 3
18:19:05.863 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-5
18:19:05.863 Disk 1 Vendor: WDC_WD5000YS-01MPB0 07.02E07 Size: 476940MB BusType: 3
18:19:05.879 Disk 0 MBR read successfully
18:19:05.894 Disk 0 MBR scan
18:19:05.894 Disk 0 Windows 7 default MBR code
18:19:05.910 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
18:19:05.941 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15360 MB offset 112640
18:19:05.957 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 289829 MB offset 31569920
18:19:06.035 Disk 0 scanning C:\Windows\system32\drivers
18:19:29.413 Service scanning
18:20:22.100 Modules scanning
18:20:22.440 Disk 0 trace - called modules:
18:20:22.480 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:20:22.490 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005e403c0]
18:20:22.490 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa80057f3d10]
18:20:22.500 5 ACPI.sys[fffff88000f177a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005919060]
18:20:23.972 AVAST engine scan C:\Windows
18:20:44.040 AVAST engine scan C:\Windows\system32
18:27:03.878 AVAST engine scan C:\Windows\system32\drivers
18:27:33.019 AVAST engine scan C:\Users\Lisa Ann
18:37:58.018 AVAST engine scan C:\ProgramData
18:42:16.448 Scan finished successfully
18:48:20.786 Disk 0 MBR has been saved successfully to "C:\Users\Lisa Ann\Desktop\Virus Cleaners\MBR.dat"
18:48:20.786 The log file has been saved successfully to "C:\Users\Lisa Ann\Desktop\Virus Cleaners\aswMBR log.txt"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 16 April 2012 - 08:53 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#9 Doomhead

Doomhead
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:30 PM

Posted 17 April 2012 - 10:07 PM

ESET Log:

It looks like there was a bunch of stuff in my backup file

C:\Users\Lisa Ann\Documents\Lisa's Stuff\couponprinter.exe probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
C:\Users\Lisa Ann\Documents\My Dropbox\Lisa's Stuff\couponprinter.exe probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
C:\Users\Lisa Ann\Documents\Removable Disk\Lisa's Stuff\couponprinter.exe probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-07 151114\Backup Files 2011-05-07 151114\Backup files 1.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-07 151114\Backup Files 2011-05-07 151114\Backup files 2.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-07 151114\Backup Files 2011-05-07 151114\Backup files 15.zip multiple threats deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-07 151114\Backup Files 2011-05-07 151114\Backup files 68.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-07 151114\Backup Files 2011-05-07 151114\Backup files 79.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-07 151114\Backup Files 2011-05-07 151114\Backup files 101.zip multiple threats deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-12 224443\Backup files 14.zip multiple threats deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-12 224443\Backup files 15.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-12 224443\Backup files 16.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-12 224443\Backup files 70.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-12 224443\Backup files 81.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-12 224443\Backup files 103.zip multiple threats deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-22 190001\Backup files 3.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-22 190001\Backup files 4.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-05-12 224443\Backup Files 2011-05-30 005754\Backup files 1.zip Java/TrojanDownloader.Agent.NCJ trojan deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-06-22 181608\Backup Files 2011-06-22 181608\Backup files 40.zip multiple threats deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-06-22 181608\Backup Files 2011-06-22 181608\Backup files 42.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-06-22 181608\Backup Files 2011-06-22 181608\Backup files 43.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-06-22 181608\Backup Files 2011-12-04 190010\Backup files 1.zip a variant of Java/TrojanDownloader.OpenConnection.AQ trojan deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-06-22 181608\Backup Files 2011-12-11 190011\Backup files 1.zip multiple threats deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-06-22 181608\Backup Files 2011-12-18 190001\Backup files 1.zip multiple threats deleted - quarantined
L:\LISAANN-PC\Backup Set 2011-06-22 181608\Backup Files 2011-12-29 185621\Backup files 7.zip probably a variant of Win32/Adware.Softomate.AD application deleted - quarantined
L:\System Volume Information\_restore{2ECFA2A1-3C18-4B4D-AFC2-A4D40B9B8AAB}\RP414\A0030039.exe Win32/Adware.WBug.A application deleted - quarantined
L:\System Volume Information\_restore{2ECFA2A1-3C18-4B4D-AFC2-A4D40B9B8AAB}\RP414\A0032646.exe multiple threats deleted - quarantined


MiniToolBox Log:


MiniToolBox by Farbar Version: 18-01-2012
Ran by Lisa Ann (administrator) on 17-04-2012 at 22:01:54
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


94.63.147.16 www.google.com
94.63.147.17 www.bing.com


========================= IP Configuration: ================================

Belkin F5D8053 N Wireless USB Adapter = Wireless Network Connection 6 (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : LisaAnn-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Wireless LAN adapter Wireless Network Connection 6:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Belkin F5D8053 N Wireless USB Adapter #5
Physical Address. . . . . . . . . : 00-22-75-90-73-78
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:18f3:a8c4:1234:24fd:6784:73d2:afd(Preferred)
Temporary IPv6 Address. . . . . . : 2002:18f3:a8c4:1234:c893:9eba:49d0:af7b(Preferred)
Link-local IPv6 Address . . . . . : fe80::24fd:6784:73d2:afd%20(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.9(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, April 17, 2012 5:21:39 PM
Lease Expires . . . . . . . . . . : Thursday, April 15, 2021 5:21:39 PM
Default Gateway . . . . . . . . . : fe80::222:75ff:fe9f:c5a4%20
192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 436216437
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-6A-83-41-00-24-E8-2A-AE-EF
DNS Servers . . . . . . . . . . . : 192.168.2.1
192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-24-E8-2A-AE-EF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28cc:2ad0:e70c:573b(Preferred)
Link-local IPv6 Address . . . . . : fe80::28cc:2ad0:e70c:573b%23(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: media-computer.hot.rr.com
Address: 192.168.2.1

Name: google.com
Addresses: 74.125.227.65
74.125.227.66
74.125.227.67
74.125.227.68
74.125.227.69
74.125.227.70
74.125.227.71
74.125.227.72
74.125.227.73
74.125.227.78
74.125.227.64


Pinging google.com [74.125.227.64] with 32 bytes of data:
Reply from 74.125.227.64: bytes=32 time=24ms TTL=54
Reply from 74.125.227.64: bytes=32 time=37ms TTL=54

Ping statistics for 74.125.227.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 37ms, Average = 30ms
Server: media-computer.hot.rr.com
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=93ms TTL=48
Reply from 98.139.183.24: bytes=32 time=59ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 59ms, Maximum = 93ms, Average = 76ms
Server: media-computer.hot.rr.com
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...00 22 75 90 73 78 ......Belkin F5D8053 N Wireless USB Adapter #5
10...00 24 e8 2a ae ef ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
23...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.9 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.9 281
192.168.2.9 255.255.255.255 On-link 192.168.2.9 281
192.168.2.255 255.255.255.255 On-link 192.168.2.9 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.9 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.9 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
20 281 ::/0 fe80::222:75ff:fe9f:c5a4
1 306 ::1/128 On-link
23 58 2001::/32 On-link
23 306 2001:0:4137:9e76:28cc:2ad0:e70c:573b/128
On-link
20 33 2002:18f3:a8c4:1234::/64 On-link
20 281 2002:18f3:a8c4:1234:24fd:6784:73d2:afd/128
On-link
20 281 2002:18f3:a8c4:1234:c893:9eba:49d0:af7b/128
On-link
20 281 fe80::/64 On-link
23 306 fe80::/64 On-link
20 281 fe80::24fd:6784:73d2:afd/128
On-link
23 306 fe80::28cc:2ad0:e70c:573b/128
On-link
1 306 ff00::/8 On-link
23 306 ff00::/8 On-link
20 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/17/2012 05:26:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 05:26:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 05:26:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 05:26:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 05:26:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/17/2012 06:26:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 09:16:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 07:36:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 07:20:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2012 07:16:19 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/17/2012 06:23:41 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (04/16/2012 08:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 08:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 08:01:41 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 07:58:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 07:58:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 07:58:21 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 07:56:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 07:56:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (04/16/2012 07:56:17 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068




Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.1.0)
20,000 Leagues Under the Sea
4 Elements (Version: 1.0.0.0)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.233)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.233)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Alabama Smith in Escape from Pompeii
Alabama Smith in the Quest of Fate
Amazon Games & Software Downloader (Version: 2.0.2.0)
AnalogX Capture
Ankh - The Lost Treasures
Apple Application Support (Version: 2.0.1)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.3.14 (Unicode)
AVG 2012 (Version: 12.0.1913)
AVG 2012 (Version: 12.0.2411)
AVG 2012 (Version: 2012.0.1913)
Behind the Reflection
Belkin F5D8053 N Wireless USB Adapter (Version: 2.0.0.10)
Big Fish Games: Game Manager (Version: 2.0.0.8)
Bing Bar (Version: 7.0.609.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Call of Duty® - World at War™ (Version: 1.0)
Catalyst Control Center InstallProxy (Version: 2008.1210.1623.29379)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conduit Engine (Version: )
Coupon Printer for Windows (Version: 5.0.0.1)
CSI-3 Dimensions of Murder 1.0 (Version: 1.0)
CSI-Dark Motives (Version: 1.01.000)
CSI-Hard Evidence (Version: 1.1)
CSI NY
Curse of the Pharaoh: Napoleon's Secret ™
Curse of the Pharaoh: The Quest for Nefertiti
D3DX10 (Version: 15.4.2368.0902)
Dark Dimensions: City of Fog
Dark Tales: Edgar Allan Poe`s Murders in the Rue Morgue
Dark Tales: ™ Edgar Allan Poe's The Black Cat
DC Universe Online Live
Debugging Tools for Windows (x64) (Version: 6.11.1.404)
Dell-eBay (Version: 1.00.0000)
Dell DataSafe Online (Version: 1.1.0029)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Resource CD (Version: 1.00.0000)
Digital Copy
Dreamland
Drop! (Version: 1.0.0.1)
Dropbox (Version: 1.3.35)
eGames Toolbar
ESET Online Scanner v3
Exorcist (Version: 1.0.0.0)
Exorcist II (Version: 1.0.0.0)
FFmpeg for Audacity on Windows
Flux Family Secrets - The Rabbit Hole
Flux Family Secrets: The Ripple Effect
GamesBar 2.0.1.55 (Version: 2.0.1.55)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 2.8.7.6830)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Gourmania 2: Great Expectations
Grace's Quest: To Catch An Art Thief
Haali Media Splitter
Heroes Of Hellas
Holly 2 - Magic Land
Immortal Lovers
Journey of Hope
Junk Mail filter update (Version: 15.4.3502.0922)
Kidnapped in the City (Version: 1.0)
LAME v3.99.3 (for Windows)
Legends of Dreams
Logitech Vid HD (Version: 7.2 (7230))
Logitech Webcam Software (Version: 12.10.1113)
Magic Encyclopedia - Moon Light
Magic Encyclopedia 3: Illusions
Magic Encyclopedia. First Story
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 1.2.1)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.0.61118.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft UI Engine (Version: 6.3.2348.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Midnight Mysteries - The Edgar Allan Poe Conspiracy (Version: 1.1.0.0)
Midnight Mysteries Devil on the Mississippi
Midnight Mysteries Salem Witch Trials (Version: 1.1.0.0)
Mind's Eye: Secrets Of The Forgotten
Mozilla Firefox 10.0.1 (x86 en-US) (Version: 10.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Case Files &reg;: 13th Skull ™
Mystery Case Files &reg;: Dire Grove ™
Mystery Chronicles: Murder Among Friends
Mystery Cookbook
Mystery Cruise
Nancy Drew-Alibi in Ashes (Version: 1.0)
Nancy Drew Dossier Resorting to Danger
Nancy Drew Message in a Haunted Mansion (Version: 1.1.0.0)
Nancy Drew: Danger on Deception Island
Nancy Drew: Ghost Dogs of Moon Lake
Nancy Drew: Ransom of the Seven Ships (Version: 1.0.0)
Nancy Drew: Secret of the Scarlet Hand
Nancy Drew: Secrets Can Kill REMASTERED (Version: 1.0.0)
Nancy Drew: The Captive Curse (Version: 8.0.0.30162)
Nancy Drew: The Curse of Blackmoor Manor
Nancy Drew: The Final Scene
Nancy Drew: The Haunted Carousel
Nancy Drew: The Haunting of Castle Malloy (Version: 1.0.0)
Nancy Drew: Trail of the Twister (Version: 1.0.0)
Nancy Drew: Treasure in the Royal Tower
Nancy Drew: Warnings at Waverly Academy (Version: 1.0.0)
Natalie Brooks - Mystery at Hillcrest High
Natalie Brooks - Secrets of Treasure House
Natalie Brooks - The Treasures of the Lost Kingdom
Netflix in Windows Media Center (Version: 3.3.101.0)
Nikon File Uploader 2 (Version: 2.00.0001)
Nikon Message Center 2 (Version: 2.0.1)
PageRage Toolbar (Version: 6.1.0.7)
Picaboo X (Version: 10.154)
Picaboo X (Version: 10.154P)
Picture Control Utility (Version: 1.2.0)
Platform (Version: 1.34)
PowerDVD DX (Version: 8.3.7501)
PunkBuster Services (Version: 0.986)
QuickTime (Version: 7.70.80.34)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Redemption Cemetery: Children's Plight
Redemption Cemetery: Curse of the Raven
Road Runner Toolbar (Version: 6.2.2.4)
Robin Hood
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Sacra Terra: Angelic Night Collector's Edition (Version: 1.0)
Samantha Swift and the Hidden Roses of Athena (Version: 1.1.0.0)
Scholastic's I SPY Mystery
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.5 (Version: 5.5.124)
SmartMusic 2011a (Version: 13.0.0)
SmartMusic 2012 (Version: 14.0.0)
Soul Journey (Version: 1.0)
Sprill - The Mystery of The Bermuda Triangle
Sprill and Ritchie - Adventures In Time
Stray Souls: Dollhouse Story (Version: 1.0)
The Curse Of Montezuma
The Hidden Continent
The Lost Inca Prophecy (Version: 1.0.0.0)
The Treasures Of Montezuma
The Treasures Of Mystery Island
The Treasures of Mystery Island 2 The Gates of Fate
The Treasures of Mystery Island The Ghost Ship
The Treasures of Mystery Island: The Gates of Fate
Treasure Masters, Inc.
Twisted Lands: Insomniac Collector's Edition (Version: 1.0)
Twisted Lands: Shadow Town
Twistingo (Version: 1.0.0.0)
Undercover PI
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vampire Saga - Pandora's Box
VIA Platform Device Manager (Version: 1.34)
ViewNX 2 (Version: 2.0.1)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VIVA MEDIA GAME CENTER (Version: 1.2010.6.23)
VLC media player 2.0.1 (Version: 2.0.1)
WildTangent Games (Version: 1.0.0.71)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WMS Slots Reel 'em in (Version: 1.00.0000)
Yontoo Layers Client 1.10.01 (Version: 1.10.01)
Zynga Toolbar (Version: 6.3.6.2)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 5887.12 MB
Available physical RAM: 4134.76 MB
Total Pagefile: 11772.43 MB
Available Pagefile: 9759.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.93 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:283.04 GB) (Free:145.44 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:14.9 GB) NTFS
4 Drive f: () (Removable) (Total:1.86 GB) (Free:0.16 GB) FAT32
5 Drive l: (BACK UP) (Fixed) (Total:436.24 GB) (Free:189.57 GB) FAT32

========================= Users: ========================================

User accounts for \\LISAANN-PC

Administrator Guest Lisa Ann

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

I also ran malewarebytes twice, it found something the first time but nothing the second time

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 17 April 2012 - 11:47 PM

DOwnload hosts fix

http://go.microsoft.com/?linkid=9668866

Run it

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 Doomhead

Doomhead
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:30 PM

Posted 18 April 2012 - 09:54 PM

Done and done, thank you so much for your help

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:30 AM

Posted 18 April 2012 - 11:21 PM

you're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users