Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I can't get rid of Security Shield 2012 - Your guide didnt work


  • Please log in to reply
19 replies to this topic

#1 BQfromNY

BQfromNY

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 21 April 2012 - 12:42 AM

I somehow got infected by Security Shield 2012, and cant seem to remove it. I followed your guide but to no avail. I enter safe mode with networking,I ran rkill - the log file it generated didn't show that I killed any programs, I did a quick and full scan of MalwareBytes but it didnt find anything, I ran Superantispyware and it didnt find anythign either,no matter what I do, I cant seem to shake this thing.

So - right now, I cant get online without being in safe mode (even after I followed your guide).

You guys have helped me once before - Iam afraid I need help again... PLEASE HELP

BC AdBot (Login to Remove)

 


#2 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 21 April 2012 - 12:49 AM

ADD - I couldnt download or run DDS due to my security settings - please help

I didnt do a Gmerlog due to the fact Iam running widows 64 bit Vista

#3 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 21 April 2012 - 01:46 AM

I was reading another user had a similar problem and was asked to run this log - so I thought it would help if I posted a similar log:

FixExec by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about FixExec can be found at this link:
http://www.bleepingcomputer.com/download/windows/utilities/fixexec

Program started at: 04/21/2012 02:42:41 AM in x64 mode.
Windows Version: Windows Vista

Checking for processes to terminate before fixing executable associations.
* No processes found to kill.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

* HKLM\Software\Classes\exefile\shell\open\command\\IsolatedCommand was changed. It was reset to "%1" %*!

* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Program finished at: 04/21/2012 02:42:48 AM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)

#4 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 21 April 2012 - 01:47 AM

MB Log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.04.21.01

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
BQfromNY :: QUERRIE-PC [administrator]

4/21/2012 2:46:24 AM
mbam-log-2012-04-21 (02-46-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 272655
Time elapsed: 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 21 April 2012 - 03:08 AM

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421
Run by BQfromNY at 3:49:57 on 2012-04-21
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8190.5723 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://woot.com/
uSearch Bar = Preserve
uInternet Settings,ProxyOverride = 192.168.*.*
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [HLBackupScheduler] G:\Applications\Verizon V CAST Media Manager\V CAST Backup Scheduler.exe
uRun: [Google Update] "C:\Users\BQfromNY\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRunOnce: [snoylfpe] C:\Users\BQfromNY\AppData\Local\snoylfpe.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Conime] %windir%\system32\conime.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
mRun: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [PWRISOVM.EXE] G:\Applications\PowerISO\PWRISOVM.EXE
mRunOnce: [Malwarebytes Anti-Malware] G:\Applications\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WIRELE~1.LNK - C:\Program Files (x86)\EDIMAX\Common\RaUI.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: C:\Windows\system32\wpclsp.dll
Trusted Zone: intuit.com\ttlc
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{C63B6EB1-2DF5-4535-AF1C-F37211BFB0EE} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{FF2394B9-131C-4AE8-AB5B-1BB9D7DC6678} : NameServer = 208.67.220.222,208.67.220.220
TCP: Interfaces\{FF2394B9-131C-4AE8-AB5B-1BB9D7DC6678} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
BHO-X64: facemoods Helper - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
mRun-x64: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [PWRISOVM.EXE] G:\Applications\PowerISO\PWRISOVM.EXE
mRunOnce-x64: [Malwarebytes Anti-Malware] G:\Applications\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
============= SERVICES / DRIVERS ===============
.
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R3 rt61x64;Ralink RT61 Wireless Driver for Windows Vista;C:\Windows\system32\DRIVERS\netr6164.sys --> C:\Windows\system32\DRIVERS\netr6164.sys [?]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-1 136176]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-12-19 394672]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w --> C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 [?]
S2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\EDIMAX\Common\RalinkRegistryWriter.exe [2010-2-5 53760]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-1 136176]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-2-5 89920]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-04-21 02:55:24 381952 ----a-w- C:\Users\BQfromNY\AppData\Local\snoylfpe.exe
2012-04-21 02:12:14 8917360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9057EADD-983E-4356-A0FD-11BDE412FE8C}\mpengine.dll
2012-04-11 07:03:20 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-04-11 07:03:10 78848 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-11 07:03:10 5632 ----a-w- C:\Windows\System32\wmi.dll
2012-04-11 07:03:10 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-11 07:03:10 219136 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-11 07:03:10 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-11 07:03:10 16384 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-11 07:03:10 157696 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-04-11 01:26:39 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat
2012-04-11 01:26:39 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat
2012-04-08 00:57:38 -------- d-----w- C:\Users\BQfromNY\AppData\Local\{1E221A13-D0E9-49EA-9657-EC34C61E4C52}
.
==================== Find3M ====================
.
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-02-14 16:49:43 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-02-14 16:49:43 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-02-14 15:45:30 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-02-14 15:45:30 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-02-13 14:38:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-02-13 14:12:08 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-02-13 14:06:48 834048 ----a-w- C:\Windows\System32\d2d1.dll
2012-02-13 14:03:11 1555968 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-13 13:47:57 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-02-13 13:44:40 1068544 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-07 15:02:40 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2012-02-02 15:34:25 2765824 ----a-w- C:\Windows\System32\win32k.sys
2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 3:50:53.74 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/5/2010 7:26:10 PM
System Uptime: 4/21/2012 1:12:48 AM (2 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P5E Deluxe
Processor: Intel® Core™2 Quad CPU Q9650 @ 3.00GHz | LGA775 | 3005/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 0.708 GiB free.
D: is CDROM (CDFS)
F: is CDROM (CDFS)
G: is FIXED (NTFS) - 932 GiB total, 402.934 GiB free.
H: is Removable
I: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: isatap.rochester.rr.com
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}
Description: Standard PS/2 Keyboard
Device ID: ACPI\PNP0303\4&23F9C1E3&0
Manufacturer: (Standard keyboards)
Name: Standard PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&23F9C1E3&0
Service: i8042prt
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_82771043&REV_02\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_2930&SUBSYS_82771043&REV_02\3&11583659&0&FB
Service:
.
==== System Restore Points ===================
.
RP1175: 4/19/2012 8:43:36 PM - Windows Update
RP1176: 4/20/2012 10:11:33 PM - Windows Update
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
AC3Filter 1.63b
Acrobat.com
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.4.5
aioscnnr
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
Application Profiles
C4USelfUpdater
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
ccc-core-static
CCC Help English
center
D3DX10
DHTML Editing Component
DiRT 3
DivX Web Player
Edimax Wireless LAN
ESET Online Scanner v3
essentials
Facemoods Toolbar
ffdshow [rev 2527] [2008-12-19]
FileZilla Client 3.5.3
Google Chrome
Google Update Helper
Holdem Manager
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Product Detection
HydraVision
Java Auto Updater
Java™ 6 Update 29
JDownloader 0.9
Junk Mail filter update
K-Lite Codec Pack 7.7.0 (Basic)
KODAK AiO Software
ksDIP
Lernout & Hauspie TruVoice American English TTS Engine
Malwarebytes Anti-Malware version 1.61.0.1400
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MotoHelper MergeModules
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MTX
NVIDIA PhysX
ocr
OpenAL
Perpetuum
PostgreSQL 8.4
PowerISO
PreReq
Quicken 2011
QuickTime
Rapture3D 2.4.8 Game
RIFT
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Segoe UI
Skins
Star Wars: The Old Republic
System Requirements Lab
TeamSpeak 3 Client
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wnyiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnyiper
TurboTax 2011 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.762
Verizon V CAST Media Manager
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.11
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
World of Warcraft
Xilisoft Video Converter Ultimate 6
.
==== Event Viewer Messages From Past Week ========
.
4/21/2012 1:16:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/21/2012 1:15:45 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO i8042prt MpFilter SABKUTIL SASDIFSV SASKUTIL SCDEmu spldr Wanarpv6
4/21/2012 1:15:45 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
4/21/2012 1:15:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/21/2012 1:15:12 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/21/2012 1:14:54 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/21/2012 1:04:06 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SABKUTIL
4/21/2012 1:02:55 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/20/2012 7:45:32 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 001F1F1D3D39 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
4/20/2012 11:26:41 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO DfsC i8042prt MpFilter NetBIOS netbt nsiproxy PSched RasAcd rdbss SABKUTIL SASDIFSV SASKUTIL SCDEmu Smb spldr tdx Wanarpv6 ws2ifsl
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2012 11:26:22 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
4/20/2012 11:25:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/20/2012 11:25:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
4/20/2012 11:25:54 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
4/20/2012 11:22:17 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
4/17/2012 9:16:07 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 001F1F1D3D39 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:08 AM

Posted 22 April 2012 - 12:45 PM

Hello, did you run..
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 22 April 2012 - 03:02 PM

Thanks for your help!!

15:59:59.0009 4176 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
15:59:59.0299 4176 ============================================================
15:59:59.0300 4176 Current date / time: 2012/04/22 15:59:59.0299
15:59:59.0300 4176 SystemInfo:
15:59:59.0300 4176
15:59:59.0300 4176 OS Version: 6.0.6002 ServicePack: 2.0
15:59:59.0300 4176 Product type: Workstation
15:59:59.0300 4176 ComputerName: QUERRIE-PC
15:59:59.0300 4176 UserName: BQfromNY
15:59:59.0300 4176 Windows directory: C:\Windows
15:59:59.0300 4176 System windows directory: C:\Windows
15:59:59.0300 4176 Running under WOW64
15:59:59.0300 4176 Processor architecture: Intel x64
15:59:59.0300 4176 Number of processors: 4
15:59:59.0300 4176 Page size: 0x1000
15:59:59.0300 4176 Boot type: Normal boot
15:59:59.0300 4176 ============================================================
16:00:00.0427 4176 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:00:00.0439 4176 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:00:00.0444 4176 \Device\Harddisk0\DR0:
16:00:00.0444 4176 MBR partitions:
16:00:00.0444 4176 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x950E800
16:00:00.0444 4176 \Device\Harddisk1\DR1:
16:00:00.0444 4176 MBR partitions:
16:00:00.0444 4176 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:00:00.0467 4176 C: <-> \Device\Harddisk0\DR0\Partition0
16:00:00.0496 4176 G: <-> \Device\Harddisk1\DR1\Partition0
16:00:00.0496 4176 Initialize success
16:00:00.0496 4176 ============================================================
16:00:28.0681 2264 ============================================================
16:00:28.0681 2264 Scan started
16:00:28.0681 2264 Mode: Manual; TDLFS;
16:00:28.0681 2264 ============================================================
16:00:29.0741 2264 !SASCORE (a0709b82fa3b5afad1467e565b8b3ba0) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
16:00:29.0743 2264 !SASCORE - ok
16:00:29.0844 2264 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
16:00:29.0847 2264 ACPI - ok
16:00:29.0885 2264 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
16:00:29.0890 2264 adp94xx - ok
16:00:29.0908 2264 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
16:00:29.0912 2264 adpahci - ok
16:00:29.0929 2264 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
16:00:29.0931 2264 adpu160m - ok
16:00:29.0950 2264 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
16:00:29.0952 2264 adpu320 - ok
16:00:29.0986 2264 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
16:00:29.0987 2264 AeLookupSvc - ok
16:00:30.0044 2264 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
16:00:30.0049 2264 AFD - ok
16:00:30.0073 2264 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
16:00:30.0074 2264 agp440 - ok
16:00:30.0091 2264 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
16:00:30.0092 2264 aic78xx - ok
16:00:30.0113 2264 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
16:00:30.0114 2264 ALG - ok
16:00:30.0135 2264 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
16:00:30.0136 2264 aliide - ok
16:00:30.0172 2264 AMD External Events Utility (a359974eaac83a435497c52f62a2e590) C:\Windows\system32\atiesrxx.exe
16:00:30.0174 2264 AMD External Events Utility - ok
16:00:30.0194 2264 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
16:00:30.0194 2264 amdide - ok
16:00:30.0234 2264 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
16:00:30.0235 2264 AmdK8 - ok
16:00:30.0441 2264 amdkmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
16:00:30.0581 2264 amdkmdag - ok
16:00:30.0627 2264 amdkmdap (6b4e9261b613b047a9a145f328889968) C:\Windows\system32\DRIVERS\atikmpag.sys
16:00:30.0630 2264 amdkmdap - ok
16:00:30.0653 2264 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
16:00:30.0654 2264 Appinfo - ok
16:00:30.0750 2264 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:00:30.0751 2264 Apple Mobile Device - ok
16:00:30.0784 2264 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
16:00:30.0786 2264 arc - ok
16:00:30.0804 2264 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
16:00:30.0805 2264 arcsas - ok
16:00:30.0866 2264 AsIO (68726474c69b738eac3a62e06b33addc) C:\Windows\syswow64\drivers\AsIO.sys
16:00:30.0866 2264 AsIO - ok
16:00:30.0905 2264 aspnet_state - ok
16:00:30.0929 2264 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
16:00:30.0930 2264 AsyncMac - ok
16:00:30.0973 2264 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
16:00:30.0973 2264 atapi - ok
16:00:31.0191 2264 atikmdag (60216b0e704584de6d5a9f59e9c34c47) C:\Windows\system32\DRIVERS\atikmdag.sys
16:00:31.0233 2264 atikmdag - ok
16:00:31.0273 2264 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
16:00:31.0278 2264 AudioEndpointBuilder - ok
16:00:31.0290 2264 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
16:00:31.0292 2264 AudioSrv - ok
16:00:31.0343 2264 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
16:00:31.0348 2264 BFE - ok
16:00:31.0390 2264 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
16:00:31.0415 2264 BITS - ok
16:00:31.0449 2264 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
16:00:31.0450 2264 blbdrive - ok
16:00:31.0488 2264 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
16:00:31.0490 2264 bowser - ok
16:00:31.0506 2264 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
16:00:31.0507 2264 BrFiltLo - ok
16:00:31.0522 2264 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
16:00:31.0523 2264 BrFiltUp - ok
16:00:31.0548 2264 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
16:00:31.0550 2264 Browser - ok
16:00:31.0574 2264 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
16:00:31.0575 2264 Brserid - ok
16:00:31.0593 2264 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
16:00:31.0594 2264 BrSerWdm - ok
16:00:31.0615 2264 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
16:00:31.0615 2264 BrUsbMdm - ok
16:00:31.0622 2264 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
16:00:31.0623 2264 BrUsbSer - ok
16:00:31.0647 2264 BTCFilterService - ok
16:00:31.0672 2264 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
16:00:31.0673 2264 BTHMODEM - ok
16:00:31.0697 2264 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
16:00:31.0698 2264 cdfs - ok
16:00:31.0738 2264 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
16:00:31.0739 2264 cdrom - ok
16:00:31.0787 2264 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
16:00:31.0788 2264 CertPropSvc - ok
16:00:31.0812 2264 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
16:00:31.0813 2264 circlass - ok
16:00:31.0857 2264 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
16:00:31.0861 2264 CLFS - ok
16:00:31.0920 2264 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:00:31.0921 2264 clr_optimization_v2.0.50727_32 - ok
16:00:31.0982 2264 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:00:31.0983 2264 clr_optimization_v2.0.50727_64 - ok
16:00:32.0049 2264 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:00:32.0051 2264 clr_optimization_v4.0.30319_32 - ok
16:00:32.0097 2264 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:00:32.0099 2264 clr_optimization_v4.0.30319_64 - ok
16:00:32.0149 2264 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
16:00:32.0150 2264 cmdide - ok
16:00:32.0163 2264 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
16:00:32.0164 2264 Compbatt - ok
16:00:32.0169 2264 COMSysApp - ok
16:00:32.0195 2264 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
16:00:32.0196 2264 crcdisk - ok
16:00:32.0239 2264 CryptSvc (18918613e63f387cde4d95ca7d49dcf7) C:\Windows\system32\cryptsvc.dll
16:00:32.0241 2264 CryptSvc - ok
16:00:32.0280 2264 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
16:00:32.0297 2264 DcomLaunch - ok
16:00:32.0348 2264 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
16:00:32.0350 2264 DfsC - ok
16:00:32.0449 2264 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
16:00:32.0526 2264 DFSR - ok
16:00:32.0566 2264 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
16:00:32.0570 2264 Dhcp - ok
16:00:32.0609 2264 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
16:00:32.0610 2264 disk - ok
16:00:32.0658 2264 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
16:00:32.0660 2264 Dnscache - ok
16:00:32.0678 2264 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
16:00:32.0682 2264 dot3svc - ok
16:00:32.0707 2264 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
16:00:32.0710 2264 DPS - ok
16:00:32.0733 2264 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
16:00:32.0734 2264 drmkaud - ok
16:00:32.0780 2264 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
16:00:32.0812 2264 DXGKrnl - ok
16:00:32.0839 2264 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
16:00:32.0841 2264 E1G60 - ok
16:00:32.0876 2264 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
16:00:32.0877 2264 EapHost - ok
16:00:32.0921 2264 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
16:00:32.0923 2264 Ecache - ok
16:00:32.0981 2264 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
16:00:32.0985 2264 ehRecvr - ok
16:00:32.0996 2264 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
16:00:32.0997 2264 ehSched - ok
16:00:33.0008 2264 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
16:00:33.0008 2264 ehstart - ok
16:00:33.0117 2264 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
16:00:33.0122 2264 elxstor - ok
16:00:33.0194 2264 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
16:00:33.0199 2264 EMDMgmt - ok
16:00:33.0246 2264 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
16:00:33.0256 2264 ErrDev - ok
16:00:33.0294 2264 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
16:00:33.0298 2264 EventSystem - ok
16:00:33.0373 2264 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
16:00:33.0391 2264 exfat - ok
16:00:33.0410 2264 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
16:00:33.0412 2264 fastfat - ok
16:00:33.0427 2264 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
16:00:33.0428 2264 fdc - ok
16:00:33.0453 2264 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
16:00:33.0454 2264 fdPHost - ok
16:00:33.0462 2264 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
16:00:33.0463 2264 FDResPub - ok
16:00:33.0478 2264 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
16:00:33.0479 2264 FileInfo - ok
16:00:33.0496 2264 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
16:00:33.0497 2264 Filetrace - ok
16:00:33.0512 2264 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:00:33.0513 2264 flpydisk - ok
16:00:33.0521 2264 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
16:00:33.0525 2264 FltMgr - ok
16:00:33.0651 2264 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
16:00:33.0678 2264 FontCache - ok
16:00:33.0782 2264 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:00:33.0783 2264 FontCache3.0.0.0 - ok
16:00:33.0859 2264 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:00:33.0860 2264 fssfltr - ok
16:00:33.0967 2264 fsssvc (40cdfad174b3d5e80f95dda003c0b97f) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:00:34.0002 2264 fsssvc - ok
16:00:34.0049 2264 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
16:00:34.0050 2264 Fs_Rec - ok
16:00:34.0083 2264 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
16:00:34.0084 2264 gagp30kx - ok
16:00:34.0122 2264 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:00:34.0134 2264 GEARAspiWDM - ok
16:00:34.0190 2264 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
16:00:34.0206 2264 gpsvc - ok
16:00:34.0381 2264 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:34.0389 2264 gupdate - ok
16:00:34.0408 2264 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:00:34.0409 2264 gupdatem - ok
16:00:34.0465 2264 HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
16:00:34.0468 2264 HdAudAddService - ok
16:00:34.0802 2264 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:00:34.0825 2264 HDAudBus - ok
16:00:34.0864 2264 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
16:00:34.0865 2264 HidBth - ok
16:00:34.0883 2264 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
16:00:34.0883 2264 HidIr - ok
16:00:34.0940 2264 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
16:00:34.0941 2264 hidserv - ok
16:00:34.0995 2264 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
16:00:34.0996 2264 HidUsb - ok
16:00:35.0018 2264 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
16:00:35.0019 2264 hkmsvc - ok
16:00:35.0043 2264 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
16:00:35.0044 2264 HpCISSs - ok
16:00:35.0087 2264 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
16:00:35.0102 2264 HTTP - ok
16:00:35.0135 2264 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
16:00:35.0136 2264 i2omp - ok
16:00:35.0153 2264 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
16:00:35.0154 2264 i8042prt - ok
16:00:35.0176 2264 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
16:00:35.0179 2264 iaStorV - ok
16:00:35.0278 2264 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:00:35.0294 2264 idsvc - ok
16:00:35.0330 2264 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
16:00:35.0330 2264 iirsp - ok
16:00:35.0371 2264 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
16:00:35.0377 2264 IKEEXT - ok
16:00:35.0409 2264 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
16:00:35.0410 2264 intelide - ok
16:00:35.0431 2264 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
16:00:35.0432 2264 intelppm - ok
16:00:35.0591 2264 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
16:00:35.0601 2264 IntuitUpdateService - ok
16:00:35.0731 2264 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
16:00:35.0735 2264 IntuitUpdateServiceV4 - ok
16:00:35.0793 2264 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
16:00:35.0796 2264 IPBusEnum - ok
16:00:35.0842 2264 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:00:35.0843 2264 IpFilterDriver - ok
16:00:35.0894 2264 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
16:00:35.0905 2264 iphlpsvc - ok
16:00:35.0911 2264 IpInIp - ok
16:00:35.0938 2264 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
16:00:35.0940 2264 IPMIDRV - ok
16:00:35.0977 2264 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
16:00:35.0978 2264 IPNAT - ok
16:00:35.0995 2264 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
16:00:35.0996 2264 IRENUM - ok
16:00:36.0006 2264 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
16:00:36.0007 2264 isapnp - ok
16:00:36.0052 2264 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
16:00:36.0055 2264 iScsiPrt - ok
16:00:36.0080 2264 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
16:00:36.0081 2264 iteatapi - ok
16:00:36.0103 2264 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
16:00:36.0104 2264 iteraid - ok
16:00:36.0146 2264 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
16:00:36.0147 2264 kbdclass - ok
16:00:36.0155 2264 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
16:00:36.0157 2264 kbdhid - ok
16:00:36.0199 2264 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
16:00:36.0201 2264 KeyIso - ok
16:00:36.0430 2264 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
16:00:36.0439 2264 Kodak AiO Network Discovery Service - ok
16:00:36.0570 2264 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
16:00:36.0576 2264 KSecDD - ok
16:00:36.0621 2264 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
16:00:36.0622 2264 ksthunk - ok
16:00:36.0667 2264 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
16:00:36.0672 2264 KtmRm - ok
16:00:36.0719 2264 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
16:00:36.0722 2264 LanmanServer - ok
16:00:36.0750 2264 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
16:00:36.0754 2264 LanmanWorkstation - ok
16:00:36.0772 2264 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
16:00:36.0773 2264 lltdio - ok
16:00:36.0819 2264 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
16:00:36.0823 2264 lltdsvc - ok
16:00:36.0841 2264 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
16:00:36.0842 2264 lmhosts - ok
16:00:36.0867 2264 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
16:00:36.0868 2264 LSI_FC - ok
16:00:36.0886 2264 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
16:00:36.0887 2264 LSI_SAS - ok
16:00:36.0903 2264 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
16:00:36.0905 2264 LSI_SCSI - ok
16:00:36.0923 2264 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
16:00:36.0925 2264 luafv - ok
16:00:36.0959 2264 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
16:00:36.0961 2264 Mcx2Svc - ok
16:00:36.0988 2264 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
16:00:36.0989 2264 megasas - ok
16:00:37.0013 2264 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
16:00:37.0018 2264 MegaSR - ok
16:00:37.0049 2264 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
16:00:37.0050 2264 MMCSS - ok
16:00:37.0073 2264 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
16:00:37.0074 2264 Modem - ok
16:00:37.0110 2264 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
16:00:37.0111 2264 monitor - ok
16:00:37.0131 2264 motccgp - ok
16:00:37.0139 2264 motccgpfl - ok
16:00:37.0147 2264 motmodem - ok
16:00:37.0153 2264 MotoSwitchService - ok
16:00:37.0161 2264 Motousbnet - ok
16:00:37.0167 2264 motusbdevice - ok
16:00:37.0202 2264 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
16:00:37.0203 2264 mouclass - ok
16:00:37.0227 2264 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
16:00:37.0228 2264 mouhid - ok
16:00:37.0240 2264 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
16:00:37.0242 2264 MountMgr - ok
16:00:37.0308 2264 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
16:00:37.0320 2264 MpFilter - ok
16:00:37.0338 2264 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
16:00:37.0340 2264 mpio - ok
16:00:37.0391 2264 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
16:00:37.0393 2264 MpNWMon - ok
16:00:37.0406 2264 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
16:00:37.0407 2264 mpsdrv - ok
16:00:37.0461 2264 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
16:00:37.0476 2264 MpsSvc - ok
16:00:37.0496 2264 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
16:00:37.0497 2264 Mraid35x - ok
16:00:37.0548 2264 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
16:00:37.0550 2264 MRxDAV - ok
16:00:37.0593 2264 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:00:37.0595 2264 mrxsmb - ok
16:00:37.0673 2264 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:00:37.0730 2264 mrxsmb10 - ok
16:00:37.0758 2264 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:00:37.0759 2264 mrxsmb20 - ok
16:00:37.0789 2264 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
16:00:37.0790 2264 msahci - ok
16:00:37.0807 2264 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
16:00:37.0809 2264 msdsm - ok
16:00:37.0844 2264 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
16:00:37.0846 2264 MSDTC - ok
16:00:37.0872 2264 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
16:00:37.0872 2264 Msfs - ok
16:00:37.0887 2264 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
16:00:37.0888 2264 msisadrv - ok
16:00:37.0920 2264 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
16:00:37.0922 2264 MSiSCSI - ok
16:00:37.0928 2264 msiserver - ok
16:00:37.0943 2264 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
16:00:37.0944 2264 MSKSSRV - ok
16:00:38.0080 2264 MsMpSvc (157e9e498206a3366baa7e4697bdd947) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
16:00:38.0104 2264 MsMpSvc - ok
16:00:38.0130 2264 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
16:00:38.0131 2264 MSPCLOCK - ok
16:00:38.0143 2264 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
16:00:38.0143 2264 MSPQM - ok
16:00:38.0280 2264 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
16:00:38.0289 2264 MsRPC - ok
16:00:38.0318 2264 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
16:00:38.0319 2264 mssmbios - ok
16:00:38.0337 2264 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
16:00:38.0338 2264 MSTEE - ok
16:00:38.0365 2264 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
16:00:38.0365 2264 MTsensor - ok
16:00:38.0414 2264 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
16:00:38.0428 2264 Mup - ok
16:00:38.0462 2264 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
16:00:38.0467 2264 napagent - ok
16:00:38.0478 2264 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
16:00:38.0480 2264 NativeWifiP - ok
16:00:38.0506 2264 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
16:00:38.0522 2264 NDIS - ok
16:00:38.0532 2264 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
16:00:38.0533 2264 NdisTapi - ok
16:00:38.0546 2264 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
16:00:38.0547 2264 Ndisuio - ok
16:00:38.0589 2264 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
16:00:38.0591 2264 NdisWan - ok
16:00:38.0605 2264 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
16:00:38.0606 2264 NDProxy - ok
16:00:38.0635 2264 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
16:00:38.0635 2264 NetBIOS - ok
16:00:38.0669 2264 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
16:00:38.0672 2264 netbt - ok
16:00:38.0692 2264 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
16:00:38.0692 2264 Netlogon - ok
16:00:38.0723 2264 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
16:00:38.0727 2264 Netman - ok
16:00:38.0748 2264 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
16:00:38.0752 2264 netprofm - ok
16:00:38.0839 2264 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:00:38.0840 2264 NetTcpPortSharing - ok
16:00:38.0882 2264 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
16:00:38.0883 2264 nfrd960 - ok
16:00:38.0921 2264 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:00:38.0922 2264 NisDrv - ok
16:00:39.0059 2264 NisSrv (566ddd5d82520da01d75f81428ac4c38) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
16:00:39.0062 2264 NisSrv - ok
16:00:39.0074 2264 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
16:00:39.0078 2264 NlaSvc - ok
16:00:39.0121 2264 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
16:00:39.0122 2264 Npfs - ok
16:00:39.0161 2264 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
16:00:39.0162 2264 nsi - ok
16:00:39.0173 2264 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
16:00:39.0174 2264 nsiproxy - ok
16:00:39.0248 2264 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
16:00:39.0273 2264 Ntfs - ok
16:00:39.0307 2264 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
16:00:39.0308 2264 Null - ok
16:00:39.0326 2264 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
16:00:39.0327 2264 nvraid - ok
16:00:39.0345 2264 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
16:00:39.0346 2264 nvstor - ok
16:00:39.0363 2264 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
16:00:39.0364 2264 nv_agp - ok
16:00:39.0370 2264 NwlnkFlt - ok
16:00:39.0377 2264 NwlnkFwd - ok
16:00:39.0476 2264 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:00:39.0481 2264 odserv - ok
16:00:39.0519 2264 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
16:00:39.0520 2264 ohci1394 - ok
16:00:39.0551 2264 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:00:39.0553 2264 ose - ok
16:00:39.0618 2264 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
16:00:39.0634 2264 p2pimsvc - ok
16:00:39.0648 2264 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
16:00:39.0652 2264 p2psvc - ok
16:00:39.0693 2264 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
16:00:39.0694 2264 Parport - ok
16:00:39.0732 2264 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
16:00:39.0734 2264 partmgr - ok
16:00:39.0757 2264 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
16:00:39.0759 2264 PcaSvc - ok
16:00:39.0782 2264 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
16:00:39.0784 2264 pci - ok
16:00:39.0834 2264 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
16:00:39.0835 2264 pciide - ok
16:00:39.0857 2264 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
16:00:39.0859 2264 pcmcia - ok
16:00:39.0897 2264 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
16:00:39.0913 2264 PEAUTH - ok
16:00:39.0965 2264 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
16:00:39.0966 2264 PerfHost - ok
16:00:40.0013 2264 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
16:00:40.0037 2264 pla - ok
16:00:40.0119 2264 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
16:00:40.0124 2264 PlugPlay - ok
16:00:40.0168 2264 Pml Driver HPZ12 (5c42fa1fcea58c6f7d6614504bf88f4f) C:\Windows\system32\HPZipm12.dll
16:00:40.0169 2264 Pml Driver HPZ12 - ok
16:00:40.0234 2264 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
16:00:40.0238 2264 PNRPAutoReg - ok
16:00:40.0259 2264 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
16:00:40.0263 2264 PNRPsvc - ok
16:00:40.0319 2264 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
16:00:40.0325 2264 PolicyAgent - ok
16:00:40.0368 2264 postgresql-8.4 - ok
16:00:40.0444 2264 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
16:00:40.0445 2264 PptpMiniport - ok
16:00:40.0480 2264 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
16:00:40.0481 2264 Processor - ok
16:00:40.0530 2264 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
16:00:40.0533 2264 ProfSvc - ok
16:00:40.0574 2264 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
16:00:40.0575 2264 ProtectedStorage - ok
16:00:40.0592 2264 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
16:00:40.0592 2264 PSched - ok
16:00:40.0634 2264 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
16:00:40.0659 2264 ql2300 - ok
16:00:40.0674 2264 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
16:00:40.0676 2264 ql40xx - ok
16:00:40.0714 2264 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
16:00:40.0718 2264 QWAVE - ok
16:00:40.0733 2264 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
16:00:40.0734 2264 QWAVEdrv - ok
16:00:40.0786 2264 RalinkRegistryWriter (2daa6cf9773f22b72a1a98ef2a6eafdf) C:\Program Files (x86)\EDIMAX\Common\RalinkRegistryWriter.exe
16:00:40.0786 2264 RalinkRegistryWriter - ok
16:00:40.0800 2264 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
16:00:40.0801 2264 RasAcd - ok
16:00:40.0830 2264 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
16:00:40.0832 2264 RasAuto - ok
16:00:40.0870 2264 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:00:40.0871 2264 Rasl2tp - ok
16:00:40.0884 2264 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
16:00:40.0888 2264 RasMan - ok
16:00:40.0904 2264 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
16:00:40.0905 2264 RasPppoe - ok
16:00:40.0917 2264 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
16:00:40.0919 2264 RasSstp - ok
16:00:40.0938 2264 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
16:00:40.0941 2264 rdbss - ok
16:00:40.0965 2264 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:00:40.0966 2264 RDPCDD - ok
16:00:40.0994 2264 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
16:00:40.0998 2264 rdpdr - ok
16:00:41.0004 2264 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
16:00:41.0005 2264 RDPENCDD - ok
16:00:41.0049 2264 RDPWD (5c141fc457f1ac833664789235aca673) C:\Windows\system32\drivers\RDPWD.sys
16:00:41.0052 2264 RDPWD - ok
16:00:41.0084 2264 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
16:00:41.0086 2264 RemoteAccess - ok
16:00:41.0105 2264 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
16:00:41.0109 2264 RemoteRegistry - ok
16:00:41.0130 2264 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
16:00:41.0132 2264 RpcLocator - ok
16:00:41.0205 2264 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
16:00:41.0208 2264 RpcSs - ok
16:00:41.0224 2264 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
16:00:41.0225 2264 rspndr - ok
16:00:41.0249 2264 rt61x64 (a75904bea6be9c87ced65acffdcb18b2) C:\Windows\system32\DRIVERS\netr6164.sys
16:00:41.0254 2264 rt61x64 - ok
16:00:41.0301 2264 SABKUTIL - ok
16:00:41.0341 2264 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
16:00:41.0341 2264 SamSs - ok
16:00:41.0361 2264 SASDIFSV (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
16:00:41.0362 2264 SASDIFSV - ok
16:00:41.0367 2264 SASKUTIL (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
16:00:41.0368 2264 SASKUTIL - ok
16:00:41.0386 2264 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
16:00:41.0387 2264 sbp2port - ok
16:00:41.0426 2264 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
16:00:41.0429 2264 SCardSvr - ok
16:00:41.0468 2264 SCDEmu (7fb7a7448d6d3609724c3e5bd7a90f8e) C:\Windows\system32\drivers\SCDEmu.sys
16:00:41.0470 2264 SCDEmu - ok
16:00:41.0522 2264 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
16:00:41.0539 2264 Schedule - ok
16:00:41.0578 2264 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
16:00:41.0578 2264 SCPolicySvc - ok
16:00:41.0606 2264 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
16:00:41.0609 2264 SDRSVC - ok
16:00:41.0630 2264 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:00:41.0631 2264 secdrv - ok
16:00:41.0643 2264 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
16:00:41.0645 2264 seclogon - ok
16:00:41.0660 2264 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
16:00:41.0662 2264 SENS - ok
16:00:41.0693 2264 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
16:00:41.0694 2264 Serenum - ok
16:00:41.0712 2264 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
16:00:41.0713 2264 Serial - ok
16:00:41.0731 2264 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
16:00:41.0732 2264 sermouse - ok
16:00:41.0755 2264 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
16:00:41.0757 2264 SessionEnv - ok
16:00:41.0782 2264 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
16:00:41.0783 2264 sffdisk - ok
16:00:41.0799 2264 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
16:00:41.0800 2264 sffp_mmc - ok
16:00:41.0816 2264 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
16:00:41.0816 2264 sffp_sd - ok
16:00:41.0826 2264 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
16:00:41.0827 2264 sfloppy - ok
16:00:41.0859 2264 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
16:00:41.0863 2264 SharedAccess - ok
16:00:41.0931 2264 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
16:00:41.0936 2264 ShellHWDetection - ok
16:00:41.0960 2264 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
16:00:41.0961 2264 SiSRaid2 - ok
16:00:41.0977 2264 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
16:00:41.0978 2264 SiSRaid4 - ok
16:00:42.0063 2264 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
16:00:42.0105 2264 slsvc - ok
16:00:42.0160 2264 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
16:00:42.0162 2264 SLUINotify - ok
16:00:42.0204 2264 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
16:00:42.0205 2264 Smb - ok
16:00:42.0244 2264 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
16:00:42.0246 2264 SNMPTRAP - ok
16:00:42.0282 2264 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
16:00:42.0283 2264 spldr - ok
16:00:42.0325 2264 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
16:00:42.0329 2264 Spooler - ok
16:00:42.0384 2264 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
16:00:42.0389 2264 srv - ok
16:00:42.0435 2264 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
16:00:42.0438 2264 srv2 - ok
16:00:42.0481 2264 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
16:00:42.0483 2264 srvnet - ok
16:00:42.0495 2264 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
16:00:42.0498 2264 SSDPSRV - ok
16:00:42.0509 2264 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
16:00:42.0512 2264 SstpSvc - ok
16:00:42.0577 2264 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
16:00:42.0593 2264 stisvc - ok
16:00:42.0614 2264 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
16:00:42.0615 2264 swenum - ok
16:00:42.0674 2264 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
16:00:42.0688 2264 swprv - ok
16:00:42.0708 2264 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
16:00:42.0709 2264 Symc8xx - ok
16:00:42.0725 2264 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
16:00:42.0726 2264 Sym_hi - ok
16:00:42.0745 2264 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
16:00:42.0746 2264 Sym_u3 - ok
16:00:42.0797 2264 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
16:00:42.0813 2264 SysMain - ok
16:00:42.0843 2264 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
16:00:42.0845 2264 TabletInputService - ok
16:00:42.0889 2264 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
16:00:42.0893 2264 TapiSrv - ok
16:00:42.0906 2264 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
16:00:42.0908 2264 TBS - ok
16:00:42.0972 2264 Tcpip (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys
16:00:42.0996 2264 Tcpip - ok
16:00:43.0042 2264 Tcpip6 (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys
16:00:43.0048 2264 Tcpip6 - ok
16:00:43.0096 2264 tcpipreg (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys
16:00:43.0097 2264 tcpipreg - ok
16:00:43.0127 2264 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
16:00:43.0127 2264 TDPIPE - ok
16:00:43.0139 2264 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
16:00:43.0140 2264 TDTCP - ok
16:00:43.0182 2264 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
16:00:43.0184 2264 tdx - ok
16:00:43.0224 2264 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
16:00:43.0225 2264 TermDD - ok
16:00:43.0279 2264 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
16:00:43.0295 2264 TermService - ok
16:00:43.0340 2264 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
16:00:43.0342 2264 Themes - ok
16:00:43.0365 2264 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
16:00:43.0366 2264 THREADORDER - ok
16:00:43.0385 2264 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
16:00:43.0388 2264 TrkWks - ok
16:00:43.0436 2264 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
16:00:43.0436 2264 TrustedInstaller - ok
16:00:43.0472 2264 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:00:43.0473 2264 tssecsrv - ok
16:00:43.0495 2264 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
16:00:43.0496 2264 tunmp - ok
16:00:43.0525 2264 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
16:00:43.0526 2264 tunnel - ok
16:00:43.0544 2264 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
16:00:43.0546 2264 uagp35 - ok
16:00:43.0568 2264 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
16:00:43.0572 2264 udfs - ok
16:00:43.0584 2264 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
16:00:43.0586 2264 UI0Detect - ok
16:00:43.0606 2264 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
16:00:43.0608 2264 uliagpkx - ok
16:00:43.0626 2264 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
16:00:43.0629 2264 uliahci - ok
16:00:43.0647 2264 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
16:00:43.0650 2264 UlSata - ok
16:00:43.0693 2264 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
16:00:43.0695 2264 ulsata2 - ok
16:00:43.0713 2264 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
16:00:43.0714 2264 umbus - ok
16:00:43.0739 2264 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
16:00:43.0744 2264 upnphost - ok
16:00:43.0781 2264 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
16:00:43.0782 2264 USBAAPL64 - ok
16:00:43.0821 2264 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
16:00:43.0823 2264 usbaudio - ok
16:00:43.0861 2264 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
16:00:43.0863 2264 usbccgp - ok
16:00:43.0881 2264 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
16:00:43.0883 2264 usbcir - ok
16:00:43.0923 2264 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
16:00:43.0924 2264 usbehci - ok
16:00:43.0939 2264 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
16:00:43.0942 2264 usbhub - ok
16:00:43.0960 2264 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
16:00:43.0961 2264 usbohci - ok
16:00:44.0003 2264 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
16:00:44.0004 2264 usbprint - ok
16:00:44.0049 2264 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
16:00:44.0050 2264 usbscan - ok
16:00:44.0074 2264 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:00:44.0075 2264 USBSTOR - ok
16:00:44.0087 2264 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
16:00:44.0088 2264 usbuhci - ok
16:00:44.0128 2264 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
16:00:44.0129 2264 UxSms - ok
16:00:44.0168 2264 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
16:00:44.0174 2264 vds - ok
16:00:44.0201 2264 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
16:00:44.0202 2264 vga - ok
16:00:44.0218 2264 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
16:00:44.0219 2264 VgaSave - ok
16:00:44.0238 2264 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
16:00:44.0239 2264 viaide - ok
16:00:44.0281 2264 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
16:00:44.0282 2264 volmgr - ok
16:00:44.0353 2264 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
16:00:44.0358 2264 volmgrx - ok
16:00:44.0407 2264 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
16:00:44.0410 2264 volsnap - ok
16:00:44.0445 2264 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
16:00:44.0447 2264 vsmraid - ok
16:00:44.0502 2264 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
16:00:44.0526 2264 VSS - ok
16:00:44.0575 2264 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
16:00:44.0580 2264 W32Time - ok
16:00:44.0610 2264 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
16:00:44.0611 2264 WacomPen - ok
16:00:44.0659 2264 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
16:00:44.0661 2264 Wanarp - ok
16:00:44.0663 2264 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
16:00:44.0664 2264 Wanarpv6 - ok
16:00:44.0719 2264 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
16:00:44.0735 2264 wcncsvc - ok
16:00:44.0759 2264 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
16:00:44.0761 2264 WcsPlugInService - ok
16:00:44.0791 2264 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
16:00:44.0792 2264 Wd - ok
16:00:44.0844 2264 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:00:44.0860 2264 Wdf01000 - ok
16:00:44.0877 2264 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
16:00:44.0879 2264 WdiServiceHost - ok
16:00:44.0893 2264 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
16:00:44.0895 2264 WdiSystemHost - ok
16:00:44.0937 2264 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
16:00:44.0940 2264 WebClient - ok
16:00:44.0977 2264 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
16:00:44.0981 2264 Wecsvc - ok
16:00:44.0998 2264 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
16:00:45.0000 2264 wercplsupport - ok
16:00:45.0013 2264 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
16:00:45.0016 2264 WerSvc - ok
16:00:45.0042 2264 WinDefend - ok
16:00:45.0045 2264 WinHttpAutoProxySvc - ok
16:00:45.0122 2264 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
16:00:45.0125 2264 Winmgmt - ok
16:00:45.0193 2264 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
16:00:45.0225 2264 WinRM - ok
16:00:45.0316 2264 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
16:00:45.0317 2264 WinUSB - ok
16:00:45.0362 2264 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
16:00:45.0377 2264 Wlansvc - ok
16:00:45.0451 2264 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:00:45.0452 2264 wlcrasvc - ok
16:00:45.0547 2264 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:00:45.0588 2264 wlidsvc - ok
16:00:45.0649 2264 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
16:00:45.0650 2264 WmiAcpi - ok
16:00:45.0718 2264 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
16:00:45.0720 2264 wmiApSrv - ok
16:00:45.0762 2264 WMPNetworkSvc - ok
16:00:45.0785 2264 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
16:00:45.0788 2264 WPCSvc - ok
16:00:45.0829 2264 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
16:00:45.0832 2264 WPDBusEnum - ok
16:00:45.0861 2264 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
16:00:45.0862 2264 WpdUsb - ok
16:00:46.0015 2264 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:00:46.0031 2264 WPFFontCache_v0400 - ok
16:00:46.0069 2264 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
16:00:46.0069 2264 ws2ifsl - ok
16:00:46.0111 2264 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
16:00:46.0113 2264 wscsvc - ok
16:00:46.0119 2264 WSearch - ok
16:00:46.0200 2264 wuauserv (fb3796754fe00f0bdc87a36f164a5f4d) C:\Windows\system32\wuaueng.dll
16:00:46.0241 2264 wuauserv - ok
16:00:46.0281 2264 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:00:46.0283 2264 WudfPf - ok
16:00:46.0295 2264 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:00:46.0298 2264 WUDFRd - ok
16:00:46.0315 2264 wudfsvc (3dcc7bf5afa921b479e622bd999121f3) C:\Windows\System32\WUDFSvc.dll
16:00:46.0318 2264 wudfsvc - ok
16:00:46.0342 2264 yukonx64 (2ae06b41b36549fabf0886b2af89a599) C:\Windows\system32\DRIVERS\yk60x64.sys
16:00:46.0346 2264 yukonx64 - ok
16:00:46.0367 2264 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:00:46.0460 2264 \Device\Harddisk0\DR0 - ok
16:00:46.0462 2264 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
16:00:46.0505 2264 \Device\Harddisk1\DR1 - ok
16:00:46.0507 2264 Boot (0x1200) (4364341064370b56be0b8af39c011533) \Device\Harddisk0\DR0\Partition0
16:00:46.0508 2264 \Device\Harddisk0\DR0\Partition0 - ok
16:00:46.0509 2264 Boot (0x1200) (3bd8d9230e50640feb27829d5b6ac347) \Device\Harddisk1\DR1\Partition0
16:00:46.0510 2264 \Device\Harddisk1\DR1\Partition0 - ok
16:00:46.0510 2264 ============================================================
16:00:46.0510 2264 Scan finished
16:00:46.0510 2264 ============================================================
16:00:46.0516 4168 Detected object count: 0
16:00:46.0516 4168 Actual detected object count: 0
16:01:15.0080 2316 Deinitialize success

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:08 AM

Posted 22 April 2012 - 03:42 PM

If this doesnt fix it......
For the connection try these...

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Now check if the internet is working again.

OR

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.

If needed : type these one line at a time, press enter after each line. See if it works after each.


netsh interface ipv4 reset
netsh interface ipv6 reset
ipconfig /flushdns


WIN7.. Please Download this file, Click Me
Right-click on winsockfix.bat and click on Run as Administrator.

If no joy post your DDS login a new topic here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 22 April 2012 - 03:54 PM

My internet is working properly.. since last night. As a matter of fact, It APPEARS the virus has been found and erraticated.

Here is what happened - I was in safe mode watching a movie (no passwords or any other security issue in this) when all of a sudden I got the "blue screen". When I rebooted I was informed that MS Essentials found a file that was a threat and quaranteened it. I have had no signs of the virus since then - BUT I want to make sure I dont have any issues for the virus was never detected on any of the scans that I did (atleast not that I could tell). Here are the files that are in my MS Essentials hsitory:

Exploit:java/CVE-2010-0840.NS
Rogue:win32/winwebsec

I pray I explained that well enough - please inform me how to proceed

ADD - is it safe for me to start running sites/programs with passwords?

Edited by BQfromNY, 22 April 2012 - 03:55 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:08 AM

Posted 22 April 2012 - 04:33 PM

Actually wait till you get the all clear here as thet have the deeper look.


http://forums.malwarebytes.org/index.php?showtopic=108937
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 22 April 2012 - 06:07 PM

that ather post was closed - please advise as to hwo to proceed.

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:08 AM

Posted 23 April 2012 - 09:24 AM

Ok, you look good... You most likely ate infecting yourself from torrent downloads. Thats like what they do..



Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u3-windows-i586.exe (or jre-7u3-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.



Similarly Update to Adobe Reader X (10.1.0)
Note UN check the box so you do not install the toolbar,unless you really want it..

Free! Google Toolbar search Google from any web page, block pop-ups

Yes, install Google Toolbar - optional

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 23 April 2012 - 02:14 PM

done - TY for your help! So - am I safe - can I use passwords etc on computer?

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:08 AM

Posted 23 April 2012 - 07:32 PM

Before I say yes..
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 BQfromNY

BQfromNY
  • Topic Starter

  • Members
  • 92 posts
  • OFFLINE
  •  
  • Local time:09:08 AM

Posted 24 April 2012 - 06:08 AM

ugh!

G:\F copy\OneTouch 4\Gamez\Dirt.3-SKIDROW\sr-dirt3\sr-dirt3.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted
G:\F copy\OneTouch 4\Gamez\The.Witcher.2.Assassins.of.Kings-SKIDROW\DVD2\sr-tw2b\sr-tw2b.iso a variant of Win32/Packed.VMProtect.AAA trojan deleted




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users