Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop up Ads Virus, undetected in TDSS Killer


  • Please log in to reply
14 replies to this topic

#1 littleox

littleox

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 11:16 AM

Hello!
I have a very similar problem to the one addressed here: http://www.bleepingcomputer.com/forums/topic454045.html. Apologies, but please refer to the screencaptures in this other post (I am having trouble uploading images, but that is a separate topic). When the redirect to this pop-up window occurs, I see various addresses, including adserving.cpxinteractive or sometimes ad.yieldmanager. I was running Microsoft Security Essentials at the time I got the virus. MSE found and removed the virus multiple times, but I kept seeing the popups. Since then, I took the advice of another forum to use AVG instead, so I uninstalled MSE and installed AVG. I have run AVG, Malewarebytes, and the TDSSKiller, in normal and safe modes -- with nothing found in either of these programs. I just noticed that my Windows Firewall and Windows Defender have been corrupted so that I cannot change the settings and I am assuming the virus has caused this damage. Any help would be really appreciated! Thank you! Here is the log from the TDSSKiller:


12:12:33.0923 5100 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
12:12:34.0594 5100 ============================================================
12:12:34.0594 5100 Current date / time: 2012/05/21 12:12:34.0594
12:12:34.0594 5100 SystemInfo:
12:12:34.0594 5100
12:12:34.0594 5100 OS Version: 6.1.7601 ServicePack: 1.0
12:12:34.0594 5100 Product type: Workstation
12:12:34.0594 5100 ComputerName: LENA-PC
12:12:34.0594 5100 UserName: Lena
12:12:34.0594 5100 Windows directory: C:\Windows
12:12:34.0594 5100 System windows directory: C:\Windows
12:12:34.0594 5100 Running under WOW64
12:12:34.0594 5100 Processor architecture: Intel x64
12:12:34.0594 5100 Number of processors: 4
12:12:34.0594 5100 Page size: 0x1000
12:12:34.0594 5100 Boot type: Normal boot
12:12:34.0594 5100 ============================================================
12:12:35.0234 5100 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:12:35.0249 5100 ============================================================
12:12:35.0249 5100 \Device\Harddisk0\DR0:
12:12:35.0249 5100 MBR partitions:
12:12:35.0249 5100 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2AF98B5, BlocksNum 0xE8DFF31
12:12:35.0265 5100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x113DA000, BlocksNum 0x28FAB800
12:12:35.0265 5100 ============================================================
12:12:35.0374 5100 C: <-> \Device\Harddisk0\DR0\Partition0
12:12:35.0405 5100 D: <-> \Device\Harddisk0\DR0\Partition1
12:12:35.0405 5100 ============================================================
12:12:35.0405 5100 Initialize success
12:12:35.0405 5100 ============================================================
12:12:43.0127 4604 ============================================================
12:12:43.0127 4604 Scan started
12:12:43.0127 4604 Mode: Manual; TDLFS;
12:12:43.0127 4604 ============================================================
12:12:43.0954 4604 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:12:43.0970 4604 1394ohci - ok
12:12:44.0032 4604 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:12:44.0032 4604 ACPI - ok
12:12:44.0079 4604 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:12:44.0079 4604 AcpiPmi - ok
12:12:44.0188 4604 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:12:44.0188 4604 AdobeARMservice - ok
12:12:44.0344 4604 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:12:44.0344 4604 AdobeFlashPlayerUpdateSvc - ok
12:12:44.0406 4604 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:12:44.0438 4604 adp94xx - ok
12:12:44.0625 4604 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:12:44.0672 4604 adpahci - ok
12:12:44.0750 4604 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:12:44.0765 4604 adpu320 - ok
12:12:44.0796 4604 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:12:44.0796 4604 AeLookupSvc - ok
12:12:44.0874 4604 AFBAgent (2d00d3dadc1d3326ba788eb071f2726e) C:\Windows\system32\FBAgent.exe
12:12:44.0890 4604 AFBAgent - ok
12:12:44.0968 4604 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:12:44.0984 4604 AFD - ok
12:12:45.0046 4604 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:12:45.0046 4604 agp440 - ok
12:12:45.0093 4604 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:12:45.0093 4604 ALG - ok
12:12:45.0140 4604 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:12:45.0140 4604 aliide - ok
12:12:45.0171 4604 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:12:45.0171 4604 amdide - ok
12:12:45.0218 4604 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:12:45.0218 4604 AmdK8 - ok
12:12:45.0233 4604 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:12:45.0233 4604 AmdPPM - ok
12:12:45.0264 4604 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:12:45.0264 4604 amdsata - ok
12:12:45.0296 4604 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:12:45.0311 4604 amdsbs - ok
12:12:45.0327 4604 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:12:45.0327 4604 amdxata - ok
12:12:45.0358 4604 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
12:12:45.0358 4604 AmUStor - ok
12:12:45.0405 4604 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:12:45.0405 4604 AppID - ok
12:12:45.0436 4604 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:12:45.0436 4604 AppIDSvc - ok
12:12:45.0452 4604 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:12:45.0467 4604 Appinfo - ok
12:12:45.0498 4604 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:12:45.0514 4604 arc - ok
12:12:45.0530 4604 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:12:45.0530 4604 arcsas - ok
12:12:45.0608 4604 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
12:12:45.0608 4604 ASLDRService - ok
12:12:45.0639 4604 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
12:12:45.0639 4604 ASMMAP64 - ok
12:12:45.0654 4604 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:12:45.0654 4604 AsyncMac - ok
12:12:45.0717 4604 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:12:45.0717 4604 atapi - ok
12:12:45.0935 4604 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\Windows\system32\DRIVERS\athrx.sys
12:12:45.0966 4604 athr - ok
12:12:46.0029 4604 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
12:12:46.0044 4604 ATKGFNEXSrv - ok
12:12:46.0200 4604 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:12:46.0216 4604 AudioEndpointBuilder - ok
12:12:46.0232 4604 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:12:46.0232 4604 AudioSrv - ok
12:12:46.0341 4604 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
12:12:46.0341 4604 Avgfwfd - ok
12:12:46.0637 4604 avgfws (3f246752bc1309f71a737c6a90dd5295) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
12:12:46.0637 4604 avgfws - ok
12:12:47.0277 4604 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
12:12:47.0292 4604 AVGIDSAgent - ok
12:12:47.0433 4604 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:12:47.0433 4604 AVGIDSDriver - ok
12:12:47.0480 4604 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
12:12:47.0480 4604 AVGIDSFilter - ok
12:12:47.0495 4604 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
12:12:47.0495 4604 AVGIDSHA - ok
12:12:47.0526 4604 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
12:12:47.0542 4604 Avgldx64 - ok
12:12:47.0558 4604 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
12:12:47.0558 4604 Avgmfx64 - ok
12:12:47.0604 4604 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
12:12:47.0604 4604 Avgrkx64 - ok
12:12:47.0636 4604 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
12:12:47.0651 4604 Avgtdia - ok
12:12:47.0854 4604 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
12:12:47.0854 4604 avgwd - ok
12:12:47.0916 4604 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:12:47.0916 4604 AxInstSV - ok
12:12:48.0026 4604 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:12:48.0041 4604 b06bdrv - ok
12:12:48.0088 4604 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:12:48.0119 4604 b57nd60a - ok
12:12:48.0166 4604 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:12:48.0384 4604 BDESVC - ok
12:12:48.0400 4604 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:12:48.0400 4604 Beep - ok
12:12:48.0525 4604 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:12:48.0587 4604 BITS - ok
12:12:48.0618 4604 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:12:48.0618 4604 blbdrive - ok
12:12:48.0665 4604 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:12:48.0665 4604 bowser - ok
12:12:48.0696 4604 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:12:48.0712 4604 BrFiltLo - ok
12:12:48.0712 4604 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:12:48.0712 4604 BrFiltUp - ok
12:12:48.0759 4604 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:12:48.0759 4604 Browser - ok
12:12:48.0806 4604 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\system32\Drivers\Brserid.sys
12:12:48.0852 4604 Brserid - ok
12:12:48.0868 4604 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:12:48.0868 4604 BrSerWdm - ok
12:12:48.0884 4604 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:12:48.0884 4604 BrUsbMdm - ok
12:12:48.0899 4604 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\Drivers\BrUsbSer.sys
12:12:48.0899 4604 BrUsbSer - ok
12:12:48.0946 4604 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
12:12:48.0946 4604 BthEnum - ok
12:12:48.0977 4604 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:12:48.0993 4604 BTHMODEM - ok
12:12:49.0040 4604 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
12:12:49.0040 4604 BthPan - ok
12:12:49.0102 4604 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
12:12:49.0196 4604 BTHPORT - ok
12:12:49.0289 4604 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:12:49.0289 4604 bthserv - ok
12:12:49.0305 4604 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
12:12:49.0320 4604 BTHUSB - ok
12:12:49.0352 4604 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
12:12:49.0367 4604 btwaudio - ok
12:12:49.0398 4604 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
12:12:49.0398 4604 btwavdt - ok
12:12:49.0508 4604 btwdins (1e08dc82525282e34ad66ffba0782565) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:12:49.0554 4604 btwdins - ok
12:12:49.0586 4604 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:12:49.0586 4604 btwl2cap - ok
12:12:49.0617 4604 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
12:12:49.0632 4604 btwrchid - ok
12:12:49.0664 4604 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:12:49.0664 4604 cdfs - ok
12:12:49.0710 4604 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:12:49.0726 4604 cdrom - ok
12:12:49.0788 4604 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:12:49.0788 4604 CertPropSvc - ok
12:12:49.0820 4604 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:12:49.0835 4604 circlass - ok
12:12:49.0882 4604 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:12:49.0882 4604 CLFS - ok
12:12:49.0944 4604 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:12:49.0944 4604 clr_optimization_v2.0.50727_32 - ok
12:12:49.0976 4604 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:12:49.0976 4604 clr_optimization_v2.0.50727_64 - ok
12:12:50.0085 4604 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:12:50.0100 4604 clr_optimization_v4.0.30319_32 - ok
12:12:50.0132 4604 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:12:50.0147 4604 clr_optimization_v4.0.30319_64 - ok
12:12:50.0163 4604 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:12:50.0163 4604 CmBatt - ok
12:12:50.0194 4604 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:12:50.0194 4604 cmdide - ok
12:12:50.0506 4604 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
12:12:50.0522 4604 CNG - ok
12:12:50.0568 4604 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:12:50.0568 4604 Compbatt - ok
12:12:50.0615 4604 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:12:50.0615 4604 CompositeBus - ok
12:12:50.0631 4604 COMSysApp - ok
12:12:50.0724 4604 CrashPlanService (e2cec73b4d221b9ffe906748d1f5fc54) C:\Program Files\CrashPlan\CrashPlanService.exe
12:12:50.0740 4604 CrashPlanService - ok
12:12:50.0771 4604 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:12:50.0787 4604 crcdisk - ok
12:12:50.0849 4604 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
12:12:50.0849 4604 CryptSvc - ok
12:12:51.0068 4604 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:12:51.0068 4604 DcomLaunch - ok
12:12:51.0115 4604 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:12:51.0130 4604 defragsvc - ok
12:12:51.0177 4604 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:12:51.0177 4604 DfsC - ok
12:12:51.0224 4604 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:12:51.0224 4604 Dhcp - ok
12:12:51.0255 4604 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:12:51.0255 4604 discache - ok
12:12:51.0286 4604 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:12:51.0286 4604 Disk - ok
12:12:51.0317 4604 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:12:51.0317 4604 Dnscache - ok
12:12:51.0395 4604 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:12:51.0411 4604 dot3svc - ok
12:12:51.0458 4604 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:12:51.0458 4604 DPS - ok
12:12:51.0505 4604 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:12:51.0505 4604 drmkaud - ok
12:12:51.0629 4604 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:12:51.0676 4604 DXGKrnl - ok
12:12:51.0692 4604 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:12:51.0692 4604 EapHost - ok
12:12:51.0926 4604 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:12:52.0019 4604 ebdrv - ok
12:12:52.0160 4604 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:12:52.0160 4604 EFS - ok
12:12:52.0253 4604 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:12:52.0300 4604 ehRecvr - ok
12:12:52.0331 4604 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:12:52.0331 4604 ehSched - ok
12:12:52.0581 4604 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:12:52.0597 4604 elxstor - ok
12:12:52.0628 4604 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:12:52.0628 4604 ErrDev - ok
12:12:52.0690 4604 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:12:52.0690 4604 EventSystem - ok
12:12:52.0846 4604 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:12:52.0893 4604 EvtEng - ok
12:12:53.0033 4604 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:12:53.0049 4604 exfat - ok
12:12:53.0111 4604 f5ipfw (51d6ab185207917664cf0a302423aa3d) C:\Windows\system32\drivers\urfltv64.sys
12:12:53.0111 4604 f5ipfw - ok
12:12:53.0127 4604 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:12:53.0143 4604 fastfat - ok
12:12:53.0267 4604 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:12:53.0314 4604 Fax - ok
12:12:53.0392 4604 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:12:53.0392 4604 fdc - ok
12:12:53.0439 4604 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:12:53.0439 4604 fdPHost - ok
12:12:53.0455 4604 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:12:53.0455 4604 FDResPub - ok
12:12:53.0470 4604 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:12:53.0470 4604 FileInfo - ok
12:12:53.0486 4604 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:12:53.0486 4604 Filetrace - ok
12:12:53.0517 4604 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:12:53.0517 4604 flpydisk - ok
12:12:53.0595 4604 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:12:53.0595 4604 FltMgr - ok
12:12:53.0704 4604 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:12:53.0751 4604 FontCache - ok
12:12:53.0829 4604 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:12:53.0829 4604 FontCache3.0.0.0 - ok
12:12:53.0860 4604 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:12:53.0860 4604 FsDepends - ok
12:12:53.0923 4604 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
12:12:53.0923 4604 fssfltr - ok
12:12:54.0110 4604 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:12:54.0266 4604 fsssvc - ok
12:12:54.0671 4604 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:12:54.0671 4604 Fs_Rec - ok
12:12:54.0718 4604 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:12:54.0734 4604 fvevol - ok
12:12:54.0765 4604 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:12:54.0781 4604 gagp30kx - ok
12:12:54.0874 4604 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:12:54.0874 4604 gpsvc - ok
12:12:54.0952 4604 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:12:54.0968 4604 gusvc - ok
12:12:54.0999 4604 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:12:55.0015 4604 hcw85cir - ok
12:12:55.0061 4604 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
12:12:55.0077 4604 HdAudAddService - ok
12:12:55.0139 4604 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:12:55.0139 4604 HDAudBus - ok
12:12:55.0186 4604 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
12:12:55.0186 4604 HECIx64 - ok
12:12:55.0202 4604 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:12:55.0202 4604 HidBatt - ok
12:12:55.0217 4604 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:12:55.0233 4604 HidBth - ok
12:12:55.0264 4604 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:12:55.0280 4604 HidIr - ok
12:12:55.0295 4604 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:12:55.0311 4604 hidserv - ok
12:12:55.0358 4604 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
12:12:55.0358 4604 HidUsb - ok
12:12:55.0420 4604 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:12:55.0420 4604 hkmsvc - ok
12:12:55.0514 4604 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:12:55.0529 4604 HomeGroupListener - ok
12:12:55.0561 4604 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:12:55.0576 4604 HomeGroupProvider - ok
12:12:55.0623 4604 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:12:55.0623 4604 HpSAMD - ok
12:12:55.0748 4604 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:12:55.0748 4604 HTTP - ok
12:12:55.0795 4604 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:12:55.0810 4604 hwpolicy - ok
12:12:55.0857 4604 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
12:12:55.0857 4604 i8042prt - ok
12:12:55.0919 4604 iaStor (42e00996dfc13c46366689c0ea8abc5e) C:\Windows\system32\DRIVERS\iaStor.sys
12:12:55.0935 4604 iaStor - ok
12:12:55.0997 4604 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:12:56.0013 4604 iaStorV - ok
12:12:56.0153 4604 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:12:56.0200 4604 idsvc - ok
12:12:57.0199 4604 igfx (174bcac474de13b2650e444cf124828e) C:\Windows\system32\DRIVERS\igdkmd64.sys
12:12:57.0448 4604 igfx - ok
12:12:57.0589 4604 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:12:57.0604 4604 iirsp - ok
12:12:57.0760 4604 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:12:57.0791 4604 IKEEXT - ok
12:12:57.0838 4604 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
12:12:57.0854 4604 Impcd - ok
12:12:58.0197 4604 IntcAzAudAddService (a73cc9bd3a7236e686be6667f0106c16) C:\Windows\system32\drivers\RTKVHD64.sys
12:12:58.0259 4604 IntcAzAudAddService - ok
12:12:58.0415 4604 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
12:12:58.0431 4604 IntcDAud - ok
12:12:58.0462 4604 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:12:58.0462 4604 intelide - ok
12:12:58.0493 4604 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:12:58.0493 4604 intelppm - ok
12:12:58.0540 4604 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:12:58.0540 4604 IPBusEnum - ok
12:12:58.0587 4604 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:12:58.0587 4604 IpFilterDriver - ok
12:12:58.0634 4604 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:12:58.0634 4604 IPMIDRV - ok
12:12:58.0681 4604 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:12:58.0681 4604 IPNAT - ok
12:12:58.0712 4604 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:12:58.0712 4604 IRENUM - ok
12:12:58.0743 4604 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:12:58.0743 4604 isapnp - ok
12:12:58.0774 4604 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:12:58.0790 4604 iScsiPrt - ok
12:12:58.0821 4604 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:12:58.0821 4604 kbdclass - ok
12:12:58.0852 4604 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:12:58.0852 4604 kbdhid - ok
12:12:58.0883 4604 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
12:12:58.0883 4604 kbfiltr - ok
12:12:58.0930 4604 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:12:58.0930 4604 KeyIso - ok
12:12:58.0977 4604 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
12:12:58.0977 4604 KSecDD - ok
12:12:59.0071 4604 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
12:12:59.0071 4604 KSecPkg - ok
12:12:59.0102 4604 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:12:59.0102 4604 ksthunk - ok
12:12:59.0149 4604 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:12:59.0195 4604 KtmRm - ok
12:12:59.0242 4604 L1C (9ddc68b87a9b837736a2b193ee14a4a5) C:\Windows\system32\DRIVERS\L1C62x64.sys
12:12:59.0258 4604 L1C - ok
12:12:59.0305 4604 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:12:59.0305 4604 LanmanServer - ok
12:12:59.0336 4604 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:12:59.0351 4604 LanmanWorkstation - ok
12:12:59.0383 4604 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:12:59.0383 4604 lltdio - ok
12:12:59.0429 4604 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:12:59.0445 4604 lltdsvc - ok
12:12:59.0679 4604 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:12:59.0679 4604 lmhosts - ok
12:12:59.0788 4604 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:12:59.0804 4604 LMS - ok
12:12:59.0851 4604 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:12:59.0851 4604 LSI_FC - ok
12:12:59.0882 4604 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:12:59.0882 4604 LSI_SAS - ok
12:12:59.0897 4604 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:12:59.0897 4604 LSI_SAS2 - ok
12:12:59.0913 4604 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:12:59.0913 4604 LSI_SCSI - ok
12:12:59.0960 4604 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:12:59.0960 4604 luafv - ok
12:13:00.0007 4604 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:13:00.0007 4604 Mcx2Svc - ok
12:13:00.0241 4604 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:13:00.0256 4604 MDM - ok
12:13:00.0287 4604 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:13:00.0287 4604 megasas - ok
12:13:00.0319 4604 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:13:00.0334 4604 MegaSR - ok
12:13:00.0365 4604 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:13:00.0365 4604 MMCSS - ok
12:13:00.0381 4604 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:13:00.0381 4604 Modem - ok
12:13:00.0412 4604 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:13:00.0412 4604 monitor - ok
12:13:00.0459 4604 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
12:13:00.0459 4604 mouclass - ok
12:13:00.0475 4604 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:13:00.0490 4604 mouhid - ok
12:13:00.0537 4604 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:13:00.0537 4604 mountmgr - ok
12:13:00.0599 4604 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:13:00.0615 4604 MozillaMaintenance - ok
12:13:00.0662 4604 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:13:00.0677 4604 mpio - ok
12:13:00.0709 4604 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:13:00.0709 4604 mpsdrv - ok
12:13:00.0755 4604 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:13:00.0755 4604 MRxDAV - ok
12:13:00.0787 4604 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:13:00.0802 4604 mrxsmb - ok
12:13:00.0833 4604 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:13:00.0833 4604 mrxsmb10 - ok
12:13:00.0865 4604 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:13:00.0865 4604 mrxsmb20 - ok
12:13:00.0911 4604 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:13:00.0911 4604 msahci - ok
12:13:00.0989 4604 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:13:00.0989 4604 msdsm - ok
12:13:01.0036 4604 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:13:01.0052 4604 MSDTC - ok
12:13:01.0083 4604 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:13:01.0083 4604 Msfs - ok
12:13:01.0114 4604 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:13:01.0114 4604 mshidkmdf - ok
12:13:01.0145 4604 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:13:01.0145 4604 msisadrv - ok
12:13:01.0192 4604 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:13:01.0208 4604 MSiSCSI - ok
12:13:01.0208 4604 msiserver - ok
12:13:01.0239 4604 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:13:01.0255 4604 MSKSSRV - ok
12:13:01.0255 4604 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:13:01.0255 4604 MSPCLOCK - ok
12:13:01.0270 4604 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:13:01.0301 4604 MSPQM - ok
12:13:01.0395 4604 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:13:01.0395 4604 MsRPC - ok
12:13:01.0426 4604 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:13:01.0426 4604 mssmbios - ok
12:13:01.0457 4604 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:13:01.0457 4604 MSTEE - ok
12:13:01.0473 4604 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:13:01.0473 4604 MTConfig - ok
12:13:01.0520 4604 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
12:13:01.0520 4604 MTsensor - ok
12:13:01.0535 4604 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:13:01.0535 4604 Mup - ok
12:13:01.0613 4604 MyWiFiDHCPDNS (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:13:01.0629 4604 MyWiFiDHCPDNS - ok
12:13:01.0691 4604 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:13:01.0723 4604 napagent - ok
12:13:01.0785 4604 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:13:01.0801 4604 NativeWifiP - ok
12:13:01.0894 4604 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:13:01.0910 4604 NDIS - ok
12:13:01.0972 4604 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:13:01.0972 4604 NdisCap - ok
12:13:02.0003 4604 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:13:02.0003 4604 NdisTapi - ok
12:13:02.0019 4604 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:13:02.0019 4604 Ndisuio - ok
12:13:02.0050 4604 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:13:02.0066 4604 NdisWan - ok
12:13:02.0097 4604 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:13:02.0097 4604 NDProxy - ok
12:13:02.0128 4604 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:13:02.0128 4604 NetBIOS - ok
12:13:02.0222 4604 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:13:02.0222 4604 NetBT - ok
12:13:02.0269 4604 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:02.0284 4604 Netlogon - ok
12:13:02.0378 4604 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:13:02.0409 4604 Netman - ok
12:13:02.0487 4604 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:13:02.0503 4604 netprofm - ok
12:13:02.0581 4604 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:13:02.0581 4604 NetTcpPortSharing - ok
12:13:03.0142 4604 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
12:13:03.0314 4604 NETw5s64 - ok
12:13:03.0470 4604 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:13:03.0470 4604 nfrd960 - ok
12:13:03.0517 4604 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:13:03.0532 4604 NlaSvc - ok
12:13:03.0579 4604 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:13:03.0595 4604 Npfs - ok
12:13:03.0610 4604 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:13:03.0626 4604 nsi - ok
12:13:03.0657 4604 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:13:03.0657 4604 nsiproxy - ok
12:13:03.0782 4604 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:13:03.0813 4604 Ntfs - ok
12:13:03.0938 4604 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:13:03.0938 4604 Null - ok
12:13:04.0000 4604 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys
12:13:04.0000 4604 nusb3hub - ok
12:13:04.0031 4604 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:13:04.0047 4604 nusb3xhc - ok
12:13:04.0983 4604 nvlddmkm (ce62dfd25e51c471517642405addc8bb) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:13:05.0201 4604 nvlddmkm - ok
12:13:05.0498 4604 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:13:05.0498 4604 nvraid - ok
12:13:05.0529 4604 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:13:05.0545 4604 nvstor - ok
12:13:05.0685 4604 nvsvc (8b73d0a86bf104a884b3f1dcbfe94126) C:\Windows\system32\nvvsvc.exe
12:13:05.0701 4604 nvsvc - ok
12:13:05.0903 4604 nvUpdatusService (fe29d829bc0044fe699edc997bb1fe72) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:13:05.0966 4604 nvUpdatusService - ok
12:13:06.0122 4604 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:13:06.0137 4604 nv_agp - ok
12:13:06.0247 4604 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:13:06.0278 4604 odserv - ok
12:13:06.0309 4604 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:13:06.0309 4604 ohci1394 - ok
12:13:06.0371 4604 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:13:06.0387 4604 ose - ok
12:13:06.0434 4604 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:13:06.0434 4604 p2pimsvc - ok
12:13:06.0543 4604 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:13:06.0559 4604 p2psvc - ok
12:13:06.0590 4604 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:13:06.0590 4604 Parport - ok
12:13:06.0621 4604 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:13:06.0621 4604 partmgr - ok
12:13:06.0761 4604 Partner Service (9665402b7fa59302d520ad845ddfc026) C:\ProgramData\Partner\Partner.exe
12:13:06.0777 4604 Partner Service - ok
12:13:06.0824 4604 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:13:06.0824 4604 PcaSvc - ok
12:13:06.0871 4604 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:13:06.0871 4604 pci - ok
12:13:06.0902 4604 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:13:06.0902 4604 pciide - ok
12:13:06.0949 4604 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:13:06.0949 4604 pcmcia - ok
12:13:06.0964 4604 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:13:06.0964 4604 pcw - ok
12:13:07.0042 4604 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:13:07.0042 4604 PEAUTH - ok
12:13:07.0136 4604 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:13:07.0136 4604 PerfHost - ok
12:13:07.0292 4604 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:13:07.0354 4604 pla - ok
12:13:07.0417 4604 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:13:07.0432 4604 PlugPlay - ok
12:13:07.0495 4604 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:13:07.0495 4604 PNRPAutoReg - ok
12:13:07.0557 4604 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:13:07.0557 4604 PNRPsvc - ok
12:13:07.0619 4604 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:13:07.0666 4604 PolicyAgent - ok
12:13:07.0713 4604 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:13:07.0729 4604 Power - ok
12:13:07.0822 4604 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:13:07.0838 4604 PptpMiniport - ok
12:13:07.0869 4604 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:13:07.0869 4604 Processor - ok
12:13:07.0916 4604 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
12:13:07.0931 4604 ProfSvc - ok
12:13:07.0963 4604 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:07.0963 4604 ProtectedStorage - ok
12:13:07.0994 4604 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:13:07.0994 4604 Psched - ok
12:13:08.0134 4604 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:13:08.0197 4604 ql2300 - ok
12:13:08.0337 4604 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:13:08.0353 4604 ql40xx - ok
12:13:08.0384 4604 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:13:08.0399 4604 QWAVE - ok
12:13:08.0415 4604 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:13:08.0415 4604 QWAVEdrv - ok
12:13:08.0431 4604 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:13:08.0431 4604 RasAcd - ok
12:13:08.0477 4604 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:13:08.0477 4604 RasAgileVpn - ok
12:13:08.0493 4604 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:13:08.0493 4604 RasAuto - ok
12:13:08.0540 4604 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:13:08.0555 4604 Rasl2tp - ok
12:13:08.0618 4604 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:13:08.0633 4604 RasMan - ok
12:13:08.0711 4604 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:13:08.0711 4604 RasPppoe - ok
12:13:08.0743 4604 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:13:08.0743 4604 RasSstp - ok
12:13:08.0805 4604 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:13:08.0821 4604 rdbss - ok
12:13:08.0852 4604 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:13:08.0852 4604 rdpbus - ok
12:13:08.0883 4604 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:13:08.0883 4604 RDPCDD - ok
12:13:08.0899 4604 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:13:08.0899 4604 RDPENCDD - ok
12:13:08.0914 4604 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:13:08.0914 4604 RDPREFMP - ok
12:13:08.0961 4604 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
12:13:08.0992 4604 RDPWD - ok
12:13:09.0055 4604 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:13:09.0055 4604 rdyboost - ok
12:13:09.0226 4604 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:13:09.0242 4604 RegSrvc - ok
12:13:09.0273 4604 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:13:09.0289 4604 RemoteAccess - ok
12:13:09.0320 4604 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:13:09.0320 4604 RemoteRegistry - ok
12:13:09.0382 4604 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
12:13:09.0398 4604 RFCOMM - ok
12:13:09.0429 4604 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:13:09.0429 4604 RpcEptMapper - ok
12:13:09.0460 4604 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:13:09.0460 4604 RpcLocator - ok
12:13:09.0523 4604 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:13:09.0538 4604 RpcSs - ok
12:13:09.0569 4604 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:13:09.0569 4604 rspndr - ok
12:13:09.0601 4604 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:09.0601 4604 SamSs - ok
12:13:09.0632 4604 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:13:09.0632 4604 sbp2port - ok
12:13:09.0663 4604 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:13:09.0679 4604 SCardSvr - ok
12:13:09.0725 4604 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:13:09.0725 4604 scfilter - ok
12:13:09.0835 4604 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:13:09.0835 4604 Schedule - ok
12:13:09.0944 4604 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:13:09.0944 4604 SCPolicySvc - ok
12:13:09.0975 4604 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:13:09.0991 4604 SDRSVC - ok
12:13:10.0053 4604 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:13:10.0053 4604 secdrv - ok
12:13:10.0069 4604 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:13:10.0069 4604 seclogon - ok
12:13:10.0115 4604 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:13:10.0115 4604 SENS - ok
12:13:10.0147 4604 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:13:10.0147 4604 SensrSvc - ok
12:13:10.0209 4604 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:13:10.0209 4604 Serenum - ok
12:13:10.0256 4604 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:13:10.0256 4604 Serial - ok
12:13:10.0303 4604 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:13:10.0303 4604 sermouse - ok
12:13:10.0349 4604 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:13:10.0365 4604 SessionEnv - ok
12:13:10.0381 4604 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:13:10.0381 4604 sffdisk - ok
12:13:10.0412 4604 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:13:10.0412 4604 sffp_mmc - ok
12:13:10.0427 4604 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:13:10.0427 4604 sffp_sd - ok
12:13:10.0459 4604 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:13:10.0459 4604 sfloppy - ok
12:13:10.0521 4604 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:13:10.0537 4604 SharedAccess - ok
12:13:10.0599 4604 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:13:10.0599 4604 ShellHWDetection - ok
12:13:10.0630 4604 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
12:13:10.0646 4604 SiSGbeLH - ok
12:13:10.0661 4604 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:13:10.0661 4604 SiSRaid2 - ok
12:13:10.0677 4604 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:13:10.0677 4604 SiSRaid4 - ok
12:13:10.0771 4604 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
12:13:10.0771 4604 SkypeUpdate - ok
12:13:10.0817 4604 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:13:10.0817 4604 Smb - ok
12:13:10.0864 4604 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:13:10.0864 4604 SNMPTRAP - ok
12:13:11.0051 4604 SNP2UVC (2114518e55b380a3acc28b2c27fd499a) C:\Windows\system32\DRIVERS\snp2uvc.sys
12:13:11.0083 4604 SNP2UVC - ok
12:13:11.0207 4604 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:13:11.0207 4604 spldr - ok
12:13:11.0270 4604 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:13:11.0285 4604 Spooler - ok
12:13:11.0535 4604 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:13:11.0644 4604 sppsvc - ok
12:13:11.0753 4604 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:13:11.0769 4604 sppuinotify - ok
12:13:11.0831 4604 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:13:11.0831 4604 srv - ok
12:13:11.0863 4604 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:13:11.0878 4604 srv2 - ok
12:13:11.0894 4604 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:13:11.0909 4604 srvnet - ok
12:13:11.0956 4604 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:13:11.0972 4604 SSDPSRV - ok
12:13:11.0987 4604 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:13:12.0003 4604 SstpSvc - ok
12:13:12.0034 4604 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:13:12.0034 4604 stexstor - ok
12:13:12.0097 4604 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:13:12.0112 4604 stisvc - ok
12:13:12.0143 4604 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:13:12.0143 4604 swenum - ok
12:13:12.0237 4604 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:13:12.0253 4604 swprv - ok
12:13:12.0299 4604 SynTP (064a2530a4a7c7cec1be6a1945645be4) C:\Windows\system32\DRIVERS\SynTP.sys
12:13:12.0331 4604 SynTP - ok
12:13:12.0565 4604 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:13:12.0580 4604 SysMain - ok
12:13:12.0689 4604 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:13:12.0705 4604 TabletInputService - ok
12:13:12.0752 4604 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:13:12.0767 4604 TapiSrv - ok
12:13:12.0783 4604 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:13:12.0783 4604 TBS - ok
12:13:12.0970 4604 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:13:13.0001 4604 Tcpip - ok
12:13:13.0235 4604 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:13:13.0251 4604 TCPIP6 - ok
12:13:13.0360 4604 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:13:13.0360 4604 tcpipreg - ok
12:13:13.0391 4604 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:13:13.0391 4604 TDPIPE - ok
12:13:13.0423 4604 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:13:13.0423 4604 TDTCP - ok
12:13:13.0469 4604 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:13:13.0469 4604 tdx - ok
12:13:13.0547 4604 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:13:13.0547 4604 TermDD - ok
12:13:13.0641 4604 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:13:13.0672 4604 TermService - ok
12:13:13.0688 4604 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:13:13.0688 4604 Themes - ok
12:13:13.0735 4604 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:13:13.0735 4604 THREADORDER - ok
12:13:13.0750 4604 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:13:13.0766 4604 TrkWks - ok
12:13:13.0828 4604 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:13:13.0828 4604 TrustedInstaller - ok
12:13:13.0875 4604 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:13:13.0875 4604 tssecsrv - ok
12:13:13.0922 4604 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:13:13.0922 4604 TsUsbFlt - ok
12:13:13.0969 4604 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:13:13.0969 4604 tunnel - ok
12:13:14.0000 4604 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:13:14.0000 4604 uagp35 - ok
12:13:14.0047 4604 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:13:14.0062 4604 udfs - ok
12:13:14.0093 4604 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:13:14.0109 4604 UI0Detect - ok
12:13:14.0140 4604 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:13:14.0140 4604 uliagpkx - ok
12:13:14.0171 4604 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:13:14.0187 4604 umbus - ok
12:13:14.0203 4604 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:13:14.0203 4604 UmPass - ok
12:13:14.0780 4604 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:13:14.0842 4604 UNS - ok
12:13:14.0967 4604 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:13:14.0983 4604 upnphost - ok
12:13:15.0029 4604 urvpndrv (c3e2c80468ef49682dae24803bb7bb9b) C:\Windows\system32\DRIVERS\covpnv64.sys
12:13:15.0029 4604 urvpndrv - ok
12:13:15.0076 4604 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:13:15.0076 4604 usbccgp - ok
12:13:15.0123 4604 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:13:15.0123 4604 usbcir - ok
12:13:15.0154 4604 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
12:13:15.0154 4604 usbehci - ok
12:13:15.0217 4604 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:13:15.0232 4604 usbhub - ok
12:13:15.0263 4604 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
12:13:15.0279 4604 usbohci - ok
12:13:15.0326 4604 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:13:15.0326 4604 usbprint - ok
12:13:15.0357 4604 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
12:13:15.0357 4604 usbscan - ok
12:13:15.0388 4604 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:13:15.0388 4604 USBSTOR - ok
12:13:15.0404 4604 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:13:15.0404 4604 usbuhci - ok
12:13:15.0497 4604 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
12:13:15.0513 4604 usbvideo - ok
12:13:15.0529 4604 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:13:15.0544 4604 UxSms - ok
12:13:15.0575 4604 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:13:15.0575 4604 VaultSvc - ok
12:13:15.0622 4604 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:13:15.0622 4604 vdrvroot - ok
12:13:15.0685 4604 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:13:15.0716 4604 vds - ok
12:13:15.0747 4604 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:13:15.0747 4604 vga - ok
12:13:15.0763 4604 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:13:15.0778 4604 VgaSave - ok
12:13:15.0809 4604 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:13:15.0825 4604 vhdmp - ok
12:13:15.0856 4604 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:13:15.0872 4604 viaide - ok
12:13:15.0919 4604 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:13:15.0919 4604 volmgr - ok
12:13:15.0981 4604 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:13:15.0981 4604 volmgrx - ok
12:13:16.0028 4604 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:13:16.0043 4604 volsnap - ok
12:13:16.0090 4604 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:13:16.0106 4604 vsmraid - ok
12:13:16.0246 4604 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:13:16.0277 4604 VSS - ok
12:13:16.0496 4604 vToolbarUpdater11.0.2 (56e1e4442e4613fb2039a6b7421f4e58) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
12:13:16.0496 4604 vToolbarUpdater11.0.2 - ok
12:13:16.0652 4604 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:13:16.0667 4604 vwifibus - ok
12:13:16.0683 4604 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:13:16.0683 4604 vwififlt - ok
12:13:16.0699 4604 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:13:16.0699 4604 vwifimp - ok
12:13:16.0761 4604 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:13:16.0792 4604 W32Time - ok
12:13:16.0823 4604 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:13:16.0823 4604 WacomPen - ok
12:13:16.0870 4604 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:13:16.0870 4604 WANARP - ok
12:13:16.0886 4604 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:13:16.0886 4604 Wanarpv6 - ok
12:13:17.0042 4604 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:13:17.0089 4604 WatAdminSvc - ok
12:13:17.0323 4604 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:13:17.0369 4604 wbengine - ok
12:13:17.0572 4604 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:13:17.0588 4604 WbioSrvc - ok
12:13:17.0697 4604 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:13:17.0697 4604 wcncsvc - ok
12:13:17.0744 4604 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:13:17.0759 4604 WcsPlugInService - ok
12:13:17.0806 4604 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:13:17.0806 4604 Wd - ok
12:13:17.0853 4604 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:13:17.0869 4604 Wdf01000 - ok
12:13:17.0884 4604 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:13:17.0900 4604 WdiServiceHost - ok
12:13:17.0900 4604 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:13:17.0900 4604 WdiSystemHost - ok
12:13:17.0931 4604 wdkmd (5b34e5938b9e76798977725e3f7847c4) C:\Windows\system32\DRIVERS\WDKMD.sys
12:13:17.0931 4604 wdkmd - ok
12:13:17.0993 4604 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:13:18.0025 4604 WebClient - ok
12:13:18.0056 4604 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:13:18.0087 4604 Wecsvc - ok
12:13:18.0103 4604 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:13:18.0103 4604 wercplsupport - ok
12:13:18.0134 4604 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:13:18.0134 4604 WerSvc - ok
12:13:18.0149 4604 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:13:18.0149 4604 WfpLwf - ok
12:13:18.0196 4604 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
12:13:18.0196 4604 WimFltr - ok
12:13:18.0212 4604 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:13:18.0227 4604 WIMMount - ok
12:13:18.0290 4604 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:13:18.0305 4604 Winmgmt - ok
12:13:18.0461 4604 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:13:18.0539 4604 WinRM - ok
12:13:18.0820 4604 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:13:18.0836 4604 Wlansvc - ok
12:13:18.0914 4604 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:13:18.0914 4604 wlcrasvc - ok
12:13:19.0163 4604 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:13:19.0179 4604 wlidsvc - ok
12:13:19.0335 4604 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:13:19.0335 4604 WmiAcpi - ok
12:13:19.0397 4604 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:13:19.0413 4604 wmiApSrv - ok
12:13:19.0460 4604 WMPNetworkSvc - ok
12:13:19.0491 4604 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:13:19.0507 4604 WPCSvc - ok
12:13:19.0538 4604 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:13:19.0553 4604 WPDBusEnum - ok
12:13:19.0569 4604 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:13:19.0585 4604 ws2ifsl - ok
12:13:19.0585 4604 WSearch - ok
12:13:20.0068 4604 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
12:13:20.0146 4604 wuauserv - ok
12:13:20.0271 4604 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:13:20.0271 4604 WudfPf - ok
12:13:20.0318 4604 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:13:20.0333 4604 WUDFRd - ok
12:13:20.0349 4604 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:13:20.0365 4604 wudfsvc - ok
12:13:20.0396 4604 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:13:20.0411 4604 WwanSvc - ok
12:13:20.0458 4604 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:13:21.0145 4604 \Device\Harddisk0\DR0 - ok
12:13:21.0176 4604 Boot (0x1200) (e90b91fc9af4a9be5465a7bb9a1e19b1) \Device\Harddisk0\DR0\Partition0
12:13:21.0176 4604 \Device\Harddisk0\DR0\Partition0 - ok
12:13:21.0191 4604 Boot (0x1200) (7a1b7d6247c0faca90b87ff49da39b0b) \Device\Harddisk0\DR0\Partition1
12:13:21.0207 4604 \Device\Harddisk0\DR0\Partition1 - ok
12:13:21.0207 4604 ============================================================
12:13:21.0207 4604 Scan finished
12:13:21.0207 4604 ============================================================
12:13:21.0223 4472 Detected object count: 0
12:13:21.0223 4472 Actual detected object count: 0

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:35 AM

Posted 21 May 2012 - 11:29 AM

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

#3 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 11:56 AM

Thanks for the quick response! Here is the ASWmbr log, and the other ones are coming.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-21 13:38:26
-----------------------------
13:38:26.211 OS Version: Windows x64 6.1.7601 Service Pack 1
13:38:26.211 Number of processors: 4 586 0x2505
13:38:26.211 ComputerName: LENA-PC UserName: Lena
13:38:26.913 Initialize success
13:46:26.542 AVAST engine defs: 12052100
13:46:57.990 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
13:46:57.990 Disk 0 Vendor: ST950032 0003 Size: 476940MB BusType: 3
13:46:58.005 Disk 0 MBR read successfully
13:46:58.021 Disk 0 MBR scan
13:46:58.021 Disk 0 Windows 7 default MBR code
13:46:58.021 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 22003 MB offset 63
13:46:58.052 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119231 MB offset 45062325
13:46:58.052 Disk 0 Partition - 00 0F Extended LBA 335704 MB offset 289249280
13:46:58.083 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 335703 MB offset 289251328
13:46:58.114 Disk 0 scanning C:\Windows\system32\drivers
13:47:11.187 Service scanning
13:47:37.520 Modules scanning
13:47:37.536 Disk 0 trace - called modules:
13:47:38.082 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
13:47:38.082 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006cb4060]
13:47:38.097 3 CLASSPNP.SYS[fffff88001d9943f] -> nt!IofCallDriver -> [0xfffffa8004cb5530]
13:47:38.113 5 ACPI.sys[fffff88000ed87a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0xfffffa8004cb6050]
13:47:38.846 AVAST engine scan C:\Windows
13:47:41.701 AVAST engine scan C:\Windows\system32
13:51:49.464 AVAST engine scan C:\Windows\system32\drivers
13:52:09.682 AVAST engine scan C:\Users\Lena
13:53:31.067 AVAST engine scan C:\ProgramData
13:54:12.173 Scan finished successfully
13:55:14.043 Disk 0 MBR has been saved successfully to "D:\Documents\life\virus\MBR.dat"
13:55:14.059 The log file has been saved successfully to "D:\Documents\life\virus\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:35 AM

Posted 21 May 2012 - 01:34 PM

:thumbup2:

#5 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 01:42 PM

I just ran the ESET online scanner and it reported no threats found. I will move on to the next one. Maybe I did something wrong? In step one, it identified `Windows Defender` in some kind of list, but after the full scan (step 3), it came up with nothing. Moving on the third software. Thanks.

#6 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 03:12 PM

Here is the Malwarebytes Log, still nothing found! But the virus is still there... looking at the pop up right now....


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.21.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Lena :: LENA-PC [administrator]

5/21/2012 3:50:02 PM
mbam-log-2012-05-21 (15-50-02).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 480707
Time elapsed: 1 hour(s), 19 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:35 AM

Posted 21 May 2012 - 04:56 PM

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#8 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 06:51 PM

Rogue Killer Log...! Thanks!

RogueKiller V7.4.5 [05/18/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Lena [Admin rights]
Mode: Scan -- Date: 05/21/2012 19:26:09

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9500325AS +++++
--- User ---
[MBR] 697fe5d5f8f6c594432ea117b4bfe546
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 45062325 | Size: 119231 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 289249280 | Size: 335704 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SanDisk Cruzer USB Device +++++
--- User ---
[MBR] a124dc1f32b91ceacb765c7a5ad6ec2e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 32 | Size: 15266 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: Toshiba External USB HDD USB Device +++++
--- User ---
[MBR] 6878b4a7df2eede2bef79a3a7dedcd85
[BSP] 46937821e70569d1b3dfcc1997e54969 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt

#9 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 06:55 PM

Toobox Log:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Lena (administrator) on 21-05-2012 at 20:53:22
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Lena-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : emory.edu
Belkin

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 00-26-C7-EF-E4-19
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 00-26-C7-EF-E4-19
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
Physical Address. . . . . . . . . : 00-26-C7-EF-E4-18
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::51ff:4119:8876:ef68%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, May 21, 2012 12:00:16 PM
Lease Expires . . . . . . . . . . : Friday, June 28, 2148 3:22:03 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 352331463
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-AE-57-4D-BC-AE-C5-3A-13-8D
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : BC-AE-C5-3A-13-8D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A151E514-7E48-465B-976A-6B71ECBD267B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{3BEBFF5C-3A0E-4B4B-A7FA-26F29FE35EC2}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{58CC459E-C4A8-4166-BEE7-C4728C5A345D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.2.1

Name: google.com
Addresses: 173.194.43.3
173.194.43.6
173.194.43.2
173.194.43.0
173.194.43.9
173.194.43.7
173.194.43.14
173.194.43.1
173.194.43.8
173.194.43.4
173.194.43.5


Pinging google.com [74.125.226.226] with 32 bytes of data:
Reply from 74.125.226.226: bytes=32 time=187ms TTL=53
Reply from 74.125.226.226: bytes=32 time=179ms TTL=53

Ping statistics for 74.125.226.226:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 179ms, Maximum = 187ms, Average = 183ms
Server: UnKnown
Address: 192.168.2.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=180ms TTL=52
Reply from 209.191.122.70: bytes=32 time=181ms TTL=52

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 180ms, Maximum = 181ms, Average = 180ms
Server: UnKnown
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...00 26 c7 ef e4 19 ......Microsoft Virtual WiFi Miniport Adapter #2
14...00 26 c7 ef e4 19 ......Microsoft Virtual WiFi Miniport Adapter
13...00 26 c7 ef e4 18 ......Intel® WiFi Link 1000 BGN
10...bc ae c5 3a 13 8d ......Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.2 281
192.168.2.2 255.255.255.255 On-link 192.168.2.2 281
192.168.2.255 255.255.255.255 On-link 192.168.2.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::51ff:4119:8876:ef68/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/21/2012 08:01:16 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000002493B0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 08:01:16 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000002493B0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 08:00:47 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000002493B0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 08:00:47 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000002493B0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 07:46:02 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003AFCE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 07:46:02 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003AFCE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 07:45:32 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003AFCE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 07:45:32 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},00000000003AFCE0).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 07:31:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000000036F290).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator

Error: (05/21/2012 07:31:04 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Error calling a routine on the Shadow Copy Provider {b5946137-7b9f-4925-af80-51abd60b20d5}. Routine returned E_INVALIDARG.
Routine details GetSnapshot({00000000-0000-0000-0000-000000000000},000000000036F290).


Operation:
Get Shadow Copy Properties

Context:
Execution Context: Coordinator


System errors:
=============
Error: (05/21/2012 00:00:29 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (05/21/2012 00:00:09 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (05/21/2012 00:00:09 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (05/21/2012 00:00:06 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (05/21/2012 11:57:10 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/21/2012 11:57:10 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/21/2012 11:57:10 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/21/2012 11:57:10 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/21/2012 11:57:10 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (05/21/2012 11:57:10 AM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
7-Zip 9.22beta
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Alcor Micro USB Card Reader (Version: 1.6.17.25401)
Amazon Kindle For PC v1.0
ASUS AI Recovery (Version: 1.0.9)
ASUS AP Bank (Version: 1.0.0.0)
ASUS FancyStart (Version: 1.0.8)
ASUS LifeFrame3 (Version: 3.0.20)
ASUS Live Update (Version: 2.5.9)
ASUS MultiFrame (Version: 1.0.0019)
ASUS Power4Gear Hybrid (Version: 1.1.37)
ASUS SmartLogon (Version: 1.0.0008)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0028)
ASUS U Series Bamboo ScreenSaver (Version: 1.0.0001)
ASUS Virtual Camera (Version: 1.0.20)
ASUS WebStorage (Version: 2.0.46.1429)
ATK Package (Version: 1.0.0004)
AVG 2012 (Version: 12.0.2176)
AVG 2012 (Version: 12.0.2425)
AVG 2012 (Version: 2012.0.2176)
BIG-IP Edge Client Components (All Users) (Version: 70.2011.0623.0458)
Bookworm Deluxe
CCleaner (Version: 3.18)
Complemento Messenger (Version: 15.4.3502.0922)
Complément Messenger (Version: 15.4.3502.0922)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
ControlDeck (Version: 1.0.6)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
Cooking Dash
CrashPlan (Version: 3.0.3)
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink Power2Go (Version: 6.1.3602c)
D3DX10 (Version: 15.4.2368.0902)
Dropbox (Version: 1.4.3)
ESET Online Scanner v3
ExpressGate Cloud (Version: 2.1.59.283)
Fast Boot (Version: 1.0.5)
FirstClass® Client (Version: 10.0 (build 10.014))
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Game Park Console (Version: 6.2.1.1)
Google Chrome (Version: 19.0.1084.46)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Governor of Poker
Hotel Dash Suite Success
InstallVC90Support (Version: 1.01.0000)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2119)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.0000)
Intel® Wireless Display (Version: 1.2.14.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Jewel Quest 3
Junk Mail filter update (Version: 15.4.3502.0922)
Luxor 3
Mahjongg dimensions
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Messenger ???? (Version: 15.4.3502.0922)
Messenger ????? (Version: 15.4.3502.0922)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
NVIDIA Drivers (Version: 1.10.58.36)
NVIDIA Updatus (Version: 1.0.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
Plants vs Zombies
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
Realtek High Definition Audio Driver (Version: 6.0.1.6072)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)
Revo Uninstaller 1.94 (Version: 1.94)
Scrivener (Version: 1030)
Skype™ 5.8 (Version: 5.8.158)
SRS Premium Sound Control Panel (Version: 1.8.4900)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
syncables desktop SE (Version: 5.5.746.11492)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB2.0 UVC 2M WebCam (Version: 5.8.54000.205)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WIDCOMM Bluetooth Software (Version: 6.2.5.500)
Windows Driver Package - Broadcom Bluetooth (07/17/2009 6.2.0.9403) (Version: 07/17/2009 6.2.0.9403)
Windows Driver Package - Broadcom Bluetooth (07/29/2009 6.1.7100.0) (Version: 07/29/2009 6.1.7100.0)
Windows Driver Package - Broadcom HIDClass (06/11/2009 6.2.0.9500) (Version: 06/11/2009 6.2.0.9500)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.30.1)
Wireless Console 3 (Version: 3.0.16)
World of Goo

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 3755.85 MB
Available physical RAM: 1134.08 MB
Total Pagefile: 7509.89 MB
Available Pagefile: 4612.33 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.29 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:61.3 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:327.83 GB) (Free:234.74 GB) NTFS

========================= Users: ========================================

User accounts for \\LENA-PC

Administrator Guest Lena
UpdatusUser


**** End of log ****

#10 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 06:57 PM

crossing my fingers, bc the pop-up box I have been seeing this whole time is NOT there...!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:35 AM

Posted 21 May 2012 - 08:35 PM

crossing my fingers, bc the pop-up box I have been seeing this whole time is NOT there...!

It was caused due to bad entries in hosts file which we have removed.You should be safe now.

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#12 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 21 May 2012 - 09:16 PM

Wow... Thank you so much! You are a real lifesaver! I was able to reactivate Windows Firewall, and the popups seem to be gone. Just one small question. After I ran the Rogue Killer and deleted items in the program, there was a folder on my desktop labled RK Quarentine. Is it okay that I moved these to the recycle bin and then permanently deleted them?

Anyways, thanks again for your help! really great!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:35 AM

Posted 21 May 2012 - 09:50 PM

there was a folder on my desktop labled RK Quarentine.

Remove it,delete all the tools we used here.

safe surfing :)

#14 littleox

littleox
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:35 AM

Posted 22 May 2012 - 08:35 AM

Alright! Again, thank you so much for your help!!! Have a great day.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:35 AM

Posted 22 May 2012 - 09:31 AM

:thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users