Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Weird Ads in Corner of browser? Redirected Pages?


  • This topic is locked This topic is locked
15 replies to this topic

#1 SpaciousSpace

SpaciousSpace

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 02 June 2012 - 09:28 PM

I've read a few other topics like this one, but no one has posted back to the people who have responded. =.= So I decided to make a topic, too.
Every time I load a page, I get an ad in the lower right corner of my browser. It didn't matter what browser I use. It happened in Chrome, Firefox, and IE. Also, I get redirected to a new page about every so 20 loads. The ads are like the ones on the sides of webpages. "57 year old woman looks 27! Find her Facelift Secret!" Or, "Farmers Insurance." Something like that. I get directed to webpages such as "Ask the Crew" or "Find hot Singles Online." I noticed, however, that when I am being directed, it doesn't go straight to the site I end up at. It goes to a webpage that is something along the lines of web.scour.com/blahblahblah. I tried to run a Malwarebytes scan when this first started, and it came up with nothing.I tried TDSSKiller as well, and it didn't help. Recently, (today) I ran an Malwarebytes scan and it came up with 33 Possibly unwanted programs. I quarantined them and restarted my computer as the program prompted me. I still get redirected and ads, but only on chrome. I also tried to use the MiniToolBox program. I saved the log, as well. Please help me?
Thanks.

Edited by SpaciousSpace, 02 June 2012 - 09:32 PM.

"Nothing says sausage like sausage!"


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 PM

Posted 02 June 2012 - 09:35 PM

Hello, appears to be a Scour infection * a rootkit.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


Finally ...
Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 SpaciousSpace

SpaciousSpace
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 03 June 2012 - 04:05 PM

MiniToolBox by Farbar Version: 14-01-2012
Ran by Bri (administrator) on 03-06-2012 at 13:27:30
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost









216.240.133.193 www.google-analytics.com.
216.240.133.193 ad-emea.doubleclick.net.
216.240.133.193 www.statcounter.com.
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global mldversion=version2


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Bri
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : C4-46-19-57-41-A9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4ddf:6a05:7676:fd19%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 02, 2012 7:13:10 PM
Lease Expires . . . . . . . . . . : Monday, June 04, 2012 12:13:52 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 331630105
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-E9-E5-23-88-AE-1D-C8-4E-B1
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:7:102d:bd0c:eab(Preferred)
Link-local IPv6 Address . . . . . : fe80::7:102d:bd0c:eab%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Comtrend.Home
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.33.9
173.194.33.14
173.194.33.0
173.194.33.1
173.194.33.2
173.194.33.3
173.194.33.4
173.194.33.5
173.194.33.6
173.194.33.7
173.194.33.8


Pinging google.com [173.194.33.9] with 32 bytes of data:
Request timed out.
Reply from 173.194.33.9: bytes=32 time=48ms TTL=55

Ping statistics for 173.194.33.9:
Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
Minimum = 48ms, Maximum = 48ms, Average = 48ms
Server: Comtrend.Home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=229ms TTL=51
Reply from 209.191.122.70: bytes=32 time=83ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 83ms, Maximum = 229ms, Average = 156ms
Server: Comtrend.Home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...c4 46 19 57 41 a9 ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.6 281
192.168.1.6 255.255.255.255 On-link 192.168.1.6 281
192.168.1.255 255.255.255.255 On-link 192.168.1.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:7:102d:bd0c:eab/128
On-link
13 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::7:102d:bd0c:eab/128
On-link
13 281 fe80::4ddf:6a05:7676:fd19/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
x64-Catalog5 02 mswsock.dll [File Not found] ()
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/02/2012 07:16:48 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {fdcde017-c953-4b30-80c0-cff9ed48fb7e}

Error: (06/02/2012 05:09:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40913633

Error: (06/02/2012 05:09:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40913633

Error: (06/02/2012 05:09:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/02/2012 05:09:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40912588

Error: (06/02/2012 05:09:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40912588

Error: (06/02/2012 05:09:56 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/02/2012 05:09:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40911496

Error: (06/02/2012 05:09:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40911496

Error: (06/02/2012 05:09:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/03/2012 00:09:27 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer COMPUTER_1
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{3349D9E5-FFC7-4C92-98BE-38877D14177D}.
The master browser is stopping or an election is being forced.

Error: (06/02/2012 07:16:43 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (05/30/2012 04:29:49 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer7 service.

Error: (05/29/2012 05:10:42 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (05/29/2012 05:05:37 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (05/29/2012 05:03:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:59:36 PM on ?5/?29/?2012 was unexpected.

Error: (05/28/2012 00:58:49 PM) (Source: Service Control Manager) (User: )
Description: The ReadyComm.DirectRouter service failed to start due to the following error:
%%2

Error: (05/28/2012 00:53:44 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:51:16 PM on ?5/?28/?2012 was unexpected.

Error: (05/28/2012 00:49:34 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:47:55 PM on ?5/?28/?2012 was unexpected.

Error: (05/26/2012 10:58:18 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.1.3 with the system
having network hardware address D0-DF-9A-C2-96-2C. Network operations on this system may
be disrupted as a result.


Microsoft Office Sessions:
=========================
Error: (06/02/2012 07:16:48 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {fdcde017-c953-4b30-80c0-cff9ed48fb7e}

Error: (06/02/2012 05:09:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40913633

Error: (06/02/2012 05:09:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40913633

Error: (06/02/2012 05:09:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/02/2012 05:09:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40912588

Error: (06/02/2012 05:09:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40912588

Error: (06/02/2012 05:09:56 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/02/2012 05:09:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40911496

Error: (06/02/2012 05:09:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40911496

Error: (06/02/2012 05:09:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.2)
Acrobat.com (Version: 1.1.377)
ActivePerl 5.14.2 Build 1402 (64-bit) (Version: 5.14.1402)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader 9.5.1 (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AI War: Fleet Command - Demo
Angry Birds Space (Version: 1.0.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
Assassin's Creed (Version: 1.02)
Audiosurf Beta
Audiosurf Demo
AVG Security Toolbar (Version: 11.1.0.7)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
Cain & Abel v4.9.43
Conexant HD Audio (Version: 4.111.0.62)
Cooking Dash
Copy (Version: 140.0.212.000)
Coupon Printer for Windows (Version: 5.0.0.0)
Critical Mass Demo
CyberLink YouCam (Version: 3.0.2421a)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DJ_AIO_06_F4500_SW_MIN (Version: 140.0.690.000)
Energy Management (Version: 5.4.0.8)
ETDWare PS/2-x64 7.0.4.18_WHQL (Version: 7.0.4.18)
F4500 (Version: 140.0.690.000)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Finale 2011 Demo (Version: 2011..r4.4)
Finale 2012 (Version: 2012.a.r3.10)
Free Realms
Funmoods Web Search
Google Chrome (Version: 20.0.1132.21)
Google Earth Plug-in (Version: 6.1.0.5001)
Google SketchUp 8 (Version: 3.0.4811)
Google Talk Plugin (Version: 2.9.10.7526)
Google Update Helper (Version: 1.3.21.111)
GPBaseService2 (Version: 140.0.211.000)
Half-Life 2: Lost Coast
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Games (Version: 1.0.2.5)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Human Japanese 2.0 (Version: 2.0.5)
IDA Pro Free v5.0
Insaniquarium Deluxe (Version: 2.2.0.97)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
iTunes (Version: 10.6.1.7)
Japanese Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 31 (Version: 6.0.310)
Jkain (Version: 1.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Lenovo DirectShare (Version: 1.0.1.38)
Lenovo EasyCamera (Version: 6.96.2018.19)
Lenovo OneKey Recovery (Version: 7.0.1230)
Lenovo ReadyComm 5 (Version: 5.1.1.20)
Lenovo ReadyComm 5.0 Service (Version: 5.0.0.1)
Lenovo Smile Dock (Version: 2.0.201.1)
Lenovo_Wireless_Driver (Version: 1.02.01)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 140.0.212.000)
McAfee Online Backup (Version: 1.16.4.0)
McAfee Total Protection (Version: 11.0.669)
Melodyne Runtime 4.1 (x64) (Version: 1.0.1)
Melodyne singletrack (Version: 2.00.0111)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Firefox 13.0 (x86 en-US) (Version: 13.0)
Mozilla Maintenance Service (Version: 13.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MuseScore 1.1 MuseScore score typesetter (Version: 1.1.0)
Network64 (Version: 140.0.215.000)
Oasis2Service 1.0 (Version: 1.0.0)
Onekey Theater (Version: 2.0.1.7)
ooVoo (Version: 2.9.0105)
OpenAL
OpenOffice.org 3.3 (Version: 3.3.9567)
Pando Media Booster (Version: 2.3.6.0)
PDFCreator (Version: 1.2.0)
Polar Bowler (Version: 2.2.0.97)
Portal
Portal 2
Power2Go (Version: 5.6.0.4809d4)
progeCAD 2009 Smart! ENG
QuickTime (Version: 7.71.80.42)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30116)
Scan (Version: 140.0.80.000)
Scoregasm Demo
Shop for HP Supplies (Version: 14.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
SmartWebPrinting (Version: 140.0.186.000)
Snowboard SuperJam (Version: 2.2.0.95)
SolutionCenter (Version: 140.0.213.000)
Status (Version: 140.0.212.000)
Steam (Version: 1.0.0.0)
Synthesia (remove only)
Team Fortress 2
TeamViewer 7 (Version: 7.0.12799)
Toolbox (Version: 140.0.428.000)
TrayApp (Version: 140.0.212.000)
Turba Demo
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update Installer for WildTangent Games App
VeriFace (Version: 3.6.0.1211)
Vertex Dispenser Demo
Waveform Demo
WebReg (Version: 140.0.212.017)
WildTangent Games (Version: 1.0.2.5)
WildTangent Games App (HP Games) (Version: 4.0.5.36)
WildTangent Games App (Version: 4.0.5.31)
Windows Driver Package - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1) (Version: 10/19/2009 5.4.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.2 (Version: 4.1.0.2001)
Wizard101 (Version: 1.0.0)
World of Goo (Version: 32.0.0.0)
World of Warcraft (Version: 4.3.3.15354)
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Yontoo 1.10.02 (Version: 1.10.02)

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 3894.85 MB
Available physical RAM: 2634.1 MB
Total Pagefile: 7787.84 MB
Available Pagefile: 5450.07 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.86 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:254.14 GB) (Free:78 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:0.01 GB) NTFS
3 Drive f: (TIM_BURTONS_CORPSE_BRIDE) (CDROM) (Total:7.59 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\BRI

Administrator Bri Guest


**** End of log ****










13:32:23.0552 7136 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
13:32:24.0880 7136 ============================================================
13:32:24.0880 7136 Current date / time: 2012/06/03 13:32:24.0880
13:32:24.0880 7136 SystemInfo:
13:32:24.0880 7136
13:32:24.0880 7136 OS Version: 6.1.7600 ServicePack: 0.0
13:32:24.0880 7136 Product type: Workstation
13:32:24.0880 7136 ComputerName: BRI
13:32:24.0880 7136 UserName: Bri
13:32:24.0880 7136 Windows directory: C:\windows
13:32:24.0880 7136 System windows directory: C:\windows
13:32:24.0880 7136 Running under WOW64
13:32:24.0880 7136 Processor architecture: Intel x64
13:32:24.0880 7136 Number of processors: 2
13:32:24.0880 7136 Page size: 0x1000
13:32:24.0880 7136 Boot type: Normal boot
13:32:24.0880 7136 ============================================================
13:32:25.0834 7136 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:32:25.0844 7136 ============================================================
13:32:25.0844 7136 \Device\Harddisk0\DR0:
13:32:25.0844 7136 MBR partitions:
13:32:25.0844 7136 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
13:32:25.0844 7136 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1FC49800
13:32:25.0864 7136 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1FCAE800, BlocksNum 0x39FD800
13:32:25.0864 7136 ============================================================
13:32:25.0914 7136 C: <-> \Device\Harddisk0\DR0\Partition1
13:32:25.0964 7136 D: <-> \Device\Harddisk0\DR0\Partition2
13:32:25.0994 7136 ============================================================
13:32:25.0994 7136 Initialize success
13:32:25.0994 7136 ============================================================
13:32:54.0546 6512 ============================================================
13:32:54.0546 6512 Scan started
13:32:54.0546 6512 Mode: Manual; TDLFS;
13:32:54.0546 6512 ============================================================
13:32:55.0400 6512 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys
13:32:55.0410 6512 1394ohci - ok
13:32:55.0470 6512 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys
13:32:55.0480 6512 ACPI - ok
13:32:55.0500 6512 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys
13:32:55.0510 6512 AcpiPmi - ok
13:32:55.0560 6512 ACPIVPC (dc201246a14cb3b274df59faf539ab07) C:\windows\system32\DRIVERS\AcpiVpc.sys
13:32:55.0620 6512 ACPIVPC - ok
13:32:55.0790 6512 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:32:55.0800 6512 AdobeFlashPlayerUpdateSvc - ok
13:32:55.0860 6512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
13:32:55.0890 6512 adp94xx - ok
13:32:55.0940 6512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
13:32:55.0960 6512 adpahci - ok
13:32:56.0020 6512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
13:32:56.0030 6512 adpu320 - ok
13:32:56.0090 6512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
13:32:56.0100 6512 AeLookupSvc - ok
13:32:56.0170 6512 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys
13:32:56.0170 6512 AFD - ok
13:32:56.0220 6512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys
13:32:56.0220 6512 agp440 - ok
13:32:56.0260 6512 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
13:32:56.0260 6512 ALG - ok
13:32:56.0300 6512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys
13:32:56.0310 6512 aliide - ok
13:32:56.0340 6512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys
13:32:56.0350 6512 amdide - ok
13:32:56.0370 6512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
13:32:56.0380 6512 AmdK8 - ok
13:32:56.0390 6512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
13:32:56.0400 6512 AmdPPM - ok
13:32:56.0460 6512 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys
13:32:56.0510 6512 amdsata - ok
13:32:56.0560 6512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
13:32:56.0580 6512 amdsbs - ok
13:32:56.0660 6512 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys
13:32:56.0660 6512 amdxata - ok
13:32:56.0690 6512 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys
13:32:56.0700 6512 AppID - ok
13:32:56.0730 6512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
13:32:56.0730 6512 AppIDSvc - ok
13:32:56.0750 6512 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll
13:32:56.0760 6512 Appinfo - ok
13:32:56.0890 6512 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:32:56.0950 6512 Apple Mobile Device - ok
13:32:57.0020 6512 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
13:32:57.0030 6512 arc - ok
13:32:57.0050 6512 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
13:32:57.0060 6512 arcsas - ok
13:32:57.0090 6512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
13:32:57.0100 6512 AsyncMac - ok
13:32:57.0130 6512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys
13:32:57.0130 6512 atapi - ok
13:32:57.0260 6512 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\windows\system32\DRIVERS\athrx.sys
13:32:57.0390 6512 athr - ok
13:32:57.0560 6512 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
13:32:57.0590 6512 AudioEndpointBuilder - ok
13:32:57.0600 6512 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll
13:32:57.0600 6512 AudioSrv - ok
13:32:57.0680 6512 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll
13:32:57.0680 6512 AxInstSV - ok
13:32:57.0790 6512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
13:32:57.0800 6512 b06bdrv - ok
13:32:57.0882 6512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
13:32:57.0912 6512 b57nd60a - ok
13:32:57.0992 6512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
13:32:57.0992 6512 BDESVC - ok
13:32:58.0002 6512 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
13:32:58.0012 6512 Beep - ok
13:32:58.0092 6512 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll
13:32:58.0142 6512 BFE - ok
13:32:58.0262 6512 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\system32\qmgr.dll
13:32:58.0362 6512 BITS - ok
13:32:58.0452 6512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
13:32:58.0462 6512 blbdrive - ok
13:32:58.0542 6512 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:32:58.0552 6512 Bonjour Service - ok
13:32:58.0652 6512 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys
13:32:58.0652 6512 bowser - ok
13:32:58.0692 6512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
13:32:58.0692 6512 BrFiltLo - ok
13:32:58.0712 6512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
13:32:58.0712 6512 BrFiltUp - ok
13:32:58.0752 6512 Bridge0 (34f786535f9245e4028c57b28248c9d8) C:\windows\system32\drivers\WDBridge.sys
13:32:58.0802 6512 Bridge0 - ok
13:32:58.0863 6512 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll
13:32:58.0873 6512 Browser - ok
13:32:58.0913 6512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
13:32:58.0923 6512 Brserid - ok
13:32:58.0953 6512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
13:32:58.0953 6512 BrSerWdm - ok
13:32:58.0983 6512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
13:32:58.0983 6512 BrUsbMdm - ok
13:32:59.0003 6512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
13:32:59.0003 6512 BrUsbSer - ok
13:32:59.0063 6512 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
13:32:59.0073 6512 BthEnum - ok
13:32:59.0093 6512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
13:32:59.0103 6512 BTHMODEM - ok
13:32:59.0113 6512 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
13:32:59.0123 6512 BthPan - ok
13:32:59.0173 6512 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys
13:32:59.0223 6512 BTHPORT - ok
13:32:59.0273 6512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
13:32:59.0283 6512 bthserv - ok
13:32:59.0293 6512 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys
13:32:59.0343 6512 BTHUSB - ok
13:32:59.0463 6512 Cam5607 (f9541d61442f9621d6858a1bbcf7f675) C:\windows\system32\Drivers\BisonC07.sys
13:32:59.0543 6512 Cam5607 - ok
13:32:59.0563 6512 catchme - ok
13:32:59.0593 6512 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
13:32:59.0593 6512 cdfs - ok
13:32:59.0643 6512 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys
13:32:59.0653 6512 cdrom - ok
13:32:59.0683 6512 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
13:32:59.0693 6512 CertPropSvc - ok
13:32:59.0753 6512 cfwids (274ce03459896006f7a5069266e0469e) C:\windows\system32\drivers\cfwids.sys
13:32:59.0833 6512 cfwids - ok
13:32:59.0873 6512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
13:32:59.0873 6512 circlass - ok
13:32:59.0923 6512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
13:32:59.0923 6512 CLFS - ok
13:32:59.0993 6512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:32:59.0993 6512 clr_optimization_v2.0.50727_32 - ok
13:33:00.0053 6512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:33:00.0053 6512 clr_optimization_v2.0.50727_64 - ok
13:33:00.0123 6512 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:33:00.0203 6512 clr_optimization_v4.0.30319_32 - ok
13:33:00.0253 6512 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:33:00.0313 6512 clr_optimization_v4.0.30319_64 - ok
13:33:00.0353 6512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
13:33:00.0363 6512 CmBatt - ok
13:33:00.0373 6512 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys
13:33:00.0383 6512 cmdide - ok
13:33:00.0453 6512 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys
13:33:00.0503 6512 CNG - ok
13:33:00.0583 6512 CnxtHdAudService (7247a4d0875f5f28919e0787e11b7b57) C:\windows\system32\drivers\CHDRT64.sys
13:33:00.0643 6512 CnxtHdAudService - ok
13:33:00.0693 6512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
13:33:00.0693 6512 Compbatt - ok
13:33:00.0733 6512 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys
13:33:00.0733 6512 CompositeBus - ok
13:33:00.0743 6512 COMSysApp - ok
13:33:00.0773 6512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
13:33:00.0773 6512 crcdisk - ok
13:33:00.0813 6512 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll
13:33:00.0823 6512 CryptSvc - ok
13:33:01.0003 6512 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:33:01.0013 6512 cvhsvc - ok
13:33:01.0073 6512 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
13:33:01.0073 6512 DcomLaunch - ok
13:33:01.0123 6512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
13:33:01.0133 6512 defragsvc - ok
13:33:01.0223 6512 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys
13:33:01.0223 6512 DfsC - ok
13:33:01.0283 6512 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll
13:33:01.0303 6512 Dhcp - ok
13:33:01.0333 6512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
13:33:01.0333 6512 discache - ok
13:33:01.0363 6512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
13:33:01.0363 6512 Disk - ok
13:33:01.0423 6512 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll
13:33:01.0463 6512 Dnscache - ok
13:33:01.0513 6512 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll
13:33:01.0523 6512 dot3svc - ok
13:33:01.0553 6512 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll
13:33:01.0553 6512 DPS - ok
13:33:01.0593 6512 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
13:33:01.0603 6512 drmkaud - ok
13:33:01.0693 6512 DXGKrnl (24ce1ecf9d0ae0301775b07f5fea175b) C:\windows\System32\drivers\dxgkrnl.sys
13:33:01.0783 6512 DXGKrnl - ok
13:33:01.0823 6512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
13:33:01.0823 6512 EapHost - ok
13:33:02.0003 6512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
13:33:02.0083 6512 ebdrv - ok
13:33:02.0203 6512 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe
13:33:02.0203 6512 EFS - ok
13:33:02.0283 6512 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\windows\ehome\ehRecvr.exe
13:33:02.0343 6512 ehRecvr - ok
13:33:02.0373 6512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
13:33:02.0373 6512 ehSched - ok
13:33:02.0473 6512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
13:33:02.0503 6512 elxstor - ok
13:33:02.0533 6512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys
13:33:02.0543 6512 ErrDev - ok
13:33:02.0583 6512 ETD (fb558cebea17a6b63205985dff39e662) C:\windows\system32\DRIVERS\ETD.sys
13:33:02.0643 6512 ETD - ok
13:33:02.0703 6512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
13:33:02.0713 6512 EventSystem - ok
13:33:02.0753 6512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
13:33:02.0763 6512 exfat - ok
13:33:02.0793 6512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
13:33:02.0803 6512 fastfat - ok
13:33:02.0873 6512 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe
13:33:02.0893 6512 Fax - ok
13:33:02.0933 6512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
13:33:02.0933 6512 fdc - ok
13:33:02.0963 6512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
13:33:02.0963 6512 fdPHost - ok
13:33:02.0983 6512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
13:33:02.0983 6512 FDResPub - ok
13:33:03.0003 6512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
13:33:03.0013 6512 FileInfo - ok
13:33:03.0033 6512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
13:33:03.0033 6512 Filetrace - ok
13:33:03.0073 6512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
13:33:03.0083 6512 flpydisk - ok
13:33:03.0123 6512 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys
13:33:03.0133 6512 FltMgr - ok
13:33:03.0233 6512 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\windows\system32\FntCache.dll
13:33:03.0283 6512 FontCache - ok
13:33:03.0343 6512 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:33:03.0343 6512 FontCache3.0.0.0 - ok
13:33:03.0413 6512 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
13:33:03.0413 6512 FsDepends - ok
13:33:03.0463 6512 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\windows\system32\drivers\Fs_Rec.sys
13:33:03.0524 6512 Fs_Rec - ok
13:33:03.0565 6512 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys
13:33:03.0625 6512 fvevol - ok
13:33:03.0655 6512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
13:33:03.0665 6512 gagp30kx - ok
13:33:03.0845 6512 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:33:03.0915 6512 GamesAppService - ok
13:33:04.0005 6512 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
13:33:04.0055 6512 GEARAspiWDM - ok
13:33:04.0115 6512 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll
13:33:04.0135 6512 gpsvc - ok
13:33:04.0275 6512 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:33:04.0275 6512 gupdate - ok
13:33:04.0325 6512 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:33:04.0325 6512 gupdatem - ok
13:33:04.0355 6512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
13:33:04.0355 6512 hcw85cir - ok
13:33:04.0395 6512 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys
13:33:04.0415 6512 HdAudAddService - ok
13:33:04.0455 6512 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys
13:33:04.0455 6512 HDAudBus - ok
13:33:04.0485 6512 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
13:33:04.0545 6512 HECIx64 - ok
13:33:04.0575 6512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
13:33:04.0585 6512 HidBatt - ok
13:33:04.0605 6512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
13:33:04.0615 6512 HidBth - ok
13:33:04.0625 6512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
13:33:04.0635 6512 HidIr - ok
13:33:04.0655 6512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\System32\hidserv.dll
13:33:04.0665 6512 hidserv - ok
13:33:04.0695 6512 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys
13:33:04.0695 6512 HidUsb - ok
13:33:04.0715 6512 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll
13:33:04.0725 6512 hkmsvc - ok
13:33:04.0755 6512 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll
13:33:04.0765 6512 HomeGroupListener - ok
13:33:04.0805 6512 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll
13:33:04.0815 6512 HomeGroupProvider - ok
13:33:04.0955 6512 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:33:04.0955 6512 hpqcxs08 - ok
13:33:04.0975 6512 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:33:05.0025 6512 hpqddsvc - ok
13:33:05.0065 6512 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys
13:33:05.0065 6512 HpSAMD - ok
13:33:05.0155 6512 HPSLPSVC (d4f91cf4de215d6f14a06087d46725e4) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:33:05.0165 6512 HPSLPSVC - ok
13:33:05.0225 6512 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys
13:33:05.0225 6512 HTTP - ok
13:33:05.0245 6512 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys
13:33:05.0245 6512 hwpolicy - ok
13:33:05.0285 6512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
13:33:05.0295 6512 i8042prt - ok
13:33:05.0365 6512 iaStor (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys
13:33:05.0375 6512 iaStor - ok
13:33:05.0445 6512 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:33:05.0505 6512 IAStorDataMgrSvc - ok
13:33:05.0585 6512 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys
13:33:05.0655 6512 iaStorV - ok
13:33:05.0785 6512 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:33:05.0805 6512 idsvc - ok
13:33:06.0275 6512 igfx (09ce164afa8483e41808784d7fca154e) C:\windows\system32\DRIVERS\igdkmd64.sys
13:33:06.0456 6512 igfx - ok
13:33:06.0567 6512 IGRS (d951d20153e51928f9db2227d6ff5c7a) C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe
13:33:06.0637 6512 IGRS - ok
13:33:06.0737 6512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
13:33:06.0747 6512 iirsp - ok
13:33:06.0817 6512 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll
13:33:06.0837 6512 IKEEXT - ok
13:33:06.0887 6512 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\windows\system32\DRIVERS\Impcd.sys
13:33:06.0947 6512 Impcd - ok
13:33:06.0997 6512 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\windows\system32\DRIVERS\IntcDAud.sys
13:33:07.0057 6512 IntcDAud - ok
13:33:07.0077 6512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys
13:33:07.0087 6512 intelide - ok
13:33:07.0127 6512 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
13:33:07.0127 6512 intelppm - ok
13:33:07.0167 6512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
13:33:07.0167 6512 IPBusEnum - ok
13:33:07.0197 6512 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys
13:33:07.0207 6512 IpFilterDriver - ok
13:33:07.0247 6512 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll
13:33:07.0257 6512 iphlpsvc - ok
13:33:07.0267 6512 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys
13:33:07.0277 6512 IPMIDRV - ok
13:33:07.0307 6512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
13:33:07.0317 6512 IPNAT - ok
13:33:07.0427 6512 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
13:33:07.0437 6512 iPod Service - ok
13:33:07.0477 6512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
13:33:07.0477 6512 IRENUM - ok
13:33:07.0487 6512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys
13:33:07.0497 6512 isapnp - ok
13:33:07.0527 6512 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys
13:33:07.0537 6512 iScsiPrt - ok
13:33:07.0587 6512 k57nd60a (7dbafe10c1b777305c80bea42fbda710) C:\windows\system32\DRIVERS\k57nd60a.sys
13:33:07.0597 6512 k57nd60a - ok
13:33:07.0647 6512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
13:33:07.0657 6512 kbdclass - ok
13:33:07.0677 6512 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys
13:33:07.0677 6512 kbdhid - ok
13:33:07.0727 6512 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
13:33:07.0727 6512 KeyIso - ok
13:33:07.0747 6512 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys
13:33:07.0787 6512 KSecDD - ok
13:33:07.0827 6512 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys
13:33:07.0827 6512 KSecPkg - ok
13:33:07.0867 6512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
13:33:07.0877 6512 ksthunk - ok
13:33:07.0917 6512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
13:33:07.0937 6512 KtmRm - ok
13:33:07.0997 6512 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\System32\srvsvc.dll
13:33:08.0047 6512 LanmanServer - ok
13:33:08.0097 6512 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll
13:33:08.0107 6512 LanmanWorkstation - ok
13:33:08.0197 6512 Lenovo ReadyComm AppSvc (7fcb3ec66361f157bcd5b5c33ce2ac16) C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
13:33:08.0287 6512 Lenovo ReadyComm AppSvc - ok
13:33:08.0357 6512 Lenovo ReadyComm ConnSvc (5287074e79e4ba82510886f684dc5f72) C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
13:33:08.0427 6512 Lenovo ReadyComm ConnSvc - ok
13:33:08.0517 6512 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
13:33:08.0527 6512 lltdio - ok
13:33:08.0567 6512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
13:33:08.0587 6512 lltdsvc - ok
13:33:08.0607 6512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
13:33:08.0607 6512 lmhosts - ok
13:33:08.0757 6512 LMS (1e2f802846eb944e0333efee7c9532a8) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:33:08.0757 6512 LMS - ok
13:33:08.0817 6512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
13:33:08.0817 6512 LSI_FC - ok
13:33:08.0827 6512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
13:33:08.0837 6512 LSI_SAS - ok
13:33:08.0847 6512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
13:33:08.0847 6512 LSI_SAS2 - ok
13:33:08.0857 6512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
13:33:08.0857 6512 LSI_SCSI - ok
13:33:08.0907 6512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
13:33:08.0907 6512 luafv - ok
13:33:09.0047 6512 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:33:09.0047 6512 McAfee SiteAdvisor Service - ok
13:33:09.0067 6512 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:33:09.0067 6512 McMPFSvc - ok
13:33:09.0067 6512 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:33:09.0067 6512 mcmscsvc - ok
13:33:09.0077 6512 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:33:09.0077 6512 McNaiAnn - ok
13:33:09.0117 6512 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:33:09.0117 6512 McNASvc - ok
13:33:09.0237 6512 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
13:33:09.0307 6512 McODS - ok
13:33:09.0317 6512 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:33:09.0317 6512 McProxy - ok
13:33:09.0387 6512 McPvDrv (a0c364079e7ae6c3127bee8e196f00e5) C:\windows\system32\drivers\McPvDrv.sys
13:33:09.0387 6512 McPvDrv - ok
13:33:09.0487 6512 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
13:33:09.0557 6512 McShield - ok
13:33:09.0597 6512 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll
13:33:09.0607 6512 Mcx2Svc - ok
13:33:09.0617 6512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
13:33:09.0627 6512 megasas - ok
13:33:09.0657 6512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
13:33:09.0667 6512 MegaSR - ok
13:33:09.0747 6512 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\windows\system32\drivers\mfeapfk.sys
13:33:09.0797 6512 mfeapfk - ok
13:33:09.0867 6512 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\windows\system32\drivers\mfeavfk.sys
13:33:09.0937 6512 mfeavfk - ok
13:33:09.0957 6512 mfeavfk01 - ok
13:33:10.0027 6512 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
13:33:10.0097 6512 mfefire - ok
13:33:10.0197 6512 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\windows\system32\drivers\mfefirek.sys
13:33:10.0257 6512 mfefirek - ok
13:33:10.0347 6512 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\windows\system32\drivers\mfehidk.sys
13:33:10.0417 6512 mfehidk - ok
13:33:10.0487 6512 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\windows\system32\DRIVERS\mfenlfk.sys
13:33:10.0547 6512 mfenlfk - ok
13:33:10.0617 6512 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\windows\system32\drivers\mferkdet.sys
13:33:10.0617 6512 mferkdet - ok
13:33:10.0677 6512 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\windows\system32\mfevtps.exe
13:33:10.0737 6512 mfevtp - ok
13:33:10.0807 6512 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\windows\system32\drivers\mfewfpk.sys
13:33:10.0867 6512 mfewfpk - ok
13:33:10.0947 6512 Microsoft SharePoint Workspace Audit Service - ok
13:33:11.0007 6512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
13:33:11.0007 6512 MMCSS - ok
13:33:11.0117 6512 MOBKbackup (8cc001c65c31633171991fa72a551d43) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
13:33:11.0177 6512 MOBKbackup - ok
13:33:11.0227 6512 MOBKFilter (3800c23d0d90c59aafcdefdc82b5c4af) C:\windows\system32\DRIVERS\MOBK.sys
13:33:11.0287 6512 MOBKFilter - ok
13:33:11.0307 6512 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
13:33:11.0307 6512 Modem - ok
13:33:11.0347 6512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
13:33:11.0347 6512 monitor - ok
13:33:11.0367 6512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
13:33:11.0377 6512 mouclass - ok
13:33:11.0407 6512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
13:33:11.0407 6512 mouhid - ok
13:33:11.0427 6512 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys
13:33:11.0427 6512 mountmgr - ok
13:33:11.0547 6512 MozillaMaintenance (d9378fedbdb9895444ca07c761136106) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:33:11.0607 6512 MozillaMaintenance - ok
13:33:11.0637 6512 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys
13:33:11.0657 6512 mpio - ok
13:33:11.0697 6512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
13:33:11.0707 6512 mpsdrv - ok
13:33:11.0777 6512 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll
13:33:11.0787 6512 MpsSvc - ok
13:33:11.0817 6512 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys
13:33:11.0827 6512 MRxDAV - ok
13:33:11.0887 6512 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys
13:33:11.0887 6512 mrxsmb - ok
13:33:11.0947 6512 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys
13:33:11.0957 6512 mrxsmb10 - ok
13:33:11.0977 6512 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys
13:33:11.0977 6512 mrxsmb20 - ok
13:33:11.0997 6512 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys
13:33:11.0997 6512 msahci - ok
13:33:12.0027 6512 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys
13:33:12.0037 6512 msdsm - ok
13:33:12.0067 6512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
13:33:12.0077 6512 MSDTC - ok
13:33:12.0107 6512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
13:33:12.0107 6512 Msfs - ok
13:33:12.0117 6512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
13:33:12.0127 6512 mshidkmdf - ok
13:33:12.0137 6512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys
13:33:12.0137 6512 msisadrv - ok
13:33:12.0187 6512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
13:33:12.0187 6512 MSiSCSI - ok
13:33:12.0197 6512 msiserver - ok
13:33:12.0317 6512 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
13:33:12.0327 6512 MSK80Service - ok
13:33:12.0357 6512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
13:33:12.0357 6512 MSKSSRV - ok
13:33:12.0377 6512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
13:33:12.0377 6512 MSPCLOCK - ok
13:33:12.0387 6512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
13:33:12.0397 6512 MSPQM - ok
13:33:12.0437 6512 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys
13:33:12.0447 6512 MsRPC - ok
13:33:12.0457 6512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
13:33:12.0457 6512 mssmbios - ok
13:33:12.0487 6512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
13:33:12.0487 6512 MSTEE - ok
13:33:12.0497 6512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
13:33:12.0507 6512 MTConfig - ok
13:33:12.0537 6512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
13:33:12.0537 6512 Mup - ok
13:33:12.0587 6512 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll
13:33:12.0637 6512 napagent - ok
13:33:12.0697 6512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
13:33:12.0717 6512 NativeWifiP - ok
13:33:12.0797 6512 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys
13:33:12.0807 6512 NDIS - ok
13:33:12.0817 6512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
13:33:12.0827 6512 NdisCap - ok
13:33:12.0867 6512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
13:33:12.0877 6512 NdisTapi - ok
13:33:12.0907 6512 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys
13:33:12.0917 6512 Ndisuio - ok
13:33:12.0937 6512 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys
13:33:12.0947 6512 NdisWan - ok
13:33:12.0967 6512 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys
13:33:12.0977 6512 NDProxy - ok
13:33:12.0997 6512 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
13:33:13.0037 6512 Net Driver HPZ12 - ok
13:33:13.0077 6512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
13:33:13.0077 6512 NetBIOS - ok
13:33:13.0117 6512 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys
13:33:13.0117 6512 NetBT - ok
13:33:13.0157 6512 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
13:33:13.0157 6512 Netlogon - ok
13:33:13.0207 6512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
13:33:13.0227 6512 Netman - ok
13:33:13.0257 6512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
13:33:13.0267 6512 netprofm - ok
13:33:13.0337 6512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:33:13.0337 6512 NetTcpPortSharing - ok
13:33:13.0607 6512 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\windows\system32\DRIVERS\netw5v64.sys
13:33:13.0747 6512 netw5v64 - ok
13:33:13.0867 6512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
13:33:13.0867 6512 nfrd960 - ok
13:33:13.0917 6512 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll
13:33:13.0937 6512 NlaSvc - ok
13:33:14.0047 6512 nlsX86cc (b1ef4686961986dffb7fe8f18e6fcb5b) C:\windows\SysWOW64\nlssrv32.exe
13:33:14.0107 6512 nlsX86cc - ok
13:33:14.0187 6512 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\windows\system32\drivers\npf.sys
13:33:14.0257 6512 NPF - ok
13:33:14.0287 6512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
13:33:14.0287 6512 Npfs - ok
13:33:14.0307 6512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
13:33:14.0317 6512 nsi - ok
13:33:14.0357 6512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
13:33:14.0357 6512 nsiproxy - ok
13:33:14.0497 6512 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys
13:33:14.0537 6512 Ntfs - ok
13:33:14.0627 6512 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
13:33:14.0637 6512 Null - ok
13:33:14.0687 6512 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys
13:33:14.0747 6512 nvraid - ok
13:33:14.0797 6512 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys
13:33:14.0857 6512 nvstor - ok
13:33:14.0887 6512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys
13:33:14.0897 6512 nv_agp - ok
13:33:15.0017 6512 Oasis2Service (f5a3015dafc7ae80fc43f36558a19ba5) C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
13:33:15.0077 6512 Oasis2Service - ok
13:33:15.0097 6512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys
13:33:15.0097 6512 ohci1394 - ok
13:33:15.0157 6512 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:33:15.0217 6512 ose - ok
13:33:15.0497 6512 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:33:15.0697 6512 osppsvc - ok
13:33:15.0827 6512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
13:33:15.0837 6512 p2pimsvc - ok
13:33:15.0878 6512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
13:33:15.0898 6512 p2psvc - ok
13:33:15.0968 6512 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
13:33:15.0978 6512 Parport - ok
13:33:16.0018 6512 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\windows\system32\drivers\partmgr.sys
13:33:16.0018 6512 partmgr - ok
13:33:16.0058 6512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
13:33:16.0068 6512 PcaSvc - ok
13:33:16.0108 6512 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys
13:33:16.0128 6512 pci - ok
13:33:16.0138 6512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys
13:33:16.0138 6512 pciide - ok
13:33:16.0158 6512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
13:33:16.0168 6512 pcmcia - ok
13:33:16.0198 6512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
13:33:16.0198 6512 pcw - ok
13:33:16.0248 6512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
13:33:16.0268 6512 PEAUTH - ok
13:33:16.0348 6512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
13:33:16.0348 6512 PerfHost - ok
13:33:16.0448 6512 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll
13:33:16.0488 6512 pla - ok
13:33:16.0558 6512 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll
13:33:16.0568 6512 PlugPlay - ok
13:33:16.0618 6512 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
13:33:16.0658 6512 Pml Driver HPZ12 - ok
13:33:16.0690 6512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
13:33:16.0700 6512 PNRPAutoReg - ok
13:33:16.0750 6512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
13:33:16.0760 6512 PNRPsvc - ok
13:33:16.0820 6512 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll
13:33:16.0840 6512 PolicyAgent - ok
13:33:16.0890 6512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
13:33:16.0900 6512 Power - ok
13:33:16.0980 6512 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys
13:33:16.0990 6512 PptpMiniport - ok
13:33:17.0000 6512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
13:33:17.0010 6512 Processor - ok
13:33:17.0060 6512 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll
13:33:17.0060 6512 ProfSvc - ok
13:33:17.0100 6512 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
13:33:17.0100 6512 ProtectedStorage - ok
13:33:17.0150 6512 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys
13:33:17.0160 6512 Psched - ok
13:33:17.0160 6512 PS_MDP - ok
13:33:17.0260 6512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
13:33:17.0320 6512 ql2300 - ok
13:33:17.0430 6512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
13:33:17.0430 6512 ql40xx - ok
13:33:17.0470 6512 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
13:33:17.0510 6512 QWAVE - ok
13:33:17.0520 6512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
13:33:17.0530 6512 QWAVEdrv - ok
13:33:17.0530 6512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
13:33:17.0540 6512 RasAcd - ok
13:33:17.0570 6512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
13:33:17.0580 6512 RasAgileVpn - ok
13:33:17.0600 6512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
13:33:17.0610 6512 RasAuto - ok
13:33:17.0640 6512 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys
13:33:17.0640 6512 Rasl2tp - ok
13:33:17.0690 6512 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll
13:33:17.0720 6512 RasMan - ok
13:33:17.0760 6512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
13:33:17.0770 6512 RasPppoe - ok
13:33:17.0810 6512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
13:33:17.0810 6512 RasSstp - ok
13:33:17.0840 6512 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys
13:33:17.0900 6512 rdbss - ok
13:33:17.0940 6512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
13:33:17.0950 6512 rdpbus - ok
13:33:17.0960 6512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
13:33:17.0970 6512 RDPCDD - ok
13:33:17.0980 6512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
13:33:17.0980 6512 RDPENCDD - ok
13:33:18.0000 6512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
13:33:18.0000 6512 RDPREFMP - ok
13:33:18.0050 6512 RDPWD (074ac702d8b8b660b0e1371555995386) C:\windows\system32\drivers\RDPWD.sys
13:33:18.0110 6512 RDPWD - ok
13:33:18.0160 6512 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys
13:33:18.0170 6512 rdyboost - ok
13:33:18.0170 6512 ReadyComm.DirectRouter - ok
13:33:18.0210 6512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
13:33:18.0210 6512 RemoteAccess - ok
13:33:18.0240 6512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
13:33:18.0260 6512 RemoteRegistry - ok
13:33:18.0300 6512 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
13:33:18.0310 6512 RFCOMM - ok
13:33:18.0450 6512 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files (x86)\WinPcap\rpcapd.exe
13:33:18.0520 6512 rpcapd - ok
13:33:18.0550 6512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
13:33:18.0550 6512 RpcEptMapper - ok
13:33:18.0580 6512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
13:33:18.0580 6512 RpcLocator - ok
13:33:18.0630 6512 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll
13:33:18.0630 6512 RpcSs - ok
13:33:18.0680 6512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
13:33:18.0680 6512 rspndr - ok
13:33:18.0730 6512 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\windows\system32\Drivers\RtsUStor.sys
13:33:18.0790 6512 RSUSBSTOR - ok
13:33:18.0830 6512 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\windows\system32\DRIVERS\Rt64win7.sys
13:33:18.0830 6512 RTL8167 - ok
13:33:18.0890 6512 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
13:33:18.0890 6512 SamSs - ok
13:33:18.0910 6512 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys
13:33:18.0920 6512 sbp2port - ok
13:33:18.0960 6512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
13:33:18.0970 6512 SCardSvr - ok
13:33:19.0000 6512 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys
13:33:19.0000 6512 scfilter - ok
13:33:19.0110 6512 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll
13:33:19.0180 6512 Schedule - ok
13:33:19.0200 6512 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll
13:33:19.0210 6512 SCPolicySvc - ok
13:33:19.0250 6512 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll
13:33:19.0270 6512 SDRSVC - ok
13:33:19.0380 6512 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:33:19.0450 6512 SeaPort - ok
13:33:19.0500 6512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
13:33:19.0500 6512 secdrv - ok
13:33:19.0530 6512 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll
13:33:19.0530 6512 seclogon - ok
13:33:19.0550 6512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\system32\sens.dll
13:33:19.0560 6512 SENS - ok
13:33:19.0580 6512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
13:33:19.0580 6512 SensrSvc - ok
13:33:19.0610 6512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
13:33:19.0620 6512 Serenum - ok
13:33:19.0640 6512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
13:33:19.0640 6512 Serial - ok
13:33:19.0650 6512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
13:33:19.0650 6512 sermouse - ok
13:33:19.0700 6512 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll
13:33:19.0700 6512 SessionEnv - ok
13:33:19.0740 6512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys
13:33:19.0740 6512 sffdisk - ok
13:33:19.0770 6512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys
13:33:19.0780 6512 sffp_mmc - ok
13:33:19.0800 6512 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys
13:33:19.0850 6512 sffp_sd - ok
13:33:19.0880 6512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
13:33:19.0880 6512 sfloppy - ok
13:33:19.0990 6512 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\windows\system32\DRIVERS\Sftfslh.sys
13:33:20.0060 6512 Sftfs - ok
13:33:20.0180 6512 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:33:20.0250 6512 sftlist - ok
13:33:20.0280 6512 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\windows\system32\DRIVERS\Sftplaylh.sys
13:33:20.0340 6512 Sftplay - ok
13:33:20.0380 6512 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\windows\system32\DRIVERS\Sftredirlh.sys
13:33:20.0380 6512 Sftredir - ok
13:33:20.0400 6512 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\windows\system32\DRIVERS\Sftvollh.sys
13:33:20.0450 6512 Sftvol - ok
13:33:20.0510 6512 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:33:20.0580 6512 sftvsa - ok
13:33:20.0620 6512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
13:33:20.0650 6512 SharedAccess - ok
13:33:20.0690 6512 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll
13:33:20.0710 6512 ShellHWDetection - ok
13:33:20.0740 6512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
13:33:20.0750 6512 SiSRaid2 - ok
13:33:20.0760 6512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
13:33:20.0760 6512 SiSRaid4 - ok
13:33:20.0800 6512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
13:33:20.0800 6512 Smb - ok
13:33:20.0860 6512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
13:33:20.0860 6512 SNMPTRAP - ok
13:33:20.0870 6512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
13:33:20.0880 6512 spldr - ok
13:33:20.0930 6512 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe
13:33:20.0990 6512 Spooler - ok
13:33:21.0170 6512 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe
13:33:21.0190 6512 sppsvc - ok
13:33:21.0300 6512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
13:33:21.0310 6512 sppuinotify - ok
13:33:21.0420 6512 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys
13:33:21.0520 6512 srv - ok
13:33:21.0560 6512 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys
13:33:21.0570 6512 srv2 - ok
13:33:21.0630 6512 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys
13:33:21.0630 6512 srvnet - ok
13:33:21.0680 6512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
13:33:21.0690 6512 SSDPSRV - ok
13:33:21.0750 6512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
13:33:21.0750 6512 SstpSvc - ok
13:33:21.0820 6512 Steam Client Service - ok
13:33:21.0860 6512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
13:33:21.0860 6512 stexstor - ok
13:33:21.0900 6512 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys
13:33:21.0900 6512 StillCam - ok
13:33:21.0970 6512 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll
13:33:22.0000 6512 stisvc - ok
13:33:22.0010 6512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
13:33:22.0020 6512 swenum - ok
13:33:22.0080 6512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
13:33:22.0110 6512 swprv - ok
13:33:22.0210 6512 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll
13:33:22.0260 6512 SysMain - ok
13:33:22.0360 6512 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll
13:33:22.0370 6512 TabletInputService - ok
13:33:22.0400 6512 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll
13:33:22.0420 6512 TapiSrv - ok
13:33:22.0430 6512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
13:33:22.0440 6512 TBS - ok
13:33:22.0590 6512 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\drivers\tcpip.sys
13:33:22.0770 6512 Tcpip - ok
13:33:23.0040 6512 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\windows\system32\DRIVERS\tcpip.sys
13:33:23.0050 6512 TCPIP6 - ok
13:33:23.0140 6512 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys
13:33:23.0140 6512 tcpipreg - ok
13:33:23.0160 6512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
13:33:23.0160 6512 TDPIPE - ok
13:33:23.0210 6512 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys
13:33:23.0260 6512 TDTCP - ok
13:33:23.0290 6512 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys
13:33:23.0300 6512 tdx - ok
13:33:23.0560 6512 TeamViewer7 (74fc70ae64a7b7dabec9697ce0a1f4fa) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
13:33:23.0660 6512 TeamViewer7 - ok
13:33:23.0780 6512 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys
13:33:23.0780 6512 TermDD - ok
13:33:23.0850 6512 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll
13:33:23.0890 6512 TermService - ok
13:33:23.0930 6512 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
13:33:23.0940 6512 Themes - ok
13:33:23.0960 6512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
13:33:23.0960 6512 THREADORDER - ok
13:33:24.0010 6512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
13:33:24.0010 6512 TrkWks - ok
13:33:24.0080 6512 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe
13:33:24.0080 6512 TrustedInstaller - ok
13:33:24.0130 6512 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys
13:33:24.0130 6512 tssecsrv - ok
13:33:24.0160 6512 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys
13:33:24.0170 6512 tunnel - ok
13:33:24.0200 6512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
13:33:24.0210 6512 uagp35 - ok
13:33:24.0250 6512 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys
13:33:24.0270 6512 udfs - ok
13:33:24.0300 6512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
13:33:24.0300 6512 UI0Detect - ok
13:33:24.0310 6512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys
13:33:24.0320 6512 uliagpkx - ok
13:33:24.0350 6512 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys
13:33:24.0350 6512 umbus - ok
13:33:24.0360 6512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
13:33:24.0360 6512 UmPass - ok
13:33:24.0630 6512 UNS (af905f4966cfc8b973623ab150cd4b2b) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:33:24.0640 6512 UNS - ok
13:33:24.0770 6512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
13:33:24.0830 6512 upnphost - ok
13:33:24.0890 6512 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
13:33:24.0940 6512 USBAAPL64 - ok
13:33:24.0990 6512 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\windows\system32\DRIVERS\usbccgp.sys
13:33:25.0040 6512 usbccgp - ok
13:33:25.0080 6512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys
13:33:25.0090 6512 usbcir - ok
13:33:25.0120 6512 usbehci (92969ba5ac44e229c55a332864f79677) C:\windows\system32\drivers\usbehci.sys
13:33:25.0170 6512 usbehci - ok
13:33:25.0210 6512 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\windows\system32\DRIVERS\usbhub.sys
13:33:25.0270 6512 usbhub - ok
13:33:25.0320 6512 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\windows\system32\drivers\usbohci.sys
13:33:25.0370 6512 usbohci - ok
13:33:25.0400 6512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
13:33:25.0400 6512 usbprint - ok
13:33:25.0450 6512 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS
13:33:25.0500 6512 USBSTOR - ok
13:33:25.0550 6512 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\windows\system32\drivers\usbuhci.sys
13:33:25.0600 6512 usbuhci - ok
13:33:25.0640 6512 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys
13:33:25.0700 6512 usbvideo - ok
13:33:25.0730 6512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
13:33:25.0740 6512 UxSms - ok
13:33:25.0780 6512 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe
13:33:25.0780 6512 VaultSvc - ok
13:33:25.0820 6512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys
13:33:25.0820 6512 vdrvroot - ok
13:33:25.0890 6512 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe
13:33:25.0910 6512 vds - ok
13:33:25.0930 6512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
13:33:25.0940 6512 vga - ok
13:33:25.0950 6512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
13:33:25.0960 6512 VgaSave - ok
13:33:25.0990 6512 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys
13:33:26.0000 6512 vhdmp - ok
13:33:26.0000 6512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys
13:33:26.0010 6512 viaide - ok
13:33:26.0030 6512 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys
13:33:26.0040 6512 volmgr - ok
13:33:26.0070 6512 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys
13:33:26.0080 6512 volmgrx - ok
13:33:26.0100 6512 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys
13:33:26.0100 6512 volsnap - ok
13:33:26.0130 6512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
13:33:26.0140 6512 vsmraid - ok
13:33:26.0260 6512 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe
13:33:26.0270 6512 VSS - ok
13:33:26.0480 6512 vToolbarUpdater11.1.0 (5fa45791413acce628d5361458f32dde) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
13:33:26.0560 6512 vToolbarUpdater11.1.0 - ok
13:33:26.0700 6512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
13:33:26.0700 6512 vwifibus - ok
13:33:26.0720 6512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
13:33:26.0730 6512 vwififlt - ok
13:33:26.0770 6512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
13:33:26.0780 6512 W32Time - ok
13:33:26.0800 6512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
13:33:26.0800 6512 WacomPen - ok
13:33:26.0840 6512 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
13:33:26.0850 6512 WANARP - ok
13:33:26.0870 6512 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys
13:33:26.0870 6512 Wanarpv6 - ok
13:33:26.0990 6512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
13:33:27.0060 6512 WatAdminSvc - ok
13:33:27.0212 6512 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe
13:33:27.0282 6512 wbengine - ok
13:33:27.0392 6512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
13:33:27.0412 6512 WbioSrvc - ok
13:33:27.0482 6512 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\windows\System32\wcncsvc.dll
13:33:27.0582 6512 wcncsvc - ok
13:33:27.0592 6512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
13:33:27.0602 6512 WcsPlugInService - ok
13:33:27.0662 6512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
13:33:27.0662 6512 Wd - ok
13:33:27.0722 6512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
13:33:27.0772 6512 Wdf01000 - ok
13:33:27.0792 6512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
13:33:27.0802 6512 WdiServiceHost - ok
13:33:27.0802 6512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
13:33:27.0802 6512 WdiSystemHost - ok
13:33:27.0842 6512 wdmirror (2a444acf7dd446505bcc801f8f6ae5fd) C:\windows\system32\DRIVERS\WDMirror.sys
13:33:27.0892 6512 wdmirror - ok
13:33:27.0962 6512 WebClient (733006127f235be7c35354ebee7b9a7b) C:\windows\System32\webclnt.dll
13:33:28.0002 6512 WebClient - ok
13:33:28.0042 6512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
13:33:28.0062 6512 Wecsvc - ok
13:33:28.0082 6512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
13:33:28.0082 6512 wercplsupport - ok
13:33:28.0102 6512 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
13:33:28.0102 6512 WerSvc - ok
13:33:28.0142 6512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
13:33:28.0142 6512 WfpLwf - ok
13:33:28.0182 6512 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\windows\system32\DRIVERS\wimfltr.sys
13:33:28.0242 6512 WimFltr - ok
13:33:28.0262 6512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
13:33:28.0272 6512 WIMMount - ok
13:33:28.0302 6512 WinDefend - ok
13:33:28.0312 6512 WinHttpAutoProxySvc - ok
13:33:28.0362 6512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
13:33:28.0372 6512 Winmgmt - ok
13:33:28.0502 6512 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll
13:33:28.0562 6512 WinRM - ok
13:33:28.0702 6512 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys
13:33:28.0702 6512 WinUsb - ok
13:33:28.0792 6512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
13:33:28.0802 6512 Wlansvc - ok
13:33:29.0023 6512 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:33:29.0073 6512 wlidsvc - ok
13:33:29.0173 6512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys
13:33:29.0183 6512 WmiAcpi - ok
13:33:29.0243 6512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
13:33:29.0243 6512 wmiApSrv - ok
13:33:29.0293 6512 WMPNetworkSvc - ok
13:33:29.0333 6512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
13:33:29.0343 6512 WPCSvc - ok
13:33:29.0363 6512 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll
13:33:29.0363 6512 WPDBusEnum - ok
13:33:29.0393 6512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
13:33:29.0403 6512 ws2ifsl - ok
13:33:29.0453 6512 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\windows\system32\wscsvc.dll
13:33:29.0453 6512 wscsvc - ok
13:33:29.0463 6512 WSearch - ok
13:33:29.0503 6512 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
13:33:29.0563 6512 wsvd - ok
13:33:29.0713 6512 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\windows\system32\wuaueng.dll
13:33:29.0763 6512 wuauserv - ok
13:33:29.0883 6512 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys
13:33:29.0893 6512 WudfPf - ok
13:33:29.0923 6512 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys
13:33:29.0933 6512 WUDFRd - ok
13:33:29.0973 6512 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll
13:33:29.0973 6512 wudfsvc - ok
13:33:30.0013 6512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
13:33:30.0083 6512 WwanSvc - ok
13:33:30.0133 6512 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\windows\system32\DRIVERS\xusb21.sys
13:33:30.0193 6512 xusb21 - ok
13:33:30.0343 6512 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:33:30.0443 6512 YahooAUService - ok
13:33:30.0463 6512 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:33:30.0803 6512 \Device\Harddisk0\DR0 - ok
13:33:30.0813 6512 Boot (0x1200) (209290adcf62588db61cfe686c18a3b0) \Device\Harddisk0\DR0\Partition0
13:33:30.0813 6512 \Device\Harddisk0\DR0\Partition0 - ok
13:33:30.0833 6512 Boot (0x1200) (e3c1772d9a22ff0d3e18bd559ec68e4b) \Device\Harddisk0\DR0\Partition1
13:33:30.0843 6512 \Device\Harddisk0\DR0\Partition1 - ok
13:33:30.0873 6512 Boot (0x1200) (bfa314de2d70deca9af0101ecdc4b024) \Device\Harddisk0\DR0\Partition2
13:33:30.0873 6512 \Device\Harddisk0\DR0\Partition2 - ok
13:33:30.0873 6512 ============================================================
13:33:30.0873 6512 Scan finished
13:33:30.0873 6512 ============================================================
13:33:30.0883 6424 Detected object count: 0
13:33:30.0883 6424 Actual detected object count: 0
13:36:03.0624 0784 Deinitialize success







Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.02.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Bri :: BRI [administrator]

6/3/2012 1:36:14 PM
mbam-log-2012-06-03 (13-36-14).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 252226
Time elapsed: 10 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-03 13:43:20
-----------------------------
13:43:20.388 OS Version: Windows x64 6.1.7600
13:43:20.388 Number of processors: 2 586 0x2505
13:43:20.390 ComputerName: BRI UserName: Bri
13:43:23.894 Initialize success
13:47:21.481 AVAST engine defs: 12060301
13:50:05.754 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:50:05.757 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:50:05.767 Disk 0 MBR read successfully
13:50:05.769 Disk 0 MBR scan
13:50:05.791 Disk 0 Windows 7 default MBR code
13:50:05.809 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
13:50:05.825 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 260243 MB offset 411648
13:50:05.831 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 533389312
13:50:05.860 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 594198528
13:50:05.893 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 533391360
13:50:05.949 Disk 0 scanning C:\windows\system32\drivers
13:50:18.006 Service scanning
13:50:58.250 Modules scanning
13:50:58.587 Disk 0 trace - called modules:
13:50:58.622 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
13:50:58.627 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006804370]
13:50:58.632 3 CLASSPNP.SYS[fffff8800192443f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004946050]
13:50:59.765 AVAST engine scan C:\windows
13:51:02.105 AVAST engine scan C:\windows\system32
13:59:53.684 AVAST engine scan C:\windows\system32\drivers
14:00:07.806 AVAST engine scan C:\Users\Bri
14:03:26.682 Disk 0 MBR has been saved successfully to "C:\Users\Bri\Desktop\MBR.dat"
14:03:26.695 The log file has been saved successfully to "C:\Users\Bri\Desktop\aswMBR.txt"

"Nothing says sausage like sausage!"


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 PM

Posted 03 June 2012 - 06:13 PM

Let's do this and see if it's gone.

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.




Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 SpaciousSpace

SpaciousSpace
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 03 June 2012 - 06:43 PM

I did that. I still get ads.

"Nothing says sausage like sausage!"


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 PM

Posted 03 June 2012 - 06:55 PM

OK< one more tool here...

1.Please download HitmanPro.
  • For 32-bit Operating System - Posted Image.
  • This is the mirror - Posted Image
  • For 64-bit Operating System - Posted Image
  • This is the mirror - Posted Image
2.Launch the program by double clicking on the Posted Image icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

3.Click on the next button. You must agree with the terms of EULA.

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!

8.Click on the next button.

9.Click on the "Export scan results to XML file".

10.Save that file to your desktop and zip and attach it in your next reply.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 SpaciousSpace

SpaciousSpace
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 03 June 2012 - 10:04 PM

Sorry, epic noob to this site. How do you attach files?

"Nothing says sausage like sausage!"


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 PM

Posted 04 June 2012 - 10:03 AM

You can't,in this section.. Copy/Paste
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 SpaciousSpace

SpaciousSpace
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 04 June 2012 - 11:05 PM

- <Log computer="BRI" scan="Normal" version="3.6.0.156" date="2012-06-03T19:40:55" timeSpentInSecs="657" filesProcessed="67884">
- <Item type="Malware" malwareName="Malware" score="100.0" status="None">
- <Scanners>
<Scanner id="Ikarus" name="Win32.SuspectCrc!IK" />
</Scanners>
<File path="C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll" hash="5ECE9DFC166BCD873950CBFB880536CAF0DA1A537496620A73647A508E226948" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:a1.interclick.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.adtechus.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldmanager.net" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com" />
</Item>
- <Item type="Malware" malwareName="Malware" score="107.0" status="None">
- <Scanners>
<Scanner id="DrWeb" name="Infected" />
</Scanners>
<File path="C:\Users\Bri\AppData\Local\Temp\air16E6.exe" hash="CDE9F8B2C41C250E75CC479D08FF86F49B4046371E4A71D21066AE6175AEF3D3" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\09T2UQ6O.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\351HLLCK.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\AIGDIQX5.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\BC22IQ9J.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\DSTPKA48.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\IN8O2HL4.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\K2ALFQ8D.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\OBTBT56E.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\RYGTUXKP.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\SLDHSV36.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\WBDZVAYF.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\WEOMBCSO.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Microsoft\Windows\Cookies\X28GMSJL.txt" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Mozilla\Firefox\Profiles\6gkcpb2e.default\cookies.sqlite:adinterax.com" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\Users\Bri\AppData\Roaming\Mozilla\Firefox\Profiles\6gkcpb2e.default\cookies.sqlite:ads.bleepingcomputer.com" />
</Item>
- <Item type="Malware" malwareName="Malware" score="108.0" status="None">
- <Scanners>
<Scanner id="DrWeb" name="Infected" />
</Scanners>
<File path="C:\Users\Bri\Desktop\Admin\johntheripper\run\john-386.exe" hash="3415E39806A34A4BC0F7238DCCC0D41C19B425B578760732F41A1B980E2CF682" />
</Item>
- <Item type="Repair" score="0.0" status="None">
<File path="C:\windows\system32\drivers\etc\hosts" />
</Item>
- <Item type="Malware" malwareName="Malware" score="99.0" status="None">
- <Scanners>
<Scanner id="DrWeb" name="Infected" />
</Scanners>
<File path="C:\windows\Temp\TBU001\ToolbarUpdate.exe" hash="B5F7F2C119FDB30A031C1EE434A2698828A2BF2FF64311E537230FE2C1E25A76" />
</Item>
</Log>

"Nothing says sausage like sausage!"


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 PM

Posted 05 June 2012 - 01:28 PM

Is the Ad still there?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 SpaciousSpace

SpaciousSpace
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 05 June 2012 - 09:01 PM

Yes. The redirection is there, too. I've also started getting this error upon start up:



There was a problem starting
C:\ProgramData\FF5D97EB-D95B-6DDB-BAEE-38EF46EC8ET3.avi

The specified module could not be found.

"Nothing says sausage like sausage!"


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 PM

Posted 05 June 2012 - 09:09 PM

OK, we are going to have to repost and get a deeper lok to find and kill this..

We can fix this here

C:\ProgramData\FF5D97EB-D95B-6DDB-BAEE-38EF46EC8ET3.avi

The specified module could not be found.



Its not unusual to receive such an error after using specialized fix tools.

A "Cannot find...", "Could not run...", "Error loading... or "specific module could not be found" message is usually related to malware that was set to run at startup but has been deleted. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an anti-virus or anti-malware scan. However, an associated orphaned registry entry remains and is telling Windows to load the file when you boot up. Since the file no longer exists, Windows will display an error message. You need to remove this registry entry so Windows stops searching for the file when it loads.

To resolve this, download Autoruns search for the related entry and then delete it.

Create a new folder on your hard drive called AutoRuns (C:\AutoRuns) and extract (unzip) the file there. (click here if you're not sure how to do this.)
Open the folder and double-click on autoruns.exe to launch it.
Please be patient as it scans and populates the entries.
When done scanning, it will say Ready at the bottom.
Scroll through the list and look for a startup entry related to the file(s) in the error message.
Right-click on the entry and choose delete. -->> FF5D97EB-D95B-6DDB-BAEE-38EF46EC8ET3.avi
Reboot your computer and see if the startup error returns.



We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.

Edited by boopme, 05 June 2012 - 09:10 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 SpaciousSpace

SpaciousSpace
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 05 June 2012 - 10:16 PM

It said that the page couldn't be loaded on Mozilla and chrome when I clicked the "download Autoruns".

"Nothing says sausage like sausage!"


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:37 PM

Posted 05 June 2012 - 10:25 PM

OK, then just move to the Prep Huide and they will have to vlear that there also.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 SpaciousSpace

SpaciousSpace
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Washington
  • Local time:07:37 PM

Posted 05 June 2012 - 11:35 PM

Okay. I made a new topic and followed the preparation guide. Should be set to go. Thanks for your help, by the way. You're totally awesome. (:

"Nothing says sausage like sausage!"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users