Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pum Hijack Startmenu


  • Please log in to reply
9 replies to this topic

#1 Bonjourno

Bonjourno

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 11 June 2012 - 11:32 AM

I believe I am infected with this. Everytime I start the computer there are tons of popups saying disk failure, scan now etc. I have run Malware in safe mode a few times and removed the 2 infections; however, the same problem occurs when I restart. Also tried a system restore which was unsuccessful. Any help is appreciated. Thanks in advance

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:17 PM

Posted 11 June 2012 - 11:45 AM

Boot into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Is youre files hidden?

#3 Bonjourno

Bonjourno
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 11 June 2012 - 04:53 PM

Yes it is hiding my files. Here are the text files:

TDSS:

13:16:53.0136 1072 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
13:16:53.0479 1072 ============================================================
13:16:53.0479 1072 Current date / time: 2012/06/11 13:16:53.0479
13:16:53.0479 1072 SystemInfo:
13:16:53.0479 1072
13:16:53.0479 1072 OS Version: 6.0.6002 ServicePack: 2.0
13:16:53.0479 1072 Product type: Workstation
13:16:53.0479 1072 ComputerName: DPT97
13:16:53.0479 1072 UserName: aglahn
13:16:53.0479 1072 Windows directory: C:\Windows
13:16:53.0479 1072 System windows directory: C:\Windows
13:16:53.0479 1072 Processor architecture: Intel x86
13:16:53.0479 1072 Number of processors: 2
13:16:53.0479 1072 Page size: 0x1000
13:16:53.0479 1072 Boot type: Safe boot with network
13:16:53.0479 1072 ============================================================
13:16:53.0900 1072 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:16:53.0900 1072 ============================================================
13:16:53.0900 1072 \Device\Harddisk0\DR0:
13:16:53.0900 1072 MBR partitions:
13:16:53.0900 1072 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x4E800, BlocksNum 0x400000
13:16:53.0900 1072 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x44E800, BlocksNum 0x125CAEB0
13:16:53.0900 1072 ============================================================
13:16:53.0932 1072 C: <-> \Device\Harddisk0\DR0\Partition1
13:16:53.0963 1072 D: <-> \Device\Harddisk0\DR0\Partition0
13:16:53.0963 1072 ============================================================
13:16:53.0963 1072 Initialize success
13:16:53.0963 1072 ============================================================
13:17:17.0285 1620 ============================================================
13:17:17.0285 1620 Scan started
13:17:17.0285 1620 Mode: Manual; TDLFS;
13:17:17.0285 1620 ============================================================
13:17:17.0722 1620 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:17:17.0722 1620 ACPI - ok
13:17:17.0909 1620 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:17:17.0924 1620 AdobeARMservice - ok
13:17:17.0956 1620 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
13:17:17.0956 1620 adp94xx - ok
13:17:18.0002 1620 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
13:17:18.0002 1620 adpahci - ok
13:17:18.0018 1620 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
13:17:18.0034 1620 adpu160m - ok
13:17:18.0065 1620 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
13:17:18.0065 1620 adpu320 - ok
13:17:18.0080 1620 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:17:18.0096 1620 AeLookupSvc - ok
13:17:18.0174 1620 AESTFilters (087b04ca45e2f059a55709b0b8f95ea9) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_505c1590\aestsrv.exe
13:17:18.0190 1620 AESTFilters - ok
13:17:18.0236 1620 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:17:18.0236 1620 AFD - ok
13:17:18.0268 1620 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
13:17:18.0268 1620 agp440 - ok
13:17:18.0283 1620 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:17:18.0283 1620 aic78xx - ok
13:17:18.0299 1620 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:17:18.0299 1620 ALG - ok
13:17:18.0330 1620 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
13:17:18.0330 1620 aliide - ok
13:17:18.0424 1620 alssvc (5e14e9877bb47babdcfb33cdcc4136ed) C:\Program Files\Dell\Ambient Light Sensor\AlsSvc.exe
13:17:18.0424 1620 alssvc - ok
13:17:18.0439 1620 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
13:17:18.0439 1620 amdagp - ok
13:17:18.0455 1620 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
13:17:18.0455 1620 amdide - ok
13:17:18.0486 1620 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
13:17:18.0486 1620 AmdK7 - ok
13:17:18.0502 1620 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
13:17:18.0502 1620 AmdK8 - ok
13:17:18.0548 1620 ApfiltrService (b83f9da84f7079451c1c6a4a2f140920) C:\Windows\system32\DRIVERS\Apfiltr.sys
13:17:18.0548 1620 ApfiltrService - ok
13:17:18.0564 1620 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:17:18.0564 1620 Appinfo - ok
13:17:18.0736 1620 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:17:18.0751 1620 Apple Mobile Device - ok
13:17:18.0798 1620 AppMgmt (0fe769cae5855b53c90e23f85e7e89ff) C:\Windows\System32\appmgmts.dll
13:17:18.0798 1620 AppMgmt - ok
13:17:18.0814 1620 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
13:17:18.0829 1620 arc - ok
13:17:18.0845 1620 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
13:17:18.0845 1620 arcsas - ok
13:17:18.0907 1620 ASFAgent (9ad6ef4d591211a93848103368125b41) C:\Program Files\Intel\ASF Agent\ASFAgent.exe
13:17:18.0907 1620 ASFAgent - ok
13:17:19.0048 1620 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:17:19.0094 1620 aspnet_state - ok
13:17:19.0110 1620 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:17:19.0110 1620 AsyncMac - ok
13:17:19.0126 1620 atapi (0d83c87a801a3dfcd1bf73893fe7518c) C:\Windows\system32\drivers\atapi.sys
13:17:19.0126 1620 atapi - ok
13:17:19.0188 1620 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:17:19.0188 1620 AudioEndpointBuilder - ok
13:17:19.0188 1620 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:17:19.0188 1620 Audiosrv - ok
13:17:19.0219 1620 BCM42RLY (50e7506911a528dc23d85f1eb56ced5d) C:\Windows\system32\drivers\BCM42RLY.sys
13:17:19.0219 1620 BCM42RLY - ok
13:17:19.0297 1620 BCM43XX (fa6707a346cd122407f3b0bad1c47639) C:\Windows\system32\DRIVERS\bcmwl6.sys
13:17:19.0297 1620 BCM43XX - ok
13:17:19.0313 1620 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:17:19.0313 1620 Beep - ok
13:17:19.0344 1620 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:17:19.0344 1620 BFE - ok
13:17:19.0406 1620 BITS (0d4a07e5ac9998e4b251d603c96d4f20) C:\Windows\System32\qmgr.dll
13:17:19.0484 1620 BITS - ok
13:17:19.0516 1620 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
13:17:19.0516 1620 blbdrive - ok
13:17:19.0687 1620 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
13:17:19.0687 1620 Bonjour Service - ok
13:17:19.0718 1620 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:17:19.0718 1620 bowser - ok
13:17:19.0734 1620 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:17:19.0734 1620 BrFiltLo - ok
13:17:19.0750 1620 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:17:19.0750 1620 BrFiltUp - ok
13:17:19.0781 1620 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:17:19.0781 1620 Browser - ok
13:17:19.0843 1620 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:17:19.0843 1620 Brserid - ok
13:17:19.0859 1620 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:17:19.0859 1620 BrSerWdm - ok
13:17:19.0874 1620 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:17:19.0874 1620 BrUsbMdm - ok
13:17:19.0890 1620 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:17:19.0890 1620 BrUsbSer - ok
13:17:19.0906 1620 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:17:19.0906 1620 BTHMODEM - ok
13:17:19.0984 1620 buttonsvc32 (81a395aab3c606d5f1667cc5fc02b3d2) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
13:17:19.0984 1620 buttonsvc32 - ok
13:17:20.0062 1620 CcmExec (a454a9baa25b8c8e76735dd86bd4b017) C:\Windows\system32\CCM\CcmExec.exe
13:17:20.0108 1620 CcmExec - ok
13:17:20.0264 1620 ccmsetup (377e8bbfc64ac5dcf71b97b7fd9c3034) C:\Windows\system32\ccmsetup\ccmsetup.exe
13:17:20.0264 1620 ccmsetup - ok
13:17:20.0483 1620 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:17:20.0483 1620 cdfs - ok
13:17:20.0514 1620 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:17:20.0514 1620 cdrom - ok
13:17:20.0561 1620 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:17:20.0561 1620 CertPropSvc - ok
13:17:20.0592 1620 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
13:17:20.0592 1620 circlass - ok
13:17:21.0107 1620 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:17:21.0107 1620 CLFS - ok
13:17:21.0154 1620 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:17:21.0154 1620 clr_optimization_v2.0.50727_32 - ok
13:17:21.0247 1620 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:17:21.0388 1620 clr_optimization_v4.0.30319_32 - ok
13:17:21.0419 1620 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
13:17:21.0419 1620 CmBatt - ok
13:17:21.0434 1620 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
13:17:21.0450 1620 cmdide - ok
13:17:21.0466 1620 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
13:17:21.0466 1620 Compbatt - ok
13:17:21.0466 1620 COMSysApp - ok
13:17:21.0497 1620 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
13:17:21.0497 1620 crcdisk - ok
13:17:21.0575 1620 Credential Vault Host Control Service (85d37efa93b2267ab6abf8a54735ab22) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
13:17:21.0606 1620 Credential Vault Host Control Service - ok
13:17:21.0606 1620 Credential Vault Host Storage (97ccce5d6e54a044636a6c7552fa59e5) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
13:17:21.0606 1620 Credential Vault Host Storage - ok
13:17:21.0637 1620 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
13:17:21.0637 1620 Crusoe - ok
13:17:21.0684 1620 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
13:17:21.0684 1620 CryptSvc - ok
13:17:21.0746 1620 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
13:17:21.0746 1620 CSC - ok
13:17:21.0824 1620 CscService (0a2095f92f6ae4fe6484d911b0c21e95) C:\Windows\System32\cscsvc.dll
13:17:21.0840 1620 CscService - ok
13:17:21.0918 1620 ctxusbm (cb6ff7012bb5d59d7c12350db795ce1f) C:\Windows\system32\DRIVERS\ctxusbm.sys
13:17:21.0918 1620 ctxusbm - ok
13:17:21.0934 1620 cvusbdrv (a95d9b8d882adf93ef40d7dc9b9bb508) C:\Windows\system32\Drivers\cvusbdrv.sys
13:17:21.0934 1620 cvusbdrv - ok
13:17:22.0027 1620 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:17:22.0027 1620 DcomLaunch - ok
13:17:22.0136 1620 dcpsysmgrsvc (ac514a1ce72716ad2e93e34ab234831b) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
13:17:22.0152 1620 dcpsysmgrsvc - ok
13:17:22.0168 1620 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:17:22.0168 1620 DfsC - ok
13:17:22.0292 1620 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:17:22.0339 1620 DFSR - ok
13:17:22.0480 1620 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:17:22.0480 1620 Dhcp - ok
13:17:22.0542 1620 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:17:22.0542 1620 disk - ok
13:17:22.0604 1620 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:17:22.0604 1620 Dnscache - ok
13:17:22.0620 1620 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:17:22.0620 1620 dot3svc - ok
13:17:22.0636 1620 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:17:22.0651 1620 DPS - ok
13:17:22.0682 1620 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:17:22.0682 1620 drmkaud - ok
13:17:22.0760 1620 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
13:17:22.0760 1620 DXGKrnl - ok
13:17:22.0792 1620 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
13:17:22.0807 1620 e1express - ok
13:17:22.0823 1620 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:17:22.0823 1620 E1G60 - ok
13:17:22.0854 1620 e1yexpress (660d34b47e65f8542dd4a573a0c11a74) C:\Windows\system32\DRIVERS\e1y6032.sys
13:17:22.0854 1620 e1yexpress - ok
13:17:22.0870 1620 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:17:22.0870 1620 EapHost - ok
13:17:22.0885 1620 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:17:22.0885 1620 Ecache - ok
13:17:22.0948 1620 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:17:22.0948 1620 ehRecvr - ok
13:17:22.0963 1620 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:17:22.0963 1620 ehSched - ok
13:17:22.0979 1620 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:17:22.0979 1620 ehstart - ok
13:17:23.0010 1620 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
13:17:23.0010 1620 elxstor - ok
13:17:23.0057 1620 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:17:23.0057 1620 EMDMgmt - ok
13:17:23.0072 1620 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
13:17:23.0072 1620 ErrDev - ok
13:17:23.0135 1620 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:17:23.0150 1620 EventSystem - ok
13:17:23.0166 1620 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:17:23.0166 1620 exfat - ok
13:17:23.0228 1620 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:17:23.0228 1620 fastfat - ok
13:17:23.0275 1620 Fax (dfba0f60fa301e5b1bfb1403a93ee23e) C:\Windows\system32\fxssvc.exe
13:17:23.0291 1620 Fax - ok
13:17:23.0322 1620 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
13:17:23.0338 1620 fdc - ok
13:17:23.0338 1620 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:17:23.0338 1620 fdPHost - ok
13:17:23.0338 1620 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:17:23.0338 1620 FDResPub - ok
13:17:23.0369 1620 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:17:23.0369 1620 FileInfo - ok
13:17:23.0384 1620 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:17:23.0384 1620 Filetrace - ok
13:17:23.0400 1620 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
13:17:23.0400 1620 flpydisk - ok
13:17:23.0416 1620 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:17:23.0431 1620 FltMgr - ok
13:17:23.0540 1620 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
13:17:23.0556 1620 FontCache - ok
13:17:23.0634 1620 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:17:23.0650 1620 FontCache3.0.0.0 - ok
13:17:23.0665 1620 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:17:23.0665 1620 Fs_Rec - ok
13:17:23.0681 1620 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys
13:17:23.0696 1620 fvevol - ok
13:17:23.0712 1620 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
13:17:23.0712 1620 gagp30kx - ok
13:17:23.0728 1620 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:17:23.0728 1620 GEARAspiWDM - ok
13:17:23.0774 1620 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:17:23.0774 1620 gpsvc - ok
13:17:23.0915 1620 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:17:23.0946 1620 gupdate - ok
13:17:23.0962 1620 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:17:23.0962 1620 gupdatem - ok
13:17:23.0993 1620 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
13:17:23.0993 1620 gusvc - ok
13:17:24.0024 1620 HBtnKey (91056a89a67e0081a4924d31ad3bc83b) C:\Windows\system32\drivers\hbtnkey.sys
13:17:24.0040 1620 HBtnKey - ok
13:17:24.0102 1620 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:17:24.0102 1620 HDAudBus - ok
13:17:24.0133 1620 HECI (2df64415a28ce036ac6acec7645a996f) C:\Windows\system32\drivers\heci.sys
13:17:24.0133 1620 HECI - ok
13:17:24.0180 1620 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:17:24.0180 1620 HidBth - ok
13:17:24.0196 1620 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:17:24.0196 1620 HidIr - ok
13:17:24.0242 1620 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
13:17:24.0242 1620 hidserv - ok
13:17:24.0274 1620 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
13:17:24.0274 1620 HidUsb - ok
13:17:24.0305 1620 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:17:24.0305 1620 hkmsvc - ok
13:17:24.0320 1620 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
13:17:24.0320 1620 HpCISSs - ok
13:17:24.0383 1620 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:17:24.0383 1620 HTTP - ok
13:17:24.0398 1620 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
13:17:24.0398 1620 i2omp - ok
13:17:24.0445 1620 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:17:24.0445 1620 i8042prt - ok
13:17:24.0523 1620 IAANTMON (f79525634b192f5a18de503568f94ef3) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:17:24.0539 1620 IAANTMON - ok
13:17:24.0586 1620 iaStor (baabb0301949774a66b955c65319635a) C:\Windows\system32\drivers\iastor.sys
13:17:24.0586 1620 iaStor - ok
13:17:24.0632 1620 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:17:24.0632 1620 iaStorV - ok
13:17:24.0726 1620 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:17:24.0757 1620 idsvc - ok
13:17:24.0788 1620 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:17:24.0788 1620 iirsp - ok
13:17:24.0851 1620 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:17:24.0851 1620 IKEEXT - ok
13:17:24.0866 1620 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:17:24.0866 1620 intelide - ok
13:17:24.0882 1620 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:17:24.0882 1620 intelppm - ok
13:17:24.0913 1620 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:17:24.0913 1620 IPBusEnum - ok
13:17:24.0929 1620 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:17:24.0944 1620 IpFilterDriver - ok
13:17:25.0007 1620 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:17:25.0007 1620 iphlpsvc - ok
13:17:25.0007 1620 IpInIp - ok
13:17:25.0038 1620 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
13:17:25.0038 1620 IPMIDRV - ok
13:17:25.0054 1620 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:17:25.0054 1620 IPNAT - ok
13:17:25.0178 1620 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
13:17:25.0194 1620 iPod Service - ok
13:17:25.0225 1620 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:17:25.0225 1620 IRENUM - ok
13:17:25.0256 1620 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
13:17:25.0256 1620 isapnp - ok
13:17:25.0303 1620 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:17:25.0303 1620 iScsiPrt - ok
13:17:25.0319 1620 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:17:25.0319 1620 iteatapi - ok
13:17:25.0334 1620 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:17:25.0334 1620 iteraid - ok
13:17:25.0366 1620 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:17:25.0366 1620 kbdclass - ok
13:17:25.0381 1620 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
13:17:25.0381 1620 kbdhid - ok
13:17:25.0428 1620 KeyIso (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:17:25.0428 1620 KeyIso - ok
13:17:25.0459 1620 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
13:17:25.0459 1620 KSecDD - ok
13:17:25.0490 1620 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:17:25.0506 1620 KtmRm - ok
13:17:25.0568 1620 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
13:17:25.0568 1620 LanmanServer - ok
13:17:25.0615 1620 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:17:25.0631 1620 LanmanWorkstation - ok
13:17:25.0646 1620 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:17:25.0662 1620 lltdio - ok
13:17:25.0678 1620 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:17:25.0709 1620 lltdsvc - ok
13:17:25.0756 1620 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:17:25.0771 1620 lmhosts - ok
13:17:25.0787 1620 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
13:17:25.0802 1620 LSI_FC - ok
13:17:25.0818 1620 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
13:17:25.0818 1620 LSI_SAS - ok
13:17:25.0834 1620 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
13:17:25.0834 1620 LSI_SCSI - ok
13:17:25.0849 1620 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:17:25.0849 1620 luafv - ok
13:17:25.0927 1620 McAfee SiteAdvisor Enterprise Service (d4bb67a47348f7b9592497122c954e6a) C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
13:17:25.0927 1620 McAfee SiteAdvisor Enterprise Service - ok
13:17:25.0958 1620 McAfeeEngineService (02d0efabb5b71005143c320daf7a0515) C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe
13:17:25.0958 1620 McAfeeEngineService - ok
13:17:25.0990 1620 McAfeeFramework (39e75f7e4c913587c399016c2f29315e) C:\Program Files\McAfee\Common Framework\FrameworkService.exe
13:17:26.0021 1620 McAfeeFramework - ok
13:17:26.0068 1620 McShield (a88c0e2b549734349dc6152b4fe07397) C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
13:17:26.0068 1620 McShield - ok
13:17:26.0083 1620 McTaskManager (3077feefa81b025390092f7fbf2b51c5) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
13:17:26.0083 1620 McTaskManager - ok
13:17:26.0114 1620 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:17:26.0114 1620 Mcx2Svc - ok
13:17:26.0130 1620 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
13:17:26.0130 1620 megasas - ok
13:17:26.0161 1620 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
13:17:26.0177 1620 MegaSR - ok
13:17:26.0192 1620 mfeapfk (a8d2c54c2f71f5cba7ca2734341e57e6) C:\Windows\system32\drivers\mfeapfk.sys
13:17:26.0208 1620 mfeapfk - ok
13:17:26.0208 1620 mfeavfk (28bb783d85df19e9e007e81daf40adcc) C:\Windows\system32\drivers\mfeavfk.sys
13:17:26.0224 1620 mfeavfk - ok
13:17:26.0239 1620 mfebopk (8e43e242073e9db5aa165ebe273ffd09) C:\Windows\system32\drivers\mfebopk.sys
13:17:26.0239 1620 mfebopk - ok
13:17:26.0270 1620 mfehidk (e94d35a2a9b175b34b995ab37216c73e) C:\Windows\system32\drivers\mfehidk.sys
13:17:26.0270 1620 mfehidk - ok
13:17:26.0286 1620 mferkdet (f68c9cda15114b360727fe622e4aec6f) C:\Windows\system32\drivers\mferkdet.sys
13:17:26.0286 1620 mferkdet - ok
13:17:26.0333 1620 mfetdik (78efa6fd2a486c476045eaa1d2f218b7) C:\Windows\system32\drivers\mfetdik.sys
13:17:26.0333 1620 mfetdik - ok
13:17:26.0348 1620 mfevtp (4a736798c76e6bb2cf8224dce34aa480) C:\Windows\system32\mfevtps.exe
13:17:26.0348 1620 mfevtp - ok
13:17:26.0426 1620 Microsoft Office Groove Audit Service (7c4c76b39d5525c4a465e0be32528e19) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:17:26.0426 1620 Microsoft Office Groove Audit Service - ok
13:17:26.0458 1620 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:17:26.0458 1620 MMCSS - ok
13:17:26.0489 1620 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:17:26.0489 1620 Modem - ok
13:17:26.0504 1620 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:17:26.0504 1620 monitor - ok
13:17:26.0520 1620 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:17:26.0520 1620 mouclass - ok
13:17:26.0536 1620 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:17:26.0536 1620 mouhid - ok
13:17:26.0551 1620 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:17:26.0551 1620 MountMgr - ok
13:17:26.0582 1620 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
13:17:26.0582 1620 mpio - ok
13:17:26.0598 1620 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:17:26.0598 1620 mpsdrv - ok
13:17:26.0660 1620 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:17:26.0660 1620 MpsSvc - ok
13:17:26.0692 1620 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:17:26.0692 1620 Mraid35x - ok
13:17:26.0723 1620 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:17:26.0723 1620 MRxDAV - ok
13:17:26.0785 1620 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:17:26.0785 1620 mrxsmb - ok
13:17:26.0832 1620 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:17:26.0832 1620 mrxsmb10 - ok
13:17:26.0879 1620 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:17:26.0879 1620 mrxsmb20 - ok
13:17:26.0910 1620 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys
13:17:26.0910 1620 msahci - ok
13:17:26.0926 1620 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
13:17:26.0926 1620 msdsm - ok
13:17:26.0972 1620 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:17:26.0972 1620 MSDTC - ok
13:17:26.0988 1620 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:17:26.0988 1620 Msfs - ok
13:17:27.0004 1620 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:17:27.0004 1620 msisadrv - ok
13:17:27.0019 1620 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:17:27.0035 1620 MSiSCSI - ok
13:17:27.0035 1620 msiserver - ok
13:17:27.0066 1620 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:17:27.0066 1620 MSKSSRV - ok
13:17:27.0082 1620 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:17:27.0082 1620 MSPCLOCK - ok
13:17:27.0097 1620 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:17:27.0097 1620 MSPQM - ok
13:17:27.0144 1620 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:17:27.0144 1620 MsRPC - ok
13:17:27.0175 1620 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:17:27.0175 1620 mssmbios - ok
13:17:27.0175 1620 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:17:27.0175 1620 MSTEE - ok
13:17:27.0175 1620 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:17:27.0191 1620 Mup - ok
13:17:27.0206 1620 NAL (a467e1deb3bb2b57426c8a5993ba933e) C:\Windows\system32\Drivers\iqvw32.sys
13:17:27.0206 1620 NAL - ok
13:17:27.0284 1620 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:17:27.0284 1620 napagent - ok
13:17:27.0331 1620 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:17:27.0331 1620 NativeWifiP - ok
13:17:27.0409 1620 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:17:27.0409 1620 NDIS - ok
13:17:27.0440 1620 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:17:27.0440 1620 NdisTapi - ok
13:17:27.0456 1620 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:17:27.0456 1620 Ndisuio - ok
13:17:27.0472 1620 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:17:27.0472 1620 NdisWan - ok
13:17:27.0487 1620 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:17:27.0487 1620 NDProxy - ok
13:17:27.0534 1620 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:17:27.0534 1620 NetBIOS - ok
13:17:27.0550 1620 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:17:27.0550 1620 netbt - ok
13:17:27.0596 1620 Netlogon (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:17:27.0596 1620 Netlogon - ok
13:17:27.0690 1620 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:17:27.0706 1620 Netman - ok
13:17:27.0815 1620 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:17:27.0846 1620 NetMsmqActivator - ok
13:17:27.0846 1620 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:17:27.0846 1620 NetPipeActivator - ok
13:17:27.0877 1620 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:17:27.0877 1620 netprofm - ok
13:17:27.0893 1620 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:17:27.0893 1620 NetTcpActivator - ok
13:17:27.0893 1620 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:17:27.0893 1620 NetTcpPortSharing - ok
13:17:27.0908 1620 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:17:27.0908 1620 nfrd960 - ok
13:17:27.0940 1620 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:17:27.0940 1620 NlaSvc - ok
13:17:27.0986 1620 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:17:27.0986 1620 Npfs - ok
13:17:28.0002 1620 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:17:28.0002 1620 nsi - ok
13:17:28.0002 1620 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:17:28.0002 1620 nsiproxy - ok
13:17:28.0096 1620 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:17:28.0127 1620 Ntfs - ok
13:17:28.0142 1620 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:17:28.0158 1620 ntrigdigi - ok
13:17:28.0158 1620 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:17:28.0158 1620 Null - ok
13:17:28.0439 1620 nvlddmkm (f352098854d84183444c0d563a02a958) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:17:28.0548 1620 nvlddmkm - ok
13:17:28.0657 1620 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
13:17:28.0657 1620 nvraid - ok
13:17:28.0657 1620 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
13:17:28.0657 1620 nvstor - ok
13:17:28.0688 1620 nvsvc (98750e065684a239cc0bce78797676b6) C:\Windows\system32\nvvsvc.exe
13:17:28.0688 1620 nvsvc - ok
13:17:28.0688 1620 NvtSp50 - ok
13:17:28.0704 1620 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
13:17:28.0720 1620 nv_agp - ok
13:17:28.0720 1620 NwlnkFlt - ok
13:17:28.0720 1620 NwlnkFwd - ok
13:17:28.0813 1620 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:17:28.0813 1620 odserv - ok
13:17:28.0860 1620 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
13:17:28.0860 1620 ohci1394 - ok
13:17:28.0907 1620 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:17:28.0907 1620 ose - ok
13:17:28.0969 1620 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:17:28.0969 1620 p2pimsvc - ok
13:17:28.0985 1620 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:17:28.0985 1620 p2psvc - ok
13:17:29.0016 1620 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:17:29.0016 1620 Parport - ok
13:17:29.0047 1620 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:17:29.0047 1620 partmgr - ok
13:17:29.0063 1620 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:17:29.0063 1620 Parvdm - ok
13:17:29.0094 1620 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys
13:17:29.0094 1620 PBADRV - ok
13:17:29.0125 1620 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:17:29.0125 1620 PcaSvc - ok
13:17:29.0172 1620 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:17:29.0188 1620 pci - ok
13:17:29.0203 1620 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
13:17:29.0203 1620 pciide - ok
13:17:29.0297 1620 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
13:17:29.0297 1620 pcmcia - ok
13:17:29.0359 1620 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:17:29.0375 1620 PEAUTH - ok
13:17:29.0453 1620 PeerDistSvc (d6d0971ba3055645294a13baf6031ca0) C:\Windows\system32\peerdistsvc.dll
13:17:29.0468 1620 PeerDistSvc - ok
13:17:29.0531 1620 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:17:29.0562 1620 pla - ok
13:17:29.0671 1620 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:17:29.0671 1620 PlugPlay - ok
13:17:29.0749 1620 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:17:29.0749 1620 PNRPAutoReg - ok
13:17:29.0749 1620 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:17:29.0765 1620 PNRPsvc - ok
13:17:29.0827 1620 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:17:29.0827 1620 PolicyAgent - ok
13:17:29.0874 1620 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:17:29.0874 1620 PptpMiniport - ok
13:17:29.0936 1620 prepdrvr (2a4514a9233d35a355f569ff8b8f6240) C:\Windows\system32\CCM\prepdrv.sys
13:17:29.0999 1620 prepdrvr - ok
13:17:30.0030 1620 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
13:17:30.0030 1620 Processor - ok
13:17:30.0077 1620 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:17:30.0077 1620 ProfSvc - ok
13:17:30.0124 1620 ProtectedStorage (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:17:30.0124 1620 ProtectedStorage - ok
13:17:30.0139 1620 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:17:30.0139 1620 PSched - ok
13:17:30.0170 1620 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys
13:17:30.0170 1620 PxHelp20 - ok
13:17:30.0233 1620 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
13:17:30.0248 1620 ql2300 - ok
13:17:30.0280 1620 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:17:30.0280 1620 ql40xx - ok
13:17:30.0311 1620 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:17:30.0311 1620 QWAVE - ok
13:17:30.0342 1620 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:17:30.0342 1620 QWAVEdrv - ok
13:17:30.0467 1620 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys
13:17:30.0514 1620 R300 - ok
13:17:30.0623 1620 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:17:30.0623 1620 RasAcd - ok
13:17:30.0638 1620 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:17:30.0638 1620 RasAuto - ok
13:17:30.0654 1620 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:17:30.0654 1620 Rasl2tp - ok
13:17:30.0716 1620 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:17:30.0716 1620 RasMan - ok
13:17:30.0763 1620 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:17:30.0763 1620 RasPppoe - ok
13:17:30.0763 1620 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:17:30.0763 1620 RasSstp - ok
13:17:30.0826 1620 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:17:30.0826 1620 rdbss - ok
13:17:30.0826 1620 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:17:30.0826 1620 RDPCDD - ok
13:17:30.0872 1620 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
13:17:30.0888 1620 rdpdr - ok
13:17:30.0888 1620 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:17:30.0888 1620 RDPENCDD - ok
13:17:30.0935 1620 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:17:30.0935 1620 RDPWD - ok
13:17:30.0966 1620 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:17:30.0966 1620 RemoteAccess - ok
13:17:30.0982 1620 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:17:30.0982 1620 RemoteRegistry - ok
13:17:31.0013 1620 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
13:17:31.0013 1620 rimmptsk - ok
13:17:31.0028 1620 rimsptsk (c398bca91216755b098679a8da8a2300) C:\Windows\system32\drivers\rimsptsk.sys
13:17:31.0028 1620 rimsptsk - ok
13:17:31.0044 1620 rismxdp (2a2554cb24506e0a0508fc395c4a1b42) C:\Windows\system32\drivers\rixdptsk.sys
13:17:31.0044 1620 rismxdp - ok
13:17:31.0060 1620 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:17:31.0075 1620 RpcLocator - ok
13:17:31.0138 1620 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:17:31.0138 1620 RpcSs - ok
13:17:31.0153 1620 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:17:31.0153 1620 rspndr - ok
13:17:31.0153 1620 SamSs (3978f3540329e16c0ac3bcf677e5669f) C:\Windows\system32\lsass.exe
13:17:31.0153 1620 SamSs - ok
13:17:31.0184 1620 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:17:31.0184 1620 sbp2port - ok
13:17:31.0216 1620 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:17:31.0216 1620 SCardSvr - ok
13:17:31.0278 1620 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:17:31.0278 1620 Schedule - ok
13:17:31.0340 1620 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:17:31.0340 1620 SCPolicySvc - ok
13:17:31.0387 1620 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
13:17:31.0387 1620 sdbus - ok
13:17:31.0418 1620 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:17:31.0418 1620 SDRSVC - ok
13:17:31.0434 1620 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:17:31.0434 1620 secdrv - ok
13:17:31.0434 1620 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:17:31.0434 1620 seclogon - ok
13:17:31.0559 1620 SecureStorageService (27d53cd650cc77123faf2f07023dabc7) C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
13:17:31.0574 1620 SecureStorageService - ok
13:17:31.0574 1620 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
13:17:31.0590 1620 SENS - ok
13:17:31.0637 1620 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
13:17:31.0637 1620 Serenum - ok
13:17:31.0699 1620 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
13:17:31.0715 1620 Serial - ok
13:17:31.0746 1620 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:17:31.0762 1620 sermouse - ok
13:17:31.0793 1620 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:17:31.0793 1620 SessionEnv - ok
13:17:31.0808 1620 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
13:17:31.0824 1620 sffdisk - ok
13:17:31.0824 1620 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
13:17:31.0840 1620 sffp_mmc - ok
13:17:31.0871 1620 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:17:31.0871 1620 sffp_sd - ok
13:17:31.0886 1620 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:17:31.0902 1620 sfloppy - ok
13:17:31.0949 1620 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:17:31.0949 1620 SharedAccess - ok
13:17:31.0996 1620 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:17:31.0996 1620 ShellHWDetection - ok
13:17:32.0011 1620 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
13:17:32.0011 1620 sisagp - ok
13:17:32.0027 1620 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
13:17:32.0027 1620 SiSRaid2 - ok
13:17:32.0042 1620 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
13:17:32.0042 1620 SiSRaid4 - ok
13:17:32.0198 1620 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:17:32.0261 1620 slsvc - ok
13:17:32.0386 1620 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:17:32.0401 1620 SLUINotify - ok
13:17:32.0432 1620 SMARTVHidMini2000x86 (41759063f75407d91472d8f47c4f0fac) C:\Windows\system32\DRIVERS\SMARTVHidMini2000x86.sys
13:17:32.0432 1620 SMARTVHidMini2000x86 - ok
13:17:32.0495 1620 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:17:32.0495 1620 Smb - ok
13:17:32.0573 1620 SMManager (b0bf6833849bfa70f42e1e22dee476f8) C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
13:17:32.0573 1620 SMManager - ok
13:17:32.0604 1620 smstsmgr - ok
13:17:32.0620 1620 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:17:32.0620 1620 SNMPTRAP - ok
13:17:32.0635 1620 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:17:32.0635 1620 spldr - ok
13:17:32.0698 1620 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:17:32.0698 1620 Spooler - ok
13:17:32.0729 1620 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:17:32.0744 1620 srv - ok
13:17:32.0791 1620 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:17:32.0791 1620 srv2 - ok
13:17:32.0807 1620 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:17:32.0807 1620 srvnet - ok
13:17:32.0854 1620 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:17:32.0854 1620 SSDPSRV - ok
13:17:32.0869 1620 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:17:32.0869 1620 SstpSvc - ok
13:17:32.0932 1620 STacSV (cb2449150a5ea17caa0b94363d9440cc) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_505c1590\STacSV.exe
13:17:32.0947 1620 STacSV - ok
13:17:32.0978 1620 STHDA (14a9ad287fda70a06463e09c4328c1f2) C:\Windows\system32\DRIVERS\stwrt.sys
13:17:32.0978 1620 STHDA - ok
13:17:33.0072 1620 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:17:33.0088 1620 stisvc - ok
13:17:33.0150 1620 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
13:17:33.0150 1620 stllssvr - ok
13:17:33.0212 1620 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:17:33.0212 1620 swenum - ok
13:17:33.0275 1620 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:17:33.0275 1620 swprv - ok
13:17:33.0290 1620 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:17:33.0290 1620 Symc8xx - ok
13:17:33.0306 1620 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:17:33.0306 1620 Sym_hi - ok
13:17:33.0322 1620 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:17:33.0322 1620 Sym_u3 - ok
13:17:33.0353 1620 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:17:33.0368 1620 SysMain - ok
13:17:33.0400 1620 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:17:33.0415 1620 TabletInputService - ok
13:17:33.0462 1620 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:17:33.0462 1620 TapiSrv - ok
13:17:33.0478 1620 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:17:33.0478 1620 TBS - ok
13:17:33.0556 1620 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
13:17:33.0571 1620 Tcpip - ok
13:17:33.0571 1620 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
13:17:33.0587 1620 Tcpip6 - ok
13:17:33.0618 1620 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:17:33.0618 1620 tcpipreg - ok
13:17:33.0727 1620 tcsd_win32.exe (69f1a38a6dbfe682491cb61a596662e3) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
13:17:33.0758 1620 tcsd_win32.exe - ok
13:17:33.0852 1620 TdmService (b6cae7741addce1d57b65e015751a274) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
13:17:33.0852 1620 TdmService - ok
13:17:33.0961 1620 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:17:33.0961 1620 TDPIPE - ok
13:17:33.0977 1620 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:17:33.0977 1620 TDTCP - ok
13:17:34.0024 1620 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:17:34.0024 1620 tdx - ok
13:17:34.0039 1620 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:17:34.0039 1620 TermDD - ok
13:17:34.0102 1620 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:17:34.0102 1620 TermService - ok
13:17:34.0148 1620 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:17:34.0148 1620 Themes - ok
13:17:34.0180 1620 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:17:34.0180 1620 THREADORDER - ok
13:17:34.0195 1620 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:17:34.0195 1620 TrkWks - ok
13:17:34.0242 1620 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:17:34.0242 1620 TrustedInstaller - ok
13:17:34.0258 1620 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:17:34.0258 1620 tssecsrv - ok
13:17:34.0273 1620 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:17:34.0273 1620 tunmp - ok
13:17:34.0320 1620 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:17:34.0320 1620 tunnel - ok
13:17:34.0336 1620 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
13:17:34.0336 1620 uagp35 - ok
13:17:34.0398 1620 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:17:34.0398 1620 udfs - ok
13:17:34.0414 1620 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:17:34.0414 1620 UI0Detect - ok
13:17:34.0429 1620 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
13:17:34.0429 1620 uliagpkx - ok
13:17:34.0460 1620 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
13:17:34.0460 1620 uliahci - ok
13:17:34.0492 1620 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:17:34.0492 1620 UlSata - ok
13:17:34.0507 1620 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:17:34.0507 1620 ulsata2 - ok
13:17:34.0538 1620 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:17:34.0538 1620 umbus - ok
13:17:34.0538 1620 UmRdpService (8a66360f38f81e960e2367b428cbd5d9) C:\Windows\System32\umrdp.dll
13:17:34.0554 1620 UmRdpService - ok
13:17:34.0570 1620 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:17:34.0570 1620 upnphost - ok
13:17:34.0616 1620 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
13:17:34.0616 1620 USBAAPL - ok
13:17:34.0663 1620 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:17:34.0663 1620 usbccgp - ok
13:17:34.0679 1620 USBCCID (6b5e4d5e6e5ecd6acd14aed59768ce5c) C:\Windows\system32\DRIVERS\usbccid.sys
13:17:34.0679 1620 USBCCID - ok
13:17:34.0694 1620 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:17:34.0694 1620 usbcir - ok
13:17:34.0726 1620 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:17:34.0726 1620 usbehci - ok
13:17:34.0772 1620 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:17:34.0772 1620 usbhub - ok
13:17:34.0804 1620 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:17:34.0804 1620 usbohci - ok
13:17:34.0866 1620 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:17:34.0866 1620 usbprint - ok
13:17:34.0897 1620 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:17:34.0897 1620 usbscan - ok
13:17:34.0913 1620 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:17:34.0913 1620 USBSTOR - ok
13:17:34.0960 1620 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:17:34.0960 1620 usbuhci - ok
13:17:35.0006 1620 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:17:35.0006 1620 UxSms - ok
13:17:35.0022 1620 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:17:35.0038 1620 vds - ok
13:17:35.0038 1620 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
13:17:35.0053 1620 vga - ok
13:17:35.0053 1620 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:17:35.0053 1620 VgaSave - ok
13:17:35.0069 1620 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
13:17:35.0069 1620 viaagp - ok
13:17:35.0084 1620 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
13:17:35.0084 1620 ViaC7 - ok
13:17:35.0100 1620 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
13:17:35.0100 1620 viaide - ok
13:17:35.0116 1620 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:17:35.0116 1620 volmgr - ok
13:17:35.0162 1620 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:17:35.0162 1620 volmgrx - ok
13:17:35.0209 1620 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:17:35.0209 1620 volsnap - ok
13:17:35.0240 1620 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
13:17:35.0240 1620 vsmraid - ok
13:17:35.0318 1620 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:17:35.0334 1620 VSS - ok
13:17:35.0365 1620 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:17:35.0365 1620 W32Time - ok
13:17:35.0428 1620 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:17:35.0428 1620 WacomPen - ok
13:17:35.0443 1620 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:17:35.0443 1620 Wanarp - ok
13:17:35.0443 1620 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:17:35.0443 1620 Wanarpv6 - ok
13:17:35.0474 1620 WavxDMgr (ab0b2678eb3f4536a2241c3f0da9eb36) C:\Windows\system32\DRIVERS\WavxDMgr.sys
13:17:35.0490 1620 WavxDMgr - ok
13:17:35.0521 1620 wbengine (20b23332885dfb93fe0185362ee811e9) C:\Windows\system32\wbengine.exe
13:17:35.0537 1620 wbengine - ok
13:17:35.0568 1620 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
13:17:35.0568 1620 wcncsvc - ok
13:17:35.0599 1620 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:17:35.0599 1620 WcsPlugInService - ok
13:17:35.0615 1620 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
13:17:35.0630 1620 Wd - ok
13:17:35.0677 1620 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:17:35.0677 1620 Wdf01000 - ok
13:17:35.0708 1620 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:17:35.0708 1620 WdiServiceHost - ok
13:17:35.0724 1620 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:17:35.0724 1620 WdiSystemHost - ok
13:17:35.0786 1620 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
13:17:35.0786 1620 WebClient - ok
13:17:35.0833 1620 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
13:17:35.0833 1620 Wecsvc - ok
13:17:35.0849 1620 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:17:35.0849 1620 wercplsupport - ok
13:17:35.0896 1620 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
13:17:35.0896 1620 WerSvc - ok
13:17:35.0974 1620 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
13:17:35.0974 1620 WinDefend - ok
13:17:35.0974 1620 WinHttpAutoProxySvc - ok
13:17:36.0052 1620 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
13:17:36.0052 1620 Winmgmt - ok
13:17:36.0145 1620 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
13:17:36.0176 1620 WinRM - ok
13:17:36.0239 1620 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
13:17:36.0254 1620 Wlansvc - ok
13:17:36.0254 1620 wltrysvc - ok
13:17:36.0301 1620 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:17:36.0301 1620 WmiAcpi - ok
13:17:36.0348 1620 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
13:17:36.0348 1620 wmiApSrv - ok
13:17:36.0395 1620 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:17:36.0410 1620 WMPNetworkSvc - ok
13:17:36.0473 1620 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
13:17:36.0473 1620 WPCSvc - ok
13:17:36.0520 1620 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
13:17:36.0520 1620 WPDBusEnum - ok
13:17:36.0598 1620 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:17:36.0598 1620 WpdUsb - ok
13:17:36.0754 1620 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:17:36.0754 1620 WPFFontCache_v0400 - ok
13:17:36.0769 1620 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:17:36.0785 1620 ws2ifsl - ok
13:17:36.0816 1620 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
13:17:36.0816 1620 wscsvc - ok
13:17:36.0816 1620 WSearch - ok
13:17:36.0910 1620 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
13:17:36.0956 1620 wuauserv - ok
13:17:37.0050 1620 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:17:37.0050 1620 WUDFRd - ok
13:17:37.0081 1620 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
13:17:37.0097 1620 wudfsvc - ok
13:17:37.0097 1620 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:17:37.0456 1620 \Device\Harddisk0\DR0 - ok
13:17:37.0456 1620 Boot (0x1200) (108ce4d2a7546acc0d94a580241fe349) \Device\Harddisk0\DR0\Partition0
13:17:37.0456 1620 \Device\Harddisk0\DR0\Partition0 - ok
13:17:37.0487 1620 Boot (0x1200) (cfe4d3ef572350a27e203cdb2bbcd2d1) \Device\Harddisk0\DR0\Partition1
13:17:37.0487 1620 \Device\Harddisk0\DR0\Partition1 - ok
13:17:37.0487 1620 ============================================================
13:17:37.0487 1620 Scan finished
13:17:37.0487 1620 ============================================================
13:17:37.0502 0456 Detected object count: 0
13:17:37.0502 0456 Actual detected object count: 0
13:18:00.0419 0712 Deinitialize success

aswMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-11 13:47:12
-----------------------------
13:47:12.970 OS Version: Windows 6.0.6002 Service Pack 2
13:47:12.970 Number of processors: 2 586 0x170A
13:47:12.970 ComputerName: DPT97 UserName:
13:47:13.828 Initialize success
13:47:17.306 AVAST engine defs: 12061100
13:48:13.669 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:48:13.669 Disk 0 Vendor: ST916041 DE17 Size: 152627MB BusType: 8
13:48:13.732 Disk 0 MBR read successfully
13:48:13.732 Disk 0 MBR scan
13:48:13.763 Disk 0 Windows VISTA default MBR code
13:48:13.778 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 156 MB offset 63
13:48:13.810 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 2048 MB offset 321536
13:48:13.825 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150421 MB offset 4515840
13:48:13.856 Disk 0 scanning sectors +312579760
13:48:13.981 Disk 0 scanning C:\Windows\system32\drivers
13:48:29.020 Service scanning
13:48:50.938 Modules scanning
13:48:56.647 Disk 0 trace - called modules:
13:48:57.162 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
13:48:57.162 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86358ac8]
13:48:57.178 3 CLASSPNP.SYS[8bb358b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84ad0028]
13:48:57.958 AVAST engine scan C:\Windows
13:49:04.541 AVAST engine scan C:\Windows\system32
13:52:22.442 AVAST engine scan C:\Windows\system32\drivers
13:52:53.221 AVAST engine scan C:\Users\aglahn
14:28:37.862 File: C:\Users\aglahn\AppData\Local\Temp\PgWxyfhjAxhpKs.exe.tmp **INFECTED** Win32:FakeSysdef-MW [Trj]
15:05:18.461 AVAST engine scan C:\ProgramData
15:17:46.652 File: C:\ProgramData\qbJdjNLikjl.exe **INFECTED** Win32:FakeSysdef-MW [Trj]
15:17:56.028 Scan finished successfully
15:27:56.269 Disk 0 MBR has been saved successfully to "C:\Users\aglahn\Desktop\MBR.dat"
15:27:56.269 The log file has been saved successfully to "C:\Users\aglahn\Desktop\aswMBR.txt"

ESET

C:\Program Files\Freecorder 5\Uninstall\apptec-freecorder-us-dtx.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\ProgramData\qbJdjNLikjl.exe Win32/TrojanDownloader.Prodatect.BL trojan cleaned by deleting - quarantined
C:\Users\aglahn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q2EIFHEO\postratings-js[1].js JS/Agent.NEJ trojan cleaned by deleting - quarantined
C:\Users\aglahn\AppData\Local\Temp\0.35314682981652223 multiple threats cleaned by deleting - quarantined
C:\Users\aglahn\AppData\Local\Temp\0.7981370314812677 multiple threats cleaned by deleting - quarantined
C:\Users\aglahn\AppData\Local\Temp\PgWxyfhjAxhpKs.exe.tmp Win32/TrojanDownloader.Prodatect.BL trojan cleaned by deleting - quarantined
C:\Users\aglahn\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\64d94f02-6d40398a Java/Exploit.CVE-2010-3562.A trojan cleaned by deleting - quarantined
C:\Users\aglahn\AppData\Roaming\E98C1E7148E74847E001EC7C4E7E2AB9\enemies-names.txt Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined
C:\Users\aglahn\AppData\Roaming\E98C1E7148E74847E001EC7C4E7E2AB9\local.ini Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined
C:\Users\aglahn\Documents\FCTB5Setup.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined


Thanks again!!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:17 PM

Posted 11 June 2012 - 08:48 PM

Press Windows+R key and type

%temp%
and click ok

Now if you find a folder called SMTMP ,copy it to a safe location

Download

UNHIDE

Run it as administrator,this should restore your hidden files

Now run malwarebytes in normal mode and post the log

Please re run aswmbr and post the log

Let me know if UNHIDE TOOL restores your startmenu programs too

good luck

#5 Bonjourno

Bonjourno
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 12 June 2012 - 01:24 AM

The files are no longer hidden and my computer is working well. MalwareBytes did find one infection though.

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.12.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
aglahn :: DPT97 [administrator]

6/11/2012 11:04:28 PM
mbam-log-2012-06-11 (23-26-04).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 274739
Time elapsed: 15 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Agent.GMAGen) -> Data: rundll32.exe "C:\Users\aglahn\AppData\Roaming\FrostWire\FrostWire\vubjh.dll",DllRegisterServer -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-11 23:28:22
-----------------------------
23:28:22.286 OS Version: Windows 6.0.6002 Service Pack 2
23:28:22.287 Number of processors: 2 586 0x170A
23:28:22.288 ComputerName: DPT97 UserName:
23:28:28.739 Initialize success
23:28:38.636 AVAST engine defs: 12061100
23:28:43.659 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:28:43.662 Disk 0 Vendor: ST916041 DE17 Size: 152627MB BusType: 8
23:28:43.691 Disk 0 MBR read successfully
23:28:43.694 Disk 0 MBR scan
23:28:43.706 Disk 0 Windows VISTA default MBR code
23:28:43.710 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 156 MB offset 63
23:28:43.732 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 2048 MB offset 321536
23:28:43.753 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150421 MB offset 4515840
23:28:43.774 Disk 0 scanning sectors +312579760
23:28:43.872 Disk 0 scanning C:\Windows\system32\drivers
23:29:06.464 Service scanning
23:29:43.870 Modules scanning
23:29:50.760 Disk 0 trace - called modules:
23:29:51.129 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
23:29:51.133 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c51758]
23:29:51.136 3 CLASSPNP.SYS[8bb468b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x84af7028]
23:29:53.831 AVAST engine scan C:\Windows
23:29:57.445 AVAST engine scan C:\Windows\system32
23:37:33.986 AVAST engine scan C:\Windows\system32\drivers
23:38:06.899 AVAST engine scan C:\Users\aglahn
01:09:40.377 AVAST engine scan C:\ProgramData
01:18:23.062 Scan finished successfully
01:19:51.979 Disk 0 MBR has been saved successfully to "C:\Users\aglahn\Documents\MBR.dat"
01:19:51.997 The log file has been saved successfully to "C:\Users\aglahn\Documents\aswMBR.txt"


Thanks

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:17 PM

Posted 12 June 2012 - 01:33 AM

You have skipped removing infection detected by malwarebytes

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Update (Trojan.Agent.GMAGen) -> Data: rundll32.exe "C:\Users\aglahn\AppData\Roaming\FrostWire\FrostWire\vubjh.dll",DllRegisterServer -> No action taken.


Remove the infection,re run malwarebytes ,post the clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Edited by narenxp, 12 June 2012 - 01:33 AM.


#7 Bonjourno

Bonjourno
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 12 June 2012 - 02:50 AM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.12.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
aglahn :: DPT97 [administrator]

6/12/2012 2:25:27 AM
mbam-log-2012-06-12 (02-25-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 274867
Time elapsed: 17 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



MiniToolBox by Farbar Version: 09-06-2012
Ran by aglahn (administrator) on 12-06-2012 at 02:48:46
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:17 PM

Posted 12 June 2012 - 03:51 AM

Mini toolbox log is incomplete :thumbup2:

#9 Bonjourno

Bonjourno
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:05:17 PM

Posted 12 June 2012 - 01:08 PM

Sorry

MiniToolBox by Farbar Version: 09-06-2012
Ran by aglahn (administrator) on 12-06-2012 at 02:48:46
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DPT97
Primary Dns Suffix . . . . . . . : master.lsuhsc.edu
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : master.lsuhsc.edu
no.cox.net
lsuhsc.edu

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : no.cox.net
Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card
Physical Address. . . . . . . . . : 00-24-2B-9A-9E-23
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2c0b:9b08:66d1:bc8e%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.106(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 12, 2012 2:18:11 AM
Lease Expires . . . . . . . . . . : Tuesday, June 19, 2012 2:18:12 AM
Default Gateway . . . . . . . . . : fe80::16d6:4dff:fe33:2f2e%11
192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection
Physical Address. . . . . . . . . : 00-21-70-F1-28-64
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Connection-specific DNS Suffix . : no.cox.net
Description . . . . . . . . . . . : isatap.no.cox.net
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.106%32(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 25:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 26:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 27:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 6TO4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 28:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3ce3:be2:bbf4:c2e6(Preferred)
Link-local IPv6 Address . . . . . : fe80::3ce3:be2:bbf4:c2e6%31(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 31:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{2FD1C210-965A-47A9-AA36-7C445E131779}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
1.0.168.192.in-addr.arpa
primary name server = localhost
responsible mail addr = nobody.invalid
serial = 1
refresh = 600 (10 mins)
retry = 1200 (20 mins)
expire = 604800 (7 days)
default TTL = 10800 (3 hours)
(root) ??? unknown type 41 ???
Server: UnKnown
Address: 192.168.0.1

Name: google.com.master.lsuhsc.edu
Address: 208.69.32.145



Pinging google.com [74.125.227.130] with 32 bytes of data:

Reply from 74.125.227.130: bytes=32 time=24ms TTL=56

Reply from 74.125.227.130: bytes=32 time=22ms TTL=56



Ping statistics for 74.125.227.130:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 22ms, Maximum = 24ms, Average = 23ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com.master.lsuhsc.edu
Address: 208.69.32.145



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=26ms TTL=55

Reply from 209.191.122.70: bytes=32 time=23ms TTL=55



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 23ms, Maximum = 26ms, Average = 24ms

Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com.master.lsuhsc.edu
Address: 208.69.32.145



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Request timed out.

Request timed out.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 24 2b 9a 9e 23 ...... Dell Wireless 1397 WLAN Mini-Card
10 ...00 21 70 f1 28 64 ...... Intel® 82567LM Gigabit Network Connection
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
32 ...00 00 00 00 00 00 00 e0 isatap.no.cox.net
12 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
16 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
19 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
23 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
20 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
25 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
27 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
28 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
29 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
31 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
30 ...00 00 00 00 00 00 00 e0 isatap.{2FD1C210-965A-47A9-AA36-7C445E131779}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.106 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.106 281
192.168.0.106 255.255.255.255 On-link 192.168.0.106 281
192.168.0.255 255.255.255.255 On-link 192.168.0.106 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.106 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.106 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 281 ::/0 fe80::16d6:4dff:fe33:2f2e
31 18 ::/0 On-link
1 306 ::1/128 On-link
31 18 2001::/32 On-link
31 266 2001:0:4137:9e76:3ce3:be2:bbf4:c2e6/128
On-link
11 281 fe80::/64 On-link
31 266 fe80::/64 On-link
32 286 fe80::5efe:192.168.0.106/128
On-link
11 281 fe80::2c0b:9b08:66d1:bc8e/128
On-link
31 266 fe80::3ce3:be2:bbf4:c2e6/128
On-link
1 306 ff00::/8 On-link
31 266 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/12/2012 02:18:36 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 02:18:31 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 02:18:31 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 02:18:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 02:18:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 02:18:29 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/12/2012 02:18:14 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2012 10:56:30 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/11/2012 10:56:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/11/2012 10:56:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (06/12/2012 02:20:35 AM) (Source: Microsoft-Windows-GroupPolicy) (User: aglahn)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (06/12/2012 02:20:05 AM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (06/12/2012 02:18:35 AM) (Source: Microsoft-Windows-GroupPolicy) (User: SYSTEM)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (06/12/2012 02:18:14 AM) (Source: Service Control Manager) (User: )
Description: NTRU TSS v1.2.1.29 TCSTPM Base Services%%0

Error: (06/12/2012 02:18:10 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LSUMC-MASTER due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (06/11/2012 10:53:36 PM) (Source: Microsoft-Windows-GroupPolicy) (User: aglahn)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (06/11/2012 10:53:01 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{24FF4FDC-1D9F-4195-8C79-0DA39248FF48}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (06/11/2012 10:51:31 PM) (Source: Microsoft-Windows-GroupPolicy) (User: SYSTEM)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (06/11/2012 10:51:12 PM) (Source: Service Control Manager) (User: )
Description: NTRU TSS v1.2.1.29 TCSTPM Base Services%%0

Error: (06/11/2012 10:51:06 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain LSUMC-MASTER due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.


Microsoft Office Sessions:
=========================
Error: (12/28/2011 10:40:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/02/2010 10:51:17 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 246 seconds with 120 seconds of active time. This session ended with a crash.

Error: (08/25/2009 10:25:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 284 seconds with 60 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 2.0.2)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 ActiveX (Version: 10.2.152.21)
Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
All Day Battery Life Configuration (Version: 1.1.0)
Ambient Light Sensor (Version: 1.0.7)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
BioAPI Framework (Version: 1.0.1)
biolsp patch (Version: 01.00.02.0005)
Bonjour (Version: 3.0.0.10)
Broadcom USH Host Components (Version: 1.7.208.6)
Canon MF Toolbox 4.9.1.1.mf04 (Version: 2.3.0)
Canon MF4100 Series
CCleaner (Version: 3.03)
Choice Guard (Version: 1.2.87.0)
Cisco EAP-FAST Module (Version: 2.1.3)
Cisco LEAP Module (Version: 1.0.12)
Cisco PEAP Module (Version: 1.0.13)
Citrix online plug-in - web (Version: 11.2.0.31560)
Citrix online plug-in (DV) (Version: 11.2.0.31560)
Citrix online plug-in (HDX) (Version: 11.2.0.31560)
Citrix online plug-in (USB) (Version: 11.2.0.31560)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
Configuration Manager Client (Version: 4.00.6487.2000)
DCP32MMWrapper (Version: 1.6.206.15)
Dell Control Point (Version: 1.6.206.15)
Dell ControlPoint Connection Manager (Version: 1.2.1)
Dell ControlPoint Security Manager (Version: 1.6.206.15)
Dell ControlPoint System Manager (Version: 1.2.00000)
Dell Edoc Viewer (Version: 1.0.0)
Dell Embassy Trust Suite by Wave Systems (Version: 03.03.00.015)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Security Device Driver Pack (Version: 1.02.35)
Dell Touchpad (Version: 7.2.101.215)
Dell Wireless WLAN Card Utility (Version: 4.170.77.16)
Document Manager Lite (Version: 06.09.00.082)
EMBASSY Security Center (Version: 03.09.00.054)
EMBASSY Security Setup (Version: 03.09.00.062)
ESC Home Page Plugin (Version: 03.04.00.022)
ESET Online Scanner v3
Freecorder 5 (Version: 5.0)
Freecorder Toolbar (Version: 5.0.0.0)
Gemalto (Version: 01.01.00.0000)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Intel® Network Connections 13.0.42.0 (Version: 13.0.42.0)
Intel® PRO Alerting Agent (Version: 12.0.3)
Intel® Matrix Storage Manager
iTunes (Version: 10.5.3.3)
IZArc 4.1.6 (Version: 4.1.6)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
McAfee Agent (Version: 4.5.0.1270)
McAfee AntiSpyware Enterprise Module (Version: 8.7.0.129)
McAfee SiteAdvisor Enterprise (Version: 1.6.0.109)
McAfee VirusScan Enterprise (Version: 8.7.00004)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6425.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Move Media Player
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTRU TCG Software Stack (Version: 2.1.29)
NVIDIA Drivers
OGG to MP3 Converter 1.2
Portforward Static IP Address 1.0.43 (Version: 1.0.43)
PowerDVD (Version: 8.1)
Preboot Manager (Version: 02.09.00.004)
Presto! PageManager 7.15.14 (Version: 7.15.14E)
Private Information Manager (Version: 06.04.00.042)
PTEXAM:The Complete Study Guide (Version: 2.0)
PTEXAM:The Complete Study Guide (Version: Version 2.0)
QuickTime (Version: 7.71.80.42)
RealPlayer
RealUpgrade 1.0 (Version: 1.0.0)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Secure Update (Version: 05.07.00.014)
Security Wizards (Version: 01.07.00.014)
SMART Board Software (Version: 9.7.103.1)
SMART Essentials for Educators (Version: 1.2.1.0)
SO32MMWrapper (Version: 1.6.206.15)
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
SoulSeek 157 NS 13e
Spotify (Version: 0.8.3.222.g317ab79d)
Switch Sound File Converter
Trusted Drive Manager (Version: 2.6.1.48)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
VideoLAN VLC media player 0.8.6f (Version: 0.8.6f)
Wave Infrastructure Installer (Version: 06.01.52.0015)
Wave Support Software (Version: 05.10.00.030)
WavePad Sound Editor
WIMGAPI (Version: 1.0.0.0)
Winamp (Version: 5.6 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) (Version: 01/07/2008 1.0.1.5)
Windows Sound Schemes

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 3571 MB
Available physical RAM: 1498.17 MB
Total Pagefile: 7362.98 MB
Available Pagefile: 5203.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.2 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:146.9 GB) (Free:8.34 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:2 GB) (Free:1.1 GB) NTFS
3 Drive e: (Scorebuilders-Th) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\DPT97

Administrator DPTStudent Guest
OnTheRoad


**** End of log ****

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:17 PM

Posted 12 June 2012 - 09:33 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your Flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users