Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect Virus?


  • Please log in to reply
43 replies to this topic

#1 bosox1001

bosox1001

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 12:19 AM

First off, I am not very tech savvy, so any advice will have to be broken down pretty basic for me to understand, but here's my situation:

I've noticed over the past day that when I do google searches and click on the links, I get redirected to other sites anywhere from 25%-50% of the time. It doesn't seem to affect any other websites, such as MSN.com, hotmail.com, or any other sites that have links (I haven't tried Yahoo or anything else though). I have downloaded and run SUPERAntiSpyware, Malwarebytes, and run my Norton Anti-Virus, all of which initially picked up multiple threats, including files that I see on the redirected urls (such as click.scour, or other click/answer files) and I remove them, reboot, run a new scan, and it either finds a lot less infected files and I repeat the process, or it finds no threats. I then do google searches again, and the problem is there. It seems to happen less frequently now that I have run these programs, but it still does occur. I also get an error message on startup that says "RunDLL" on the tab and has the message "C:\Users\Ria's\AppData\Local\Broderbund\Software\ATI\tuqpmqtt.dll The specified module could not be found" and has an option to click OK. I have also tried to locate the TDSSserv file, but don't think I was able to find it using instructions I found online, and I didn't manually delete/alter anything so far. I have Windows 7, 64 bit system, and have also tried doing a recovery to a previous date, but the problem was still not resolved. It is affecting both my browsers, Chrome and IE

Any advice would be greatly appreciated,
Thanks.

--UPDATE-- I was able to run two of the requested scans and provide the logs, but the other one seemed to die, as once it hit 17%, it took over an hour to get to 18% so I was unable to post that. Maybe I did something wrong with the ESET scanner. I followed the directions, but I did unclick the box "remove threats" because I didn't know if that would alter anything.. but it seemed to be going extremely slow after 17%. I have started the scan again, and left the box checked, to remove threats, and it has again been quick up to 17%...

Edited by bosox1001, 13 June 2012 - 12:17 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 PM

Posted 13 June 2012 - 12:24 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 12:51 AM

Thanks for the quick reply! The ESET scanner is taking extremely long, it's been stuck on 17% for nearly 20 minutes, but here are the first two logs:

TDSSkiller:

01:26:59.0763 5888 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
01:27:01.0775 5888 ============================================================
01:27:01.0775 5888 Current date / time: 2012/06/13 01:27:01.0775
01:27:01.0775 5888 SystemInfo:
01:27:01.0775 5888
01:27:01.0775 5888 OS Version: 6.1.7601 ServicePack: 1.0
01:27:01.0775 5888 Product type: Workstation
01:27:01.0775 5888 ComputerName: RIAS-HP
01:27:01.0775 5888 UserName: Ria's
01:27:01.0775 5888 Windows directory: C:\Windows
01:27:01.0775 5888 System windows directory: C:\Windows
01:27:01.0775 5888 Running under WOW64
01:27:01.0775 5888 Processor architecture: Intel x64
01:27:01.0775 5888 Number of processors: 4
01:27:01.0775 5888 Page size: 0x1000
01:27:01.0775 5888 Boot type: Normal boot
01:27:01.0775 5888 ============================================================
01:27:02.0851 5888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:27:02.0883 5888 ============================================================
01:27:02.0883 5888 \Device\Harddisk0\DR0:
01:27:02.0883 5888 MBR partitions:
01:27:02.0883 5888 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:27:02.0883 5888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72EAB000
01:27:02.0883 5888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x72EDD800, BlocksNum 0x1828800
01:27:02.0883 5888 ============================================================
01:27:02.0883 5888 C: <-> \Device\Harddisk0\DR0\Partition1
01:27:02.0914 5888 D: <-> \Device\Harddisk0\DR0\Partition2
01:27:02.0914 5888 ============================================================
01:27:02.0914 5888 Initialize success
01:27:02.0914 5888 ============================================================
01:27:41.0524 8544 ============================================================
01:27:41.0524 8544 Scan started
01:27:41.0524 8544 Mode: Manual; TDLFS;
01:27:41.0524 8544 ============================================================
01:27:42.0054 8544 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
01:27:42.0054 8544 !SASCORE - ok
01:27:42.0195 8544 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
01:27:42.0195 8544 1394ohci - ok
01:27:42.0226 8544 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
01:27:42.0241 8544 ACPI - ok
01:27:42.0257 8544 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
01:27:42.0257 8544 AcpiPmi - ok
01:27:42.0351 8544 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:27:42.0351 8544 AdobeARMservice - ok
01:27:42.0382 8544 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
01:27:42.0397 8544 adp94xx - ok
01:27:42.0413 8544 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
01:27:42.0413 8544 adpahci - ok
01:27:42.0429 8544 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
01:27:42.0429 8544 adpu320 - ok
01:27:42.0460 8544 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
01:27:42.0460 8544 AeLookupSvc - ok
01:27:42.0491 8544 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
01:27:42.0491 8544 AFD - ok
01:27:42.0538 8544 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:27:42.0538 8544 agp440 - ok
01:27:42.0553 8544 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
01:27:42.0553 8544 ALG - ok
01:27:42.0585 8544 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:27:42.0585 8544 aliide - ok
01:27:42.0616 8544 AMD External Events Utility (ca0d6c1390f4b3baf2a0a69d1a7f8332) C:\Windows\system32\atiesrxx.exe
01:27:42.0616 8544 AMD External Events Utility - ok
01:27:42.0631 8544 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:27:42.0631 8544 amdide - ok
01:27:42.0647 8544 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
01:27:42.0647 8544 AmdK8 - ok
01:27:42.0834 8544 amdkmdag (75e4baca583ae02c11e9ac8747e2abe0) C:\Windows\system32\DRIVERS\atikmdag.sys
01:27:42.0943 8544 amdkmdag - ok
01:27:43.0037 8544 amdkmdap (b765cf4b32f347be747b21ae22641025) C:\Windows\system32\DRIVERS\atikmpag.sys
01:27:43.0037 8544 amdkmdap - ok
01:27:43.0053 8544 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
01:27:43.0053 8544 AmdPPM - ok
01:27:43.0068 8544 amdsata (f747497a0ee5498f79b207f215b3d2d8) C:\Windows\system32\DRIVERS\amdsata.sys
01:27:43.0068 8544 amdsata - ok
01:27:43.0084 8544 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
01:27:43.0084 8544 amdsbs - ok
01:27:43.0099 8544 amdxata (2946d695e158615baaa16248e63c7adb) C:\Windows\system32\DRIVERS\amdxata.sys
01:27:43.0099 8544 amdxata - ok
01:27:43.0146 8544 Andbus (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys
01:27:43.0146 8544 Andbus - ok
01:27:43.0209 8544 AndDiag (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys
01:27:43.0209 8544 AndDiag - ok
01:27:43.0240 8544 AndGps (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys
01:27:43.0240 8544 AndGps - ok
01:27:43.0271 8544 ANDModem (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys
01:27:43.0271 8544 ANDModem - ok
01:27:43.0302 8544 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
01:27:43.0302 8544 AppID - ok
01:27:43.0318 8544 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
01:27:43.0333 8544 AppIDSvc - ok
01:27:43.0365 8544 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
01:27:43.0365 8544 Appinfo - ok
01:27:43.0458 8544 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:27:43.0458 8544 Apple Mobile Device - ok
01:27:43.0505 8544 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
01:27:43.0505 8544 arc - ok
01:27:43.0505 8544 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
01:27:43.0521 8544 arcsas - ok
01:27:43.0536 8544 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:27:43.0536 8544 AsyncMac - ok
01:27:43.0583 8544 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:27:43.0583 8544 atapi - ok
01:27:43.0614 8544 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
01:27:43.0614 8544 AtiPcie - ok
01:27:43.0677 8544 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:27:43.0692 8544 AudioEndpointBuilder - ok
01:27:43.0708 8544 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:27:43.0708 8544 AudioSrv - ok
01:27:43.0755 8544 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
01:27:43.0755 8544 AxInstSV - ok
01:27:43.0786 8544 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
01:27:43.0801 8544 b06bdrv - ok
01:27:43.0817 8544 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:27:43.0817 8544 b57nd60a - ok
01:27:43.0879 8544 BBSvc (dbf43db0c648db9101d61041e00df5c4) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
01:27:43.0879 8544 BBSvc - ok
01:27:43.0895 8544 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
01:27:43.0895 8544 BDESVC - ok
01:27:43.0911 8544 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:27:43.0911 8544 Beep - ok
01:27:43.0942 8544 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
01:27:43.0957 8544 BFE - ok
01:27:43.0989 8544 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
01:27:43.0989 8544 BITS - ok
01:27:44.0020 8544 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
01:27:44.0020 8544 blbdrive - ok
01:27:44.0129 8544 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
01:27:44.0129 8544 Bonjour Service - ok
01:27:44.0160 8544 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
01:27:44.0160 8544 bowser - ok
01:27:44.0176 8544 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:27:44.0176 8544 BrFiltLo - ok
01:27:44.0191 8544 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:27:44.0191 8544 BrFiltUp - ok
01:27:44.0223 8544 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
01:27:44.0223 8544 Browser - ok
01:27:44.0238 8544 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:27:44.0238 8544 Brserid - ok
01:27:44.0254 8544 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:27:44.0254 8544 BrSerWdm - ok
01:27:44.0269 8544 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:27:44.0269 8544 BrUsbMdm - ok
01:27:44.0285 8544 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:27:44.0285 8544 BrUsbSer - ok
01:27:44.0316 8544 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
01:27:44.0316 8544 BTHMODEM - ok
01:27:44.0332 8544 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
01:27:44.0347 8544 bthserv - ok
01:27:44.0347 8544 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:27:44.0347 8544 cdfs - ok
01:27:44.0379 8544 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
01:27:44.0379 8544 cdrom - ok
01:27:44.0410 8544 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:27:44.0410 8544 CertPropSvc - ok
01:27:44.0472 8544 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
01:27:44.0472 8544 cfwids - ok
01:27:44.0535 8544 CinemaNow Service (ea3333db9ab03106eec0d6d9d487ed01) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
01:27:44.0535 8544 CinemaNow Service - ok
01:27:44.0566 8544 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
01:27:44.0566 8544 circlass - ok
01:27:44.0581 8544 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:27:44.0597 8544 CLFS - ok
01:27:44.0644 8544 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:27:44.0644 8544 clr_optimization_v2.0.50727_32 - ok
01:27:44.0691 8544 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:27:44.0691 8544 clr_optimization_v2.0.50727_64 - ok
01:27:44.0737 8544 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:27:44.0737 8544 clr_optimization_v4.0.30319_32 - ok
01:27:44.0753 8544 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:27:44.0769 8544 clr_optimization_v4.0.30319_64 - ok
01:27:44.0784 8544 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
01:27:44.0784 8544 CmBatt - ok
01:27:44.0831 8544 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:27:44.0831 8544 cmdide - ok
01:27:44.0878 8544 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
01:27:44.0878 8544 CNG - ok
01:27:44.0893 8544 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
01:27:44.0893 8544 Compbatt - ok
01:27:44.0940 8544 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
01:27:44.0940 8544 CompositeBus - ok
01:27:44.0956 8544 COMSysApp - ok
01:27:44.0987 8544 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
01:27:44.0987 8544 crcdisk - ok
01:27:45.0018 8544 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
01:27:45.0018 8544 CryptSvc - ok
01:27:45.0127 8544 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
01:27:45.0143 8544 cvhsvc - ok
01:27:45.0174 8544 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:27:45.0190 8544 DcomLaunch - ok
01:27:45.0221 8544 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
01:27:45.0221 8544 defragsvc - ok
01:27:45.0268 8544 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
01:27:45.0268 8544 DfsC - ok
01:27:45.0299 8544 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
01:27:45.0315 8544 Dhcp - ok
01:27:45.0330 8544 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:27:45.0330 8544 discache - ok
01:27:45.0361 8544 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
01:27:45.0361 8544 Disk - ok
01:27:45.0393 8544 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
01:27:45.0393 8544 Dnscache - ok
01:27:45.0424 8544 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
01:27:45.0424 8544 dot3svc - ok
01:27:45.0455 8544 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
01:27:45.0455 8544 DPS - ok
01:27:45.0471 8544 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:27:45.0471 8544 drmkaud - ok
01:27:45.0502 8544 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
01:27:45.0517 8544 DXGKrnl - ok
01:27:45.0533 8544 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
01:27:45.0533 8544 EapHost - ok
01:27:45.0627 8544 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
01:27:45.0642 8544 ebdrv - ok
01:27:45.0689 8544 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
01:27:45.0689 8544 EFS - ok
01:27:45.0751 8544 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
01:27:45.0751 8544 ehRecvr - ok
01:27:45.0783 8544 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
01:27:45.0783 8544 ehSched - ok
01:27:45.0829 8544 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
01:27:45.0845 8544 elxstor - ok
01:27:45.0861 8544 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:27:45.0861 8544 ErrDev - ok
01:27:45.0907 8544 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
01:27:45.0907 8544 EventSystem - ok
01:27:45.0923 8544 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:27:45.0939 8544 exfat - ok
01:27:45.0954 8544 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:27:45.0954 8544 fastfat - ok
01:27:46.0001 8544 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
01:27:46.0001 8544 Fax - ok
01:27:46.0032 8544 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
01:27:46.0032 8544 fdc - ok
01:27:46.0048 8544 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
01:27:46.0048 8544 fdPHost - ok
01:27:46.0063 8544 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
01:27:46.0063 8544 FDResPub - ok
01:27:46.0079 8544 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:27:46.0079 8544 FileInfo - ok
01:27:46.0095 8544 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:27:46.0095 8544 Filetrace - ok
01:27:46.0110 8544 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
01:27:46.0110 8544 flpydisk - ok
01:27:46.0126 8544 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
01:27:46.0126 8544 FltMgr - ok
01:27:46.0204 8544 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
01:27:46.0219 8544 FontCache - ok
01:27:46.0282 8544 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:27:46.0282 8544 FontCache3.0.0.0 - ok
01:27:46.0313 8544 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:27:46.0313 8544 FsDepends - ok
01:27:46.0344 8544 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
01:27:46.0344 8544 Fs_Rec - ok
01:27:46.0407 8544 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:27:46.0407 8544 fvevol - ok
01:27:46.0422 8544 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
01:27:46.0422 8544 gagp30kx - ok
01:27:46.0516 8544 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
01:27:46.0516 8544 GamesAppService - ok
01:27:46.0563 8544 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:27:46.0563 8544 GEARAspiWDM - ok
01:27:46.0625 8544 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
01:27:46.0641 8544 gpsvc - ok
01:27:46.0687 8544 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:27:46.0687 8544 gupdate - ok
01:27:46.0719 8544 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:27:46.0719 8544 gupdatem - ok
01:27:46.0734 8544 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:27:46.0734 8544 gusvc - ok
01:27:46.0765 8544 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:27:46.0765 8544 hcw85cir - ok
01:27:46.0797 8544 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
01:27:46.0797 8544 HdAudAddService - ok
01:27:46.0828 8544 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
01:27:46.0828 8544 HDAudBus - ok
01:27:46.0843 8544 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
01:27:46.0843 8544 HidBatt - ok
01:27:46.0859 8544 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
01:27:46.0859 8544 HidBth - ok
01:27:46.0875 8544 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
01:27:46.0875 8544 HidIr - ok
01:27:46.0906 8544 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
01:27:46.0906 8544 hidserv - ok
01:27:46.0937 8544 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
01:27:46.0953 8544 HidUsb - ok
01:27:46.0984 8544 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
01:27:46.0984 8544 hkmsvc - ok
01:27:47.0031 8544 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
01:27:47.0031 8544 HomeGroupListener - ok
01:27:47.0046 8544 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
01:27:47.0062 8544 HomeGroupProvider - ok
01:27:47.0109 8544 hpqwmiex - ok
01:27:47.0140 8544 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
01:27:47.0140 8544 HpSAMD - ok
01:27:47.0202 8544 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
01:27:47.0218 8544 HTTP - ok
01:27:47.0233 8544 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
01:27:47.0233 8544 hwpolicy - ok
01:27:47.0265 8544 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:27:47.0280 8544 i8042prt - ok
01:27:47.0327 8544 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
01:27:47.0327 8544 iaStorV - ok
01:27:47.0421 8544 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:27:47.0436 8544 idsvc - ok
01:27:47.0530 8544 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
01:27:47.0530 8544 IHA_MessageCenter - ok
01:27:47.0577 8544 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
01:27:47.0592 8544 iirsp - ok
01:27:47.0639 8544 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
01:27:47.0639 8544 IKEEXT - ok
01:27:47.0764 8544 IntcAzAudAddService (2b888bbdf6962e608a5e1a1d7a626adf) C:\Windows\system32\drivers\RTKVHD64.sys
01:27:47.0779 8544 IntcAzAudAddService - ok
01:27:47.0842 8544 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:27:47.0857 8544 intelide - ok
01:27:47.0889 8544 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:27:47.0889 8544 intelppm - ok
01:27:47.0904 8544 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
01:27:47.0920 8544 IPBusEnum - ok
01:27:47.0951 8544 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:27:47.0951 8544 IpFilterDriver - ok
01:27:47.0982 8544 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
01:27:47.0982 8544 iphlpsvc - ok
01:27:48.0013 8544 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
01:27:48.0013 8544 IPMIDRV - ok
01:27:48.0029 8544 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:27:48.0029 8544 IPNAT - ok
01:27:48.0154 8544 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
01:27:48.0169 8544 iPod Service - ok
01:27:48.0201 8544 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:27:48.0201 8544 IRENUM - ok
01:27:48.0216 8544 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:27:48.0216 8544 isapnp - ok
01:27:48.0247 8544 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
01:27:48.0247 8544 iScsiPrt - ok
01:27:48.0263 8544 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
01:27:48.0279 8544 kbdclass - ok
01:27:48.0310 8544 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
01:27:48.0310 8544 kbdhid - ok
01:27:48.0341 8544 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:27:48.0341 8544 KeyIso - ok
01:27:48.0357 8544 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
01:27:48.0372 8544 KSecDD - ok
01:27:48.0388 8544 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
01:27:48.0388 8544 KSecPkg - ok
01:27:48.0388 8544 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:27:48.0388 8544 ksthunk - ok
01:27:48.0419 8544 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
01:27:48.0419 8544 KtmRm - ok
01:27:48.0450 8544 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
01:27:48.0466 8544 LanmanServer - ok
01:27:48.0497 8544 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
01:27:48.0497 8544 LanmanWorkstation - ok
01:27:48.0559 8544 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
01:27:48.0559 8544 LightScribeService - ok
01:27:48.0591 8544 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:27:48.0591 8544 lltdio - ok
01:27:48.0606 8544 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
01:27:48.0622 8544 lltdsvc - ok
01:27:48.0637 8544 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
01:27:48.0637 8544 lmhosts - ok
01:27:48.0684 8544 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
01:27:48.0684 8544 LSI_FC - ok
01:27:48.0700 8544 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
01:27:48.0700 8544 LSI_SAS - ok
01:27:48.0715 8544 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:27:48.0715 8544 LSI_SAS2 - ok
01:27:48.0731 8544 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:27:48.0731 8544 LSI_SCSI - ok
01:27:48.0747 8544 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:27:48.0747 8544 luafv - ok
01:27:48.0778 8544 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
01:27:48.0793 8544 MBAMProtector - ok
01:27:48.0903 8544 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:27:48.0903 8544 MBAMService - ok
01:27:48.0965 8544 McAfee SiteAdvisor Service (be8c524313db75fa26fb2b0c0aaff88e) c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
01:27:48.0965 8544 McAfee SiteAdvisor Service - ok
01:27:49.0059 8544 McAWFwk (f48571922079bbab289c57bafefe88f3) c:\PROGRA~1\mcafee\msc\mcawfwk.exe
01:27:49.0059 8544 McAWFwk - ok
01:27:49.0105 8544 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:27:49.0105 8544 McMPFSvc - ok
01:27:49.0121 8544 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:27:49.0121 8544 mcmscsvc - ok
01:27:49.0137 8544 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:27:49.0137 8544 McNaiAnn - ok
01:27:49.0168 8544 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:27:49.0183 8544 McNASvc - ok
01:27:49.0215 8544 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
01:27:49.0230 8544 McODS - ok
01:27:49.0230 8544 McOobeSv (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:27:49.0246 8544 McOobeSv - ok
01:27:49.0261 8544 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:27:49.0277 8544 McProxy - ok
01:27:49.0324 8544 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
01:27:49.0324 8544 McShield - ok
01:27:49.0402 8544 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
01:27:49.0417 8544 Mcx2Svc - ok
01:27:49.0480 8544 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
01:27:49.0495 8544 megasas - ok
01:27:49.0527 8544 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
01:27:49.0527 8544 MegaSR - ok
01:27:49.0573 8544 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
01:27:49.0573 8544 mfeapfk - ok
01:27:49.0605 8544 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
01:27:49.0605 8544 mfeavfk - ok
01:27:49.0620 8544 mfeavfk01 - ok
01:27:49.0651 8544 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
01:27:49.0651 8544 mfefire - ok
01:27:49.0683 8544 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
01:27:49.0698 8544 mfefirek - ok
01:27:49.0745 8544 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
01:27:49.0745 8544 mfehidk - ok
01:27:49.0761 8544 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
01:27:49.0761 8544 mfenlfk - ok
01:27:49.0776 8544 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
01:27:49.0776 8544 mferkdet - ok
01:27:49.0807 8544 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Windows\system32\mfevtps.exe
01:27:49.0823 8544 mfevtp - ok
01:27:49.0839 8544 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
01:27:49.0854 8544 mfewfpk - ok
01:27:49.0885 8544 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:27:49.0885 8544 MMCSS - ok
01:27:49.0917 8544 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:27:49.0917 8544 Modem - ok
01:27:49.0963 8544 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:27:49.0963 8544 monitor - ok
01:27:49.0995 8544 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
01:27:49.0995 8544 mouclass - ok
01:27:50.0026 8544 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
01:27:50.0026 8544 mouhid - ok
01:27:50.0057 8544 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
01:27:50.0057 8544 mountmgr - ok
01:27:50.0104 8544 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
01:27:50.0104 8544 mpio - ok
01:27:50.0119 8544 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:27:50.0119 8544 mpsdrv - ok
01:27:50.0182 8544 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
01:27:50.0182 8544 MpsSvc - ok
01:27:50.0213 8544 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
01:27:50.0213 8544 MRxDAV - ok
01:27:50.0244 8544 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:27:50.0244 8544 mrxsmb - ok
01:27:50.0275 8544 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:27:50.0275 8544 mrxsmb10 - ok
01:27:50.0307 8544 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:27:50.0307 8544 mrxsmb20 - ok
01:27:50.0322 8544 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
01:27:50.0322 8544 msahci - ok
01:27:50.0353 8544 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
01:27:50.0353 8544 msdsm - ok
01:27:50.0385 8544 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
01:27:50.0385 8544 MSDTC - ok
01:27:50.0416 8544 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:27:50.0416 8544 Msfs - ok
01:27:50.0416 8544 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:27:50.0416 8544 mshidkmdf - ok
01:27:50.0431 8544 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:27:50.0431 8544 msisadrv - ok
01:27:50.0463 8544 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
01:27:50.0478 8544 MSiSCSI - ok
01:27:50.0478 8544 msiserver - ok
01:27:50.0572 8544 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
01:27:50.0572 8544 MSK80Service - ok
01:27:50.0603 8544 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:27:50.0603 8544 MSKSSRV - ok
01:27:50.0619 8544 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:27:50.0619 8544 MSPCLOCK - ok
01:27:50.0650 8544 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:27:50.0650 8544 MSPQM - ok
01:27:50.0697 8544 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
01:27:50.0697 8544 MsRPC - ok
01:27:50.0728 8544 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
01:27:50.0728 8544 mssmbios - ok
01:27:50.0743 8544 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:27:50.0743 8544 MSTEE - ok
01:27:50.0759 8544 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
01:27:50.0759 8544 MTConfig - ok
01:27:50.0775 8544 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:27:50.0775 8544 Mup - ok
01:27:50.0790 8544 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
01:27:50.0806 8544 napagent - ok
01:27:50.0853 8544 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:27:50.0853 8544 NativeWifiP - ok
01:27:50.0884 8544 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
01:27:50.0884 8544 NDIS - ok
01:27:50.0899 8544 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:27:50.0899 8544 NdisCap - ok
01:27:50.0915 8544 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:27:50.0915 8544 NdisTapi - ok
01:27:50.0946 8544 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
01:27:50.0946 8544 Ndisuio - ok
01:27:50.0977 8544 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
01:27:50.0977 8544 NdisWan - ok
01:27:50.0993 8544 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
01:27:50.0993 8544 NDProxy - ok
01:27:51.0009 8544 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:27:51.0009 8544 NetBIOS - ok
01:27:51.0024 8544 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
01:27:51.0024 8544 NetBT - ok
01:27:51.0055 8544 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:27:51.0055 8544 Netlogon - ok
01:27:51.0087 8544 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
01:27:51.0087 8544 Netman - ok
01:27:51.0102 8544 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
01:27:51.0102 8544 netprofm - ok
01:27:51.0180 8544 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys
01:27:51.0196 8544 netr28x - ok
01:27:51.0243 8544 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:27:51.0258 8544 NetTcpPortSharing - ok
01:27:51.0274 8544 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
01:27:51.0274 8544 nfrd960 - ok
01:27:51.0321 8544 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
01:27:51.0336 8544 NlaSvc - ok
01:27:51.0352 8544 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:27:51.0352 8544 Npfs - ok
01:27:51.0367 8544 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
01:27:51.0367 8544 nsi - ok
01:27:51.0367 8544 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:27:51.0367 8544 nsiproxy - ok
01:27:51.0461 8544 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
01:27:51.0477 8544 Ntfs - ok
01:27:51.0539 8544 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:27:51.0539 8544 Null - ok
01:27:51.0570 8544 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
01:27:51.0586 8544 nvraid - ok
01:27:51.0601 8544 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
01:27:51.0601 8544 nvstor - ok
01:27:51.0679 8544 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:27:51.0679 8544 nv_agp - ok
01:27:51.0711 8544 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:27:51.0711 8544 ohci1394 - ok
01:27:51.0773 8544 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:27:51.0789 8544 ose - ok
01:27:51.0991 8544 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:27:52.0023 8544 osppsvc - ok
01:27:52.0101 8544 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:27:52.0116 8544 p2pimsvc - ok
01:27:52.0132 8544 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
01:27:52.0147 8544 p2psvc - ok
01:27:52.0194 8544 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
01:27:52.0194 8544 Parport - ok
01:27:52.0241 8544 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
01:27:52.0241 8544 partmgr - ok
01:27:52.0257 8544 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
01:27:52.0257 8544 PcaSvc - ok
01:27:52.0303 8544 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
01:27:52.0303 8544 pci - ok
01:27:52.0335 8544 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:27:52.0335 8544 pciide - ok
01:27:52.0350 8544 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
01:27:52.0366 8544 pcmcia - ok
01:27:52.0381 8544 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:27:52.0381 8544 pcw - ok
01:27:52.0413 8544 pdfcDispatcher - ok
01:27:52.0444 8544 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:27:52.0444 8544 PEAUTH - ok
01:27:52.0506 8544 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
01:27:52.0506 8544 PerfHost - ok
01:27:52.0600 8544 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
01:27:52.0631 8544 pla - ok
01:27:52.0662 8544 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
01:27:52.0678 8544 PlugPlay - ok
01:27:52.0678 8544 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
01:27:52.0678 8544 PNRPAutoReg - ok
01:27:52.0709 8544 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:27:52.0709 8544 PNRPsvc - ok
01:27:52.0740 8544 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
01:27:52.0740 8544 PolicyAgent - ok
01:27:52.0771 8544 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
01:27:52.0787 8544 Power - ok
01:27:52.0818 8544 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
01:27:52.0818 8544 PptpMiniport - ok
01:27:52.0834 8544 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
01:27:52.0849 8544 Processor - ok
01:27:52.0881 8544 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
01:27:52.0881 8544 ProfSvc - ok
01:27:52.0912 8544 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:27:52.0912 8544 ProtectedStorage - ok
01:27:52.0959 8544 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
01:27:52.0959 8544 Psched - ok
01:27:53.0021 8544 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
01:27:53.0021 8544 ql2300 - ok
01:27:53.0099 8544 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
01:27:53.0099 8544 ql40xx - ok
01:27:53.0130 8544 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
01:27:53.0130 8544 QWAVE - ok
01:27:53.0161 8544 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:27:53.0161 8544 QWAVEdrv - ok
01:27:53.0177 8544 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:27:53.0177 8544 RasAcd - ok
01:27:53.0208 8544 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:27:53.0208 8544 RasAgileVpn - ok
01:27:53.0224 8544 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
01:27:53.0224 8544 RasAuto - ok
01:27:53.0239 8544 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:27:53.0239 8544 Rasl2tp - ok
01:27:53.0271 8544 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
01:27:53.0286 8544 RasMan - ok
01:27:53.0302 8544 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:27:53.0302 8544 RasPppoe - ok
01:27:53.0317 8544 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:27:53.0317 8544 RasSstp - ok
01:27:53.0364 8544 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
01:27:53.0380 8544 rdbss - ok
01:27:53.0395 8544 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
01:27:53.0395 8544 rdpbus - ok
01:27:53.0411 8544 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:27:53.0411 8544 RDPCDD - ok
01:27:53.0458 8544 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:27:53.0458 8544 RDPENCDD - ok
01:27:53.0473 8544 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:27:53.0473 8544 RDPREFMP - ok
01:27:53.0505 8544 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
01:27:53.0505 8544 RDPWD - ok
01:27:53.0536 8544 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
01:27:53.0536 8544 rdyboost - ok
01:27:53.0551 8544 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
01:27:53.0551 8544 RemoteAccess - ok
01:27:53.0567 8544 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
01:27:53.0583 8544 RemoteRegistry - ok
01:27:53.0598 8544 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
01:27:53.0598 8544 RpcEptMapper - ok
01:27:53.0598 8544 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
01:27:53.0598 8544 RpcLocator - ok
01:27:53.0629 8544 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:27:53.0645 8544 RpcSs - ok
01:27:53.0661 8544 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:27:53.0661 8544 rspndr - ok
01:27:53.0723 8544 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
01:27:53.0723 8544 RTL8167 - ok
01:27:53.0770 8544 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:27:53.0770 8544 SamSs - ok
01:27:53.0863 8544 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
01:27:53.0863 8544 SASDIFSV - ok
01:27:53.0879 8544 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
01:27:53.0879 8544 SASKUTIL - ok
01:27:53.0941 8544 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
01:27:53.0941 8544 sbp2port - ok
01:27:53.0973 8544 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
01:27:53.0973 8544 SCardSvr - ok
01:27:54.0004 8544 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
01:27:54.0004 8544 scfilter - ok
01:27:54.0051 8544 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
01:27:54.0051 8544 Schedule - ok
01:27:54.0097 8544 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:27:54.0097 8544 SCPolicySvc - ok
01:27:54.0129 8544 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
01:27:54.0129 8544 SDRSVC - ok
01:27:54.0222 8544 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
01:27:54.0222 8544 SeaPort - ok
01:27:54.0285 8544 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:27:54.0285 8544 secdrv - ok
01:27:54.0331 8544 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
01:27:54.0331 8544 seclogon - ok
01:27:54.0347 8544 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
01:27:54.0347 8544 SENS - ok
01:27:54.0378 8544 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
01:27:54.0378 8544 SensrSvc - ok
01:27:54.0409 8544 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
01:27:54.0409 8544 Serenum - ok
01:27:54.0441 8544 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
01:27:54.0441 8544 Serial - ok
01:27:54.0456 8544 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
01:27:54.0456 8544 sermouse - ok
01:27:54.0519 8544 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
01:27:54.0519 8544 SessionEnv - ok
01:27:54.0550 8544 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
01:27:54.0550 8544 sffdisk - ok
01:27:54.0581 8544 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
01:27:54.0581 8544 sffp_mmc - ok
01:27:54.0643 8544 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
01:27:54.0643 8544 sffp_sd - ok
01:27:54.0690 8544 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
01:27:54.0706 8544 sfloppy - ok
01:27:54.0784 8544 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
01:27:54.0799 8544 Sftfs - ok
01:27:54.0877 8544 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
01:27:54.0893 8544 sftlist - ok
01:27:54.0909 8544 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
01:27:54.0909 8544 Sftplay - ok
01:27:54.0924 8544 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
01:27:54.0924 8544 Sftredir - ok
01:27:54.0924 8544 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
01:27:54.0924 8544 Sftvol - ok
01:27:54.0940 8544 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
01:27:54.0940 8544 sftvsa - ok
01:27:54.0971 8544 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
01:27:54.0971 8544 SharedAccess - ok
01:27:55.0002 8544 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
01:27:55.0002 8544 ShellHWDetection - ok
01:27:55.0018 8544 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:27:55.0018 8544 SiSRaid2 - ok
01:27:55.0018 8544 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
01:27:55.0033 8544 SiSRaid4 - ok
01:27:55.0049 8544 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:27:55.0049 8544 Smb - ok
01:27:55.0096 8544 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
01:27:55.0096 8544 SNMPTRAP - ok
01:27:55.0096 8544 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:27:55.0096 8544 spldr - ok
01:27:55.0127 8544 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
01:27:55.0127 8544 Spooler - ok
01:27:55.0283 8544 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
01:27:55.0330 8544 sppsvc - ok
01:27:55.0377 8544 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
01:27:55.0392 8544 sppuinotify - ok
01:27:55.0439 8544 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
01:27:55.0455 8544 srv - ok
01:27:55.0501 8544 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
01:27:55.0501 8544 srv2 - ok
01:27:55.0533 8544 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
01:27:55.0533 8544 srvnet - ok
01:27:55.0548 8544 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
01:27:55.0564 8544 SSDPSRV - ok
01:27:55.0579 8544 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
01:27:55.0579 8544 SstpSvc - ok
01:27:55.0595 8544 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
01:27:55.0595 8544 stexstor - ok
01:27:55.0673 8544 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
01:27:55.0673 8544 stisvc - ok
01:27:55.0720 8544 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
01:27:55.0720 8544 swenum - ok
01:27:55.0735 8544 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
01:27:55.0751 8544 swprv - ok
01:27:55.0845 8544 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
01:27:55.0860 8544 SysMain - ok
01:27:55.0938 8544 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
01:27:55.0938 8544 TabletInputService - ok
01:27:55.0969 8544 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
01:27:55.0985 8544 TapiSrv - ok
01:27:56.0001 8544 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
01:27:56.0016 8544 TBS - ok
01:27:56.0110 8544 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
01:27:56.0125 8544 Tcpip - ok
01:27:56.0250 8544 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
01:27:56.0266 8544 TCPIP6 - ok
01:27:56.0313 8544 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
01:27:56.0313 8544 tcpipreg - ok
01:27:56.0344 8544 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:27:56.0344 8544 TDPIPE - ok
01:27:56.0391 8544 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
01:27:56.0391 8544 TDTCP - ok
01:27:56.0422 8544 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
01:27:56.0422 8544 tdx - ok
01:27:56.0453 8544 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
01:27:56.0453 8544 TermDD - ok
01:27:56.0500 8544 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
01:27:56.0515 8544 TermService - ok
01:27:56.0515 8544 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
01:27:56.0531 8544 Themes - ok
01:27:56.0547 8544 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:27:56.0547 8544 THREADORDER - ok
01:27:56.0562 8544 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
01:27:56.0562 8544 TrkWks - ok
01:27:56.0593 8544 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
01:27:56.0593 8544 TrustedInstaller - ok
01:27:56.0625 8544 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:27:56.0625 8544 tssecsrv - ok
01:27:56.0640 8544 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
01:27:56.0640 8544 TsUsbFlt - ok
01:27:56.0671 8544 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
01:27:56.0687 8544 tunnel - ok
01:27:56.0703 8544 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
01:27:56.0703 8544 uagp35 - ok
01:27:56.0734 8544 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
01:27:56.0734 8544 udfs - ok
01:27:56.0749 8544 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
01:27:56.0765 8544 UI0Detect - ok
01:27:56.0781 8544 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:27:56.0796 8544 uliagpkx - ok
01:27:56.0812 8544 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
01:27:56.0812 8544 umbus - ok
01:27:56.0827 8544 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
01:27:56.0827 8544 UmPass - ok
01:27:56.0859 8544 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
01:27:56.0859 8544 upnphost - ok
01:27:56.0921 8544 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
01:27:56.0921 8544 USBAAPL64 - ok
01:27:57.0015 8544 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
01:27:57.0015 8544 usbaudio - ok
01:27:57.0046 8544 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
01:27:57.0046 8544 usbccgp - ok
01:27:57.0093 8544 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:27:57.0093 8544 usbcir - ok
01:27:57.0108 8544 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
01:27:57.0124 8544 usbehci - ok
01:27:57.0140 8544 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
01:27:57.0140 8544 usbfilter - ok
01:27:57.0155 8544 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
01:27:57.0171 8544 usbhub - ok
01:27:57.0186 8544 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
01:27:57.0186 8544 usbohci - ok
01:27:57.0202 8544 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:27:57.0202 8544 usbprint - ok
01:27:57.0218 8544 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:27:57.0218 8544 USBSTOR - ok
01:27:57.0233 8544 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
01:27:57.0233 8544 usbuhci - ok
01:27:57.0264 8544 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
01:27:57.0264 8544 usbvideo - ok
01:27:57.0280 8544 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
01:27:57.0296 8544 UxSms - ok
01:27:57.0311 8544 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:27:57.0327 8544 VaultSvc - ok
01:27:57.0358 8544 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:27:57.0358 8544 vdrvroot - ok
01:27:57.0420 8544 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
01:27:57.0436 8544 vds - ok
01:27:57.0498 8544 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:27:57.0514 8544 vga - ok
01:27:57.0530 8544 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:27:57.0530 8544 VgaSave - ok
01:27:57.0561 8544 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
01:27:57.0576 8544 vhdmp - ok
01:27:57.0592 8544 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:27:57.0592 8544 viaide - ok
01:27:57.0608 8544 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
01:27:57.0608 8544 volmgr - ok
01:27:57.0654 8544 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
01:27:57.0654 8544 volmgrx - ok
01:27:57.0701 8544 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
01:27:57.0717 8544 volsnap - ok
01:27:57.0748 8544 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
01:27:57.0748 8544 vsmraid - ok
01:27:57.0826 8544 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
01:27:57.0857 8544 VSS - ok
01:27:57.0920 8544 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:27:57.0935 8544 vwifibus - ok
01:27:57.0966 8544 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:27:57.0966 8544 vwififlt - ok
01:27:57.0998 8544 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
01:27:58.0013 8544 W32Time - ok
01:27:58.0029 8544 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
01:27:58.0044 8544 WacomPen - ok
01:27:58.0060 8544 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:27:58.0060 8544 WANARP - ok
01:27:58.0076 8544 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:27:58.0076 8544 Wanarpv6 - ok
01:27:58.0122 8544 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
01:27:58.0154 8544 WatAdminSvc - ok
01:27:58.0200 8544 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
01:27:58.0232 8544 wbengine - ok
01:27:58.0278 8544 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
01:27:58.0278 8544 WbioSrvc - ok
01:27:58.0310 8544 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
01:27:58.0325 8544 wcncsvc - ok
01:27:58.0325 8544 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
01:27:58.0341 8544 WcsPlugInService - ok
01:27:58.0341 8544 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
01:27:58.0341 8544 Wd - ok
01:27:58.0372 8544 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:27:58.0372 8544 Wdf01000 - ok
01:27:58.0388 8544 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:27:58.0403 8544 WdiServiceHost - ok
01:27:58.0403 8544 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:27:58.0403 8544 WdiSystemHost - ok
01:27:58.0419 8544 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
01:27:58.0419 8544 WebClient - ok
01:27:58.0434 8544 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
01:27:58.0434 8544 Wecsvc - ok
01:27:58.0434 8544 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
01:27:58.0450 8544 wercplsupport - ok
01:27:58.0481 8544 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
01:27:58.0481 8544 WerSvc - ok
01:27:58.0528 8544 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:27:58.0528 8544 WfpLwf - ok
01:27:58.0528 8544 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:27:58.0528 8544 WIMMount - ok
01:27:58.0575 8544 WinDefend - ok
01:27:58.0590 8544 WinHttpAutoProxySvc - ok
01:27:58.0622 8544 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
01:27:58.0637 8544 Winmgmt - ok
01:27:58.0731 8544 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
01:27:58.0762 8544 WinRM - ok
01:27:58.0871 8544 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
01:27:58.0887 8544 WinUsb - ok
01:27:58.0934 8544 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
01:27:58.0949 8544 Wlansvc - ok
01:27:59.0090 8544 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:27:59.0105 8544 wlidsvc - ok
01:27:59.0168 8544 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:27:59.0168 8544 WmiAcpi - ok
01:27:59.0230 8544 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
01:27:59.0230 8544 wmiApSrv - ok
01:27:59.0261 8544 WMPNetworkSvc - ok
01:27:59.0308 8544 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
01:27:59.0324 8544 WPCSvc - ok
01:27:59.0355 8544 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
01:27:59.0370 8544 WPDBusEnum - ok
01:27:59.0386 8544 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:27:59.0386 8544 ws2ifsl - ok
01:27:59.0402 8544 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
01:27:59.0402 8544 wscsvc - ok
01:27:59.0402 8544 WSearch - ok
01:27:59.0511 8544 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
01:27:59.0558 8544 wuauserv - ok
01:27:59.0636 8544 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
01:27:59.0636 8544 WudfPf - ok
01:27:59.0682 8544 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:27:59.0682 8544 WUDFRd - ok
01:27:59.0745 8544 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
01:27:59.0760 8544 wudfsvc - ok
01:27:59.0823 8544 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
01:27:59.0823 8544 WwanSvc - ok
01:27:59.0838 8544 MBR (0x1B8) (01c482cde853f0f78151c0e03f9d41f1) \Device\Harddisk0\DR0
01:28:00.0041 8544 \Device\Harddisk0\DR0 - ok
01:28:00.0041 8544 Boot (0x1200) (5f10a52c50becd49fee0bc8ceffac252) \Device\Harddisk0\DR0\Partition0
01:28:00.0041 8544 \Device\Harddisk0\DR0\Partition0 - ok
01:28:00.0072 8544 Boot (0x1200) (33bd82cab66fd184b6b8778e6c10a490) \Device\Harddisk0\DR0\Partition1
01:28:00.0072 8544 \Device\Harddisk0\DR0\Partition1 - ok
01:28:00.0104 8544 Boot (0x1200) (d5fd190440d236d4490554ddf7e7ff8f) \Device\Harddisk0\DR0\Partition2
01:28:00.0104 8544 \Device\Harddisk0\DR0\Partition2 - ok
01:28:00.0104 8544 ============================================================
01:28:00.0104 8544 Scan finished
01:28:00.0104 8544 ============================================================
01:28:00.0135 7692 Detected object count: 0
01:28:00.0135 7692 Actual detected object count: 0


aswMBR:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-13 01:29:39
-----------------------------
01:29:39.699 OS Version: Windows x64 6.1.7601 Service Pack 1
01:29:39.699 Number of processors: 4 586 0x403
01:29:39.699 ComputerName: RIAS-HP UserName: Ria's
01:29:44.961 Initialize success
01:30:24.994 AVAST engine defs: 12061201
01:30:33.215 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005b
01:30:33.215 Disk 0 Vendor: ST310005 HP35 Size: 953869MB BusType: 11
01:30:33.231 Disk 0 MBR read successfully
01:30:33.246 Disk 0 MBR scan
01:30:33.246 Disk 0 unknown MBR code
01:30:33.262 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
01:30:33.293 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 941398 MB offset 206848
01:30:33.324 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12369 MB offset 1928189952
01:30:33.402 Disk 0 scanning C:\Windows\system32\drivers
01:30:45.180 Service scanning
01:31:04.337 Modules scanning
01:31:04.353 Disk 0 trace - called modules:
01:31:04.368 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
01:31:04.384 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f78790]
01:31:04.384 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004fbd690]
01:31:04.400 5 amdxata.sys[fffff88000de07a8] -> nt!IofCallDriver -> \Device\0000005b[0xfffffa8005a159c0]
01:31:05.897 AVAST engine scan C:\Windows
01:31:08.268 AVAST engine scan C:\Windows\system32
01:34:50.498 AVAST engine scan C:\Windows\system32\drivers
01:35:04.484 AVAST engine scan C:\Users\Ria's
01:36:04.812 Disk 0 MBR has been saved successfully to "C:\Users\Ria's\Downloads\MBR.dat"
01:36:04.827 The log file has been saved successfully to "C:\Users\Ria's\Downloads\aswMBR.txt"

Edited by bosox1001, 13 June 2012 - 01:01 AM.


#4 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 11:28 AM

Bump please

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 PM

Posted 13 June 2012 - 12:20 PM

Thanks for the quick reply! The ESET scanner is taking extremely long, it's been stuck on 17% for nearly 20 minutes, but here are the first two logs:


Waiting for ESET log

#6 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 12:23 PM

Ok, thanks again for the reply, narenxp. Is it normal for it to take this long? either way, I'll keep it running and post when it becomes available.

Edited by bosox1001, 13 June 2012 - 12:25 PM.


#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 PM

Posted 13 June 2012 - 12:34 PM

If it takes too long try to run it in safemode with networking

#8 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 12:39 PM

Well it's still on 18%, but it found two identical threats: "a variant of Win32/Kryptik.BCY troyan"

I rebooted in safe mode with networking and am running a new ESET scan now

Edited by bosox1001, 13 June 2012 - 12:46 PM.


#9 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 01:06 PM

I've noticed that the scan seems to stall on a part where it scans Wild Games, which I do not believe is the cause of the problem. Wild Games has been installed on this computer for nearly two years, and is an online game program/shop, but I am sure it has many files and data. The scan seems to go quickly up until it reaches those files, and then takes an extended period of time without making any progress on the per cent bar, but continues to scan files.

Is there a way to skip those files, or do they need to be scanned as well, or is it impossible to not select those?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 PM

Posted 13 June 2012 - 01:20 PM

We need to wait :thumbup2:

#11 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 01:30 PM

Thanks again for your replies, it's making this a lot easier for me. Good news though, the scan has passed the Wild Games files, and is now moving on to other things and is actually getting closer to finishing! Hopefully it will be done shortly and I will post the log

#12 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 01:57 PM

Test result is finished! ESET only found this one threat this time...


C:\Users\Ria's\AppData\Roaming\netutils2.dll a variant of Win32/Ponmocup.AP trojan cleaned by deleting (after the next restart) - quarantined


But, as mentioned before, on a previous scan that I had to cancel and start in safe mode, ESET found two identical threats with the messages: ""a variant of Win32/Kryptik.BCY troyan"

I have not closed the ESET window yet, as it gives me the option to select "uninstall application on close" and "delete quarantined files" before clicking finish. What would you like me to do?

Edited by bosox1001, 13 June 2012 - 01:59 PM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:39 PM

Posted 13 June 2012 - 02:16 PM

I have not closed the ESET window yet, as it gives me the option to select "uninstall application on close" and "delete quarantined files" before clicking finish. What would you like me to do?

delete quarantined files

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#14 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 02:28 PM

Thank you, I have done the first steps, and am running a full scan of my computer using malwarebytes anti malware. Will post results when finished

#15 bosox1001

bosox1001
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:11:39 PM

Posted 13 June 2012 - 03:50 PM

Malwarbytes full scan found no threats, here is the log, and I will reboot now, run in normal mode, but do you want me to do another FULL scan, or a quick scan?


Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.13.07

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Ria's :: RIAS-HP [administrator]

Protection: Disabled

6/13/2012 3:27:34 PM
mbam-log-2012-06-13 (15-27-34).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 611847
Time elapsed: 1 hour(s), 18 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users