Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

S.M.A.R.T virus being very persistant


  • Please log in to reply
8 replies to this topic

#1 Kallor

Kallor

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:38 PM

Posted 18 June 2012 - 05:05 PM

Hello,

Yesterday my computer was attacked by the S.M.A.R.T virus, complete with the System Write Fault error boxes flooding the desktop and all of my programs being hidden, and thus far all of my efforts at getting rid of it haven't worked. I am not by any means a computer expert, but I did follow the guide for removing this virus and have so far really only succeeded in being able to unhide my icons. I do not really know how much information is needed to assist me, so I will simply give all that I have available to me.

I was able to get into Safe Mode with Networking without difficulty, and was able to download and run RKill, but it did not find any malware. It might also be important to note that the pop-ups have not happened in Safe Mode, though the icons were still hidden originally (I have since unhidden them.)I read of a similar situation in a different forum topic where the person helping stated that in cases like that they would need a closer look, so I am hoping that this post will allow that. I also ran an updated Malwarebytes full scan and found three infections, though it does not appear that Malwarebytes is able to fully remove them. I have Removed Selected multiple times after running this scan multiple times, in both Safe Mode and normal mode, though occasionally Malwarebytes finds nothing at all. I also ran a TDSSKiller scan and found nothing, though that was sort of what I expected since I have had none of the google redirecting problems mentioned.

I hope this is enough information to get started. I did not include any logs, as I really do not know what is relevant, so I will wait until asked for each log specifically. Any help would be greatly appreciated!

BC AdBot (Login to Remove)

 


#2 Kallor

Kallor
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:38 PM

Posted 18 June 2012 - 08:54 PM

Hello again,

Naturally, I only managed to make any progress removing the S.M.A.R.T virus after posting on the forum asking for help. I am remaining skeptical that the issue is fully resolved, but upon restart I am no longer flooded with message boxes, nor is there any false security alert. I ran hitman pro in safe mode and it appears to have removed the infection, as further scans of both hitman pro and malwarebytes, as well as Rkill in normal mode, have shown nothing (which is a new development.)

I realize that this is well before the estimated time by which I should expect anyone to respond to my post, but I wanted to update you on the situation prior to someone beginning helping me. I will continue to run scans to make sure that everything is in fact ok, as I suspect I may not have fully managed to kill this virus, and any help in that regard would be appreciated.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 PM

Posted 19 June 2012 - 12:32 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Please do not run any other scans unless instructed

#4 Kallor

Kallor
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:38 PM

Posted 19 June 2012 - 05:50 PM

Thank you for the quick reply. Here are the logs:

TDSSKiller log:

17:15:02.0076 5792 TDSS rootkit removing tool 2.7.40.0 Jun 15 2012 15:13:31
17:15:02.0295 5792 ============================================================
17:15:02.0295 5792 Current date / time: 2012/06/19 17:15:02.0295
17:15:02.0295 5792 SystemInfo:
17:15:02.0295 5792
17:15:02.0295 5792 OS Version: 6.1.7601 ServicePack: 1.0
17:15:02.0295 5792 Product type: Workstation
17:15:02.0295 5792 ComputerName: ERIC-PC
17:15:02.0295 5792 UserName: Eric
17:15:02.0295 5792 Windows directory: C:\Windows
17:15:02.0295 5792 System windows directory: C:\Windows
17:15:02.0295 5792 Running under WOW64
17:15:02.0295 5792 Processor architecture: Intel x64
17:15:02.0295 5792 Number of processors: 8
17:15:02.0295 5792 Page size: 0x1000
17:15:02.0295 5792 Boot type: Normal boot
17:15:02.0295 5792 ============================================================
17:15:02.0669 5792 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:15:02.0685 5792 ============================================================
17:15:02.0685 5792 \Device\Harddisk0\DR0:
17:15:02.0685 5792 MBR partitions:
17:15:02.0685 5792 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1378000
17:15:02.0685 5792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x138C000, BlocksNum 0x240A2000
17:15:02.0685 5792 ============================================================
17:15:02.0700 5792 C: <-> \Device\Harddisk0\DR0\Partition1
17:15:02.0700 5792 ============================================================
17:15:02.0700 5792 Initialize success
17:15:02.0700 5792 ============================================================
17:15:23.0448 3752 ============================================================
17:15:23.0448 3752 Scan started
17:15:23.0448 3752 Mode: Manual; TDLFS;
17:15:23.0448 3752 ============================================================
17:15:24.0010 3752 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:15:24.0025 3752 1394ohci - ok
17:15:24.0041 3752 Acceler (7a505465bbb1eb8b5ad4d76e8749383b) C:\Windows\system32\DRIVERS\Accelern.sys
17:15:24.0057 3752 Acceler - ok
17:15:24.0088 3752 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:15:24.0103 3752 ACPI - ok
17:15:24.0119 3752 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:15:24.0119 3752 AcpiPmi - ok
17:15:24.0244 3752 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:15:24.0244 3752 AdobeARMservice - ok
17:15:24.0353 3752 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:15:24.0353 3752 AdobeFlashPlayerUpdateSvc - ok
17:15:24.0400 3752 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
17:15:24.0415 3752 adp94xx - ok
17:15:24.0478 3752 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
17:15:24.0493 3752 adpahci - ok
17:15:24.0509 3752 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
17:15:24.0525 3752 adpu320 - ok
17:15:24.0556 3752 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:15:24.0556 3752 AeLookupSvc - ok
17:15:24.0634 3752 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
17:15:24.0649 3752 AESTFilters - ok
17:15:24.0712 3752 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:15:24.0743 3752 AFD - ok
17:15:24.0774 3752 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:15:24.0774 3752 agp440 - ok
17:15:24.0790 3752 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:15:24.0790 3752 ALG - ok
17:15:24.0837 3752 AlienFusionService (4cfc72ae6c0ed4a04cb6042ae94024a9) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
17:15:24.0837 3752 AlienFusionService - ok
17:15:24.0868 3752 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:15:24.0868 3752 aliide - ok
17:15:24.0883 3752 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:15:24.0883 3752 amdide - ok
17:15:24.0915 3752 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
17:15:24.0915 3752 AmdK8 - ok
17:15:24.0930 3752 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
17:15:24.0930 3752 AmdPPM - ok
17:15:24.0977 3752 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:15:24.0977 3752 amdsata - ok
17:15:25.0008 3752 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
17:15:25.0024 3752 amdsbs - ok
17:15:25.0039 3752 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:15:25.0039 3752 amdxata - ok
17:15:25.0071 3752 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:15:25.0071 3752 AppID - ok
17:15:25.0102 3752 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:15:25.0102 3752 AppIDSvc - ok
17:15:25.0117 3752 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:15:25.0117 3752 Appinfo - ok
17:15:25.0133 3752 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
17:15:25.0133 3752 arc - ok
17:15:25.0149 3752 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
17:15:25.0164 3752 arcsas - ok
17:15:25.0507 3752 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:15:25.0507 3752 aspnet_state - ok
17:15:25.0523 3752 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:15:25.0523 3752 AsyncMac - ok
17:15:25.0570 3752 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:15:25.0570 3752 atapi - ok
17:15:25.0632 3752 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:15:25.0663 3752 AudioEndpointBuilder - ok
17:15:25.0679 3752 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:15:25.0679 3752 AudioSrv - ok
17:15:25.0695 3752 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:15:25.0710 3752 AxInstSV - ok
17:15:25.0757 3752 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
17:15:25.0773 3752 b06bdrv - ok
17:15:25.0819 3752 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:15:25.0835 3752 b57nd60a - ok
17:15:26.0303 3752 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:15:26.0303 3752 BCM43XX - ok
17:15:26.0443 3752 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:15:26.0443 3752 BDESVC - ok
17:15:26.0459 3752 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:15:26.0475 3752 Beep - ok
17:15:26.0599 3752 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
17:15:26.0599 3752 BingDesktopUpdate - ok
17:15:26.0662 3752 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:15:26.0724 3752 BITS - ok
17:15:26.0755 3752 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:15:26.0755 3752 blbdrive - ok
17:15:26.0787 3752 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:15:26.0787 3752 bowser - ok
17:15:26.0818 3752 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
17:15:26.0818 3752 BrFiltLo - ok
17:15:26.0818 3752 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
17:15:26.0833 3752 BrFiltUp - ok
17:15:26.0865 3752 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:15:26.0865 3752 Browser - ok
17:15:26.0896 3752 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:15:26.0911 3752 Brserid - ok
17:15:26.0927 3752 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:15:26.0927 3752 BrSerWdm - ok
17:15:26.0943 3752 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:15:26.0943 3752 BrUsbMdm - ok
17:15:26.0958 3752 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:15:26.0958 3752 BrUsbSer - ok
17:15:27.0005 3752 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
17:15:27.0005 3752 BthEnum - ok
17:15:27.0036 3752 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
17:15:27.0036 3752 BTHMODEM - ok
17:15:27.0067 3752 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
17:15:27.0067 3752 BthPan - ok
17:15:27.0114 3752 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
17:15:27.0161 3752 BTHPORT - ok
17:15:27.0192 3752 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:15:27.0192 3752 bthserv - ok
17:15:27.0208 3752 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
17:15:27.0208 3752 BTHUSB - ok
17:15:27.0239 3752 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys
17:15:27.0239 3752 btwampfl - ok
17:15:27.0270 3752 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\drivers\btwavdt.sys
17:15:27.0270 3752 btwavdt - ok
17:15:27.0286 3752 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\drivers\btwrchid.sys
17:15:27.0286 3752 btwrchid - ok
17:15:27.0317 3752 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:15:27.0317 3752 cdfs - ok
17:15:27.0348 3752 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:15:27.0364 3752 cdrom - ok
17:15:27.0379 3752 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:15:27.0395 3752 CertPropSvc - ok
17:15:27.0411 3752 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
17:15:27.0411 3752 circlass - ok
17:15:27.0442 3752 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:15:27.0442 3752 CLFS - ok
17:15:27.0535 3752 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:15:27.0535 3752 clr_optimization_v2.0.50727_32 - ok
17:15:27.0598 3752 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:15:27.0598 3752 clr_optimization_v2.0.50727_64 - ok
17:15:27.0660 3752 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:15:27.0660 3752 clr_optimization_v4.0.30319_32 - ok
17:15:27.0691 3752 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:15:27.0691 3752 clr_optimization_v4.0.30319_64 - ok
17:15:27.0707 3752 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:15:27.0723 3752 CmBatt - ok
17:15:27.0723 3752 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:15:27.0738 3752 cmdide - ok
17:15:27.0785 3752 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:15:27.0801 3752 CNG - ok
17:15:27.0832 3752 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:15:27.0832 3752 Compbatt - ok
17:15:27.0863 3752 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:15:27.0863 3752 CompositeBus - ok
17:15:27.0879 3752 COMSysApp - ok
17:15:27.0894 3752 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
17:15:27.0894 3752 crcdisk - ok
17:15:27.0925 3752 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
17:15:27.0941 3752 CryptSvc - ok
17:15:27.0988 3752 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:15:28.0003 3752 CtClsFlt - ok
17:15:28.0050 3752 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:15:28.0050 3752 DcomLaunch - ok
17:15:28.0128 3752 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:15:28.0144 3752 defragsvc - ok
17:15:28.0159 3752 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:15:28.0159 3752 DfsC - ok
17:15:28.0206 3752 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:15:28.0206 3752 Dhcp - ok
17:15:28.0237 3752 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:15:28.0237 3752 discache - ok
17:15:28.0253 3752 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
17:15:28.0253 3752 Disk - ok
17:15:28.0284 3752 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:15:28.0300 3752 Dnscache - ok
17:15:28.0331 3752 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:15:28.0347 3752 dot3svc - ok
17:15:28.0378 3752 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:15:28.0378 3752 DPS - ok
17:15:28.0409 3752 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:15:28.0409 3752 drmkaud - ok
17:15:28.0471 3752 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:15:28.0518 3752 DXGKrnl - ok
17:15:28.0549 3752 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:15:28.0565 3752 EapHost - ok
17:15:28.0737 3752 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
17:15:28.0799 3752 ebdrv - ok
17:15:28.0893 3752 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:15:28.0908 3752 EFS - ok
17:15:28.0971 3752 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:15:28.0971 3752 ehRecvr - ok
17:15:28.0986 3752 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:15:28.0986 3752 ehSched - ok
17:15:29.0049 3752 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
17:15:29.0095 3752 elxstor - ok
17:15:29.0127 3752 EMSC (e47d9d7e6e53892fc97282482f4ae307) C:\Windows\system32\DRIVERS\EMSC.SYS
17:15:29.0127 3752 EMSC - ok
17:15:29.0142 3752 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:15:29.0142 3752 ErrDev - ok
17:15:29.0173 3752 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:15:29.0173 3752 EventSystem - ok
17:15:29.0205 3752 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:15:29.0205 3752 exfat - ok
17:15:29.0236 3752 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:15:29.0236 3752 fastfat - ok
17:15:29.0298 3752 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:15:29.0345 3752 Fax - ok
17:15:29.0361 3752 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
17:15:29.0361 3752 fdc - ok
17:15:29.0376 3752 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:15:29.0376 3752 fdPHost - ok
17:15:29.0392 3752 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:15:29.0392 3752 FDResPub - ok
17:15:29.0423 3752 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:15:29.0423 3752 FileInfo - ok
17:15:29.0439 3752 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:15:29.0439 3752 Filetrace - ok
17:15:29.0454 3752 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
17:15:29.0454 3752 flpydisk - ok
17:15:29.0485 3752 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:15:29.0501 3752 FltMgr - ok
17:15:29.0579 3752 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:15:29.0626 3752 FontCache - ok
17:15:29.0688 3752 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:15:29.0688 3752 FontCache3.0.0.0 - ok
17:15:29.0719 3752 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:15:29.0719 3752 FsDepends - ok
17:15:29.0751 3752 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:15:29.0751 3752 Fs_Rec - ok
17:15:29.0782 3752 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:15:29.0797 3752 fvevol - ok
17:15:29.0813 3752 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
17:15:29.0813 3752 gagp30kx - ok
17:15:29.0860 3752 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:15:29.0922 3752 gpsvc - ok
17:15:30.0047 3752 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:30.0047 3752 gupdate - ok
17:15:30.0078 3752 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:30.0078 3752 gupdatem - ok
17:15:30.0094 3752 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:15:30.0110 3752 gusvc - ok
17:15:30.0156 3752 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:15:30.0156 3752 hcw85cir - ok
17:15:30.0172 3752 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:15:30.0172 3752 HDAudBus - ok
17:15:30.0188 3752 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
17:15:30.0188 3752 HidBatt - ok
17:15:30.0203 3752 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
17:15:30.0219 3752 HidBth - ok
17:15:30.0250 3752 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
17:15:30.0250 3752 HidIr - ok
17:15:30.0266 3752 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:15:30.0266 3752 hidserv - ok
17:15:30.0312 3752 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
17:15:30.0312 3752 HidUsb - ok
17:15:30.0390 3752 HitmanProScheduler (7eeab103b4d0d4844a90b0a11f9f95a0) C:\Program Files\HitmanPro\hmpsched.exe
17:15:30.0390 3752 HitmanProScheduler - ok
17:15:30.0406 3752 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:15:30.0406 3752 hkmsvc - ok
17:15:30.0453 3752 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:15:30.0453 3752 HomeGroupListener - ok
17:15:30.0484 3752 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:15:30.0500 3752 HomeGroupProvider - ok
17:15:30.0515 3752 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:15:30.0531 3752 HpSAMD - ok
17:15:30.0578 3752 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:15:30.0609 3752 HTTP - ok
17:15:30.0624 3752 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:15:30.0624 3752 hwpolicy - ok
17:15:30.0656 3752 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:15:30.0656 3752 i8042prt - ok
17:15:30.0702 3752 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
17:15:30.0718 3752 iaStor - ok
17:15:30.0780 3752 IAStorDataMgrSvc (b25f192ea1f84a316eb7c19efcccf33d) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:15:30.0780 3752 IAStorDataMgrSvc - ok
17:15:30.0812 3752 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:15:30.0827 3752 iaStorV - ok
17:15:30.0905 3752 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:15:30.0905 3752 IDriverT - ok
17:15:31.0014 3752 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:15:31.0014 3752 idsvc - ok
17:15:31.0763 3752 igfx (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:15:31.0982 3752 igfx - ok
17:15:32.0138 3752 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
17:15:32.0138 3752 iirsp - ok
17:15:32.0216 3752 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:15:32.0262 3752 IKEEXT - ok
17:15:32.0294 3752 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
17:15:32.0294 3752 Impcd - ok
17:15:32.0340 3752 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:15:32.0340 3752 IntcDAud - ok
17:15:32.0372 3752 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:15:32.0372 3752 intelide - ok
17:15:32.0372 3752 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:15:32.0372 3752 intelppm - ok
17:15:32.0403 3752 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:15:32.0418 3752 IPBusEnum - ok
17:15:32.0434 3752 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:15:32.0434 3752 IpFilterDriver - ok
17:15:32.0450 3752 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:15:32.0450 3752 IPMIDRV - ok
17:15:32.0481 3752 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:15:32.0481 3752 IPNAT - ok
17:15:32.0481 3752 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:15:32.0481 3752 IRENUM - ok
17:15:32.0512 3752 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:15:32.0512 3752 isapnp - ok
17:15:32.0543 3752 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:15:32.0559 3752 iScsiPrt - ok
17:15:32.0574 3752 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:15:32.0574 3752 kbdclass - ok
17:15:32.0590 3752 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
17:15:32.0590 3752 kbdhid - ok
17:15:32.0621 3752 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:15:32.0621 3752 KeyIso - ok
17:15:32.0637 3752 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:15:32.0637 3752 KSecDD - ok
17:15:32.0668 3752 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:15:32.0668 3752 KSecPkg - ok
17:15:32.0684 3752 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:15:32.0684 3752 ksthunk - ok
17:15:32.0730 3752 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:15:32.0730 3752 KtmRm - ok
17:15:32.0777 3752 L1C (ebed8b3ff4a823c1a6eebeed7b29353f) C:\Windows\system32\DRIVERS\L1C62x64.sys
17:15:32.0777 3752 L1C - ok
17:15:32.0808 3752 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:15:32.0824 3752 LanmanServer - ok
17:15:32.0840 3752 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:15:32.0840 3752 LanmanWorkstation - ok
17:15:32.0886 3752 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:15:32.0886 3752 lltdio - ok
17:15:32.0918 3752 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:15:32.0933 3752 lltdsvc - ok
17:15:32.0949 3752 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:15:32.0949 3752 lmhosts - ok
17:15:32.0996 3752 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
17:15:32.0996 3752 LSI_FC - ok
17:15:33.0027 3752 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
17:15:33.0027 3752 LSI_SAS - ok
17:15:33.0058 3752 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
17:15:33.0058 3752 LSI_SAS2 - ok
17:15:33.0074 3752 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
17:15:33.0089 3752 LSI_SCSI - ok
17:15:33.0105 3752 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:15:33.0105 3752 luafv - ok
17:15:33.0167 3752 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
17:15:33.0167 3752 MBAMProtector - ok
17:15:33.0261 3752 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:15:33.0261 3752 MBAMService - ok
17:15:33.0308 3752 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:15:33.0308 3752 Mcx2Svc - ok
17:15:33.0323 3752 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
17:15:33.0323 3752 megasas - ok
17:15:33.0370 3752 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
17:15:33.0370 3752 MegaSR - ok
17:15:33.0401 3752 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
17:15:33.0401 3752 MEIx64 - ok
17:15:33.0448 3752 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:15:33.0448 3752 MMCSS - ok
17:15:33.0464 3752 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:15:33.0464 3752 Modem - ok
17:15:33.0479 3752 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:15:33.0479 3752 monitor - ok
17:15:33.0510 3752 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:15:33.0510 3752 mouclass - ok
17:15:33.0542 3752 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:15:33.0542 3752 mouhid - ok
17:15:33.0557 3752 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:15:33.0557 3752 mountmgr - ok
17:15:33.0573 3752 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:15:33.0588 3752 mpio - ok
17:15:33.0604 3752 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:15:33.0604 3752 mpsdrv - ok
17:15:33.0620 3752 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:15:33.0620 3752 MRxDAV - ok
17:15:33.0651 3752 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:15:33.0651 3752 mrxsmb - ok
17:15:33.0698 3752 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:15:33.0698 3752 mrxsmb10 - ok
17:15:33.0729 3752 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:15:33.0729 3752 mrxsmb20 - ok
17:15:33.0760 3752 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:15:33.0760 3752 msahci - ok
17:15:33.0776 3752 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:15:33.0776 3752 msdsm - ok
17:15:33.0822 3752 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:15:33.0822 3752 MSDTC - ok
17:15:33.0838 3752 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:15:33.0854 3752 Msfs - ok
17:15:33.0869 3752 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:15:33.0869 3752 mshidkmdf - ok
17:15:33.0885 3752 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:15:33.0885 3752 msisadrv - ok
17:15:33.0916 3752 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:15:33.0932 3752 MSiSCSI - ok
17:15:33.0932 3752 msiserver - ok
17:15:33.0947 3752 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:15:33.0963 3752 MSKSSRV - ok
17:15:33.0963 3752 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:15:33.0963 3752 MSPCLOCK - ok
17:15:33.0963 3752 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:15:33.0963 3752 MSPQM - ok
17:15:33.0994 3752 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:15:34.0010 3752 MsRPC - ok
17:15:34.0025 3752 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:15:34.0025 3752 mssmbios - ok
17:15:34.0041 3752 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:15:34.0041 3752 MSTEE - ok
17:15:34.0056 3752 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
17:15:34.0056 3752 MTConfig - ok
17:15:34.0072 3752 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:15:34.0072 3752 Mup - ok
17:15:34.0119 3752 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:15:34.0134 3752 napagent - ok
17:15:34.0166 3752 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:15:34.0181 3752 NativeWifiP - ok
17:15:34.0259 3752 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
17:15:34.0275 3752 NDIS - ok
17:15:34.0306 3752 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:15:34.0306 3752 NdisCap - ok
17:15:34.0337 3752 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:15:34.0337 3752 NdisTapi - ok
17:15:34.0368 3752 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:15:34.0368 3752 Ndisuio - ok
17:15:34.0384 3752 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:15:34.0400 3752 NdisWan - ok
17:15:34.0415 3752 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:15:34.0415 3752 NDProxy - ok
17:15:34.0431 3752 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:15:34.0431 3752 NetBIOS - ok
17:15:34.0462 3752 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:15:34.0478 3752 NetBT - ok
17:15:34.0509 3752 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:15:34.0509 3752 Netlogon - ok
17:15:34.0556 3752 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:15:34.0571 3752 Netman - ok
17:15:34.0649 3752 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:15:34.0665 3752 NetMsmqActivator - ok
17:15:34.0665 3752 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:15:34.0665 3752 NetPipeActivator - ok
17:15:34.0696 3752 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:15:34.0712 3752 netprofm - ok
17:15:34.0727 3752 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:15:34.0727 3752 NetTcpActivator - ok
17:15:34.0727 3752 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:15:34.0727 3752 NetTcpPortSharing - ok
17:15:34.0774 3752 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
17:15:34.0774 3752 nfrd960 - ok
17:15:34.0805 3752 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:15:34.0821 3752 NlaSvc - ok
17:15:34.0836 3752 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:15:34.0836 3752 Npfs - ok
17:15:34.0852 3752 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:15:34.0852 3752 nsi - ok
17:15:34.0868 3752 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:15:34.0868 3752 nsiproxy - ok
17:15:34.0961 3752 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:15:35.0039 3752 Ntfs - ok
17:15:35.0133 3752 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:15:35.0133 3752 Null - ok
17:15:35.0164 3752 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys
17:15:35.0164 3752 nusb3hub - ok
17:15:35.0195 3752 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:15:35.0211 3752 nusb3xhc - ok
17:15:35.0819 3752 nvlddmkm (99674f4fba8c07eafa9ca8d192977562) C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:15:35.0882 3752 nvlddmkm - ok
17:15:36.0006 3752 nvpciflt (408da881029f8c7d59d3ae6f2826eeae) C:\Windows\system32\DRIVERS\nvpciflt.sys
17:15:36.0006 3752 nvpciflt - ok
17:15:36.0116 3752 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:15:36.0116 3752 nvraid - ok
17:15:36.0162 3752 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:15:36.0178 3752 nvstor - ok
17:15:36.0256 3752 NVSvc (2d8862010d4e04e3fa97d2a42644ab4a) C:\Windows\system32\nvvsvc.exe
17:15:36.0256 3752 NVSvc - ok
17:15:36.0412 3752 nvUpdatusService (2388ee087548c1ec8b0c717a6ef36a79) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
17:15:36.0412 3752 nvUpdatusService - ok
17:15:36.0568 3752 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:15:36.0568 3752 nv_agp - ok
17:15:36.0584 3752 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:15:36.0584 3752 ohci1394 - ok
17:15:36.0630 3752 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:15:36.0646 3752 p2pimsvc - ok
17:15:36.0677 3752 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:15:36.0693 3752 p2psvc - ok
17:15:36.0708 3752 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
17:15:36.0724 3752 Parport - ok
17:15:36.0755 3752 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:15:36.0755 3752 partmgr - ok
17:15:36.0771 3752 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:15:36.0786 3752 PcaSvc - ok
17:15:36.0818 3752 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:15:36.0864 3752 pci - ok
17:15:36.0880 3752 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:15:36.0896 3752 pciide - ok
17:15:36.0911 3752 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
17:15:36.0927 3752 pcmcia - ok
17:15:36.0989 3752 PCTCore (876fd95b7a3b7fe6179fbd16e7a6486c) C:\Windows\system32\drivers\PCTCore64.sys
17:15:36.0989 3752 PCTCore - ok
17:15:37.0005 3752 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:15:37.0005 3752 pcw - ok
17:15:37.0052 3752 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:15:37.0067 3752 PEAUTH - ok
17:15:37.0145 3752 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:15:37.0145 3752 PerfHost - ok
17:15:37.0223 3752 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:15:37.0254 3752 pla - ok
17:15:37.0301 3752 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:15:37.0317 3752 PlugPlay - ok
17:15:37.0332 3752 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:15:37.0332 3752 PNRPAutoReg - ok
17:15:37.0348 3752 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:15:37.0364 3752 PNRPsvc - ok
17:15:37.0410 3752 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:15:37.0426 3752 PolicyAgent - ok
17:15:37.0473 3752 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:15:37.0473 3752 Power - ok
17:15:37.0535 3752 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:15:37.0551 3752 PptpMiniport - ok
17:15:37.0551 3752 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
17:15:37.0551 3752 Processor - ok
17:15:37.0582 3752 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
17:15:37.0582 3752 ProfSvc - ok
17:15:37.0629 3752 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:15:37.0629 3752 ProtectedStorage - ok
17:15:37.0660 3752 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:15:37.0660 3752 Psched - ok
17:15:37.0722 3752 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
17:15:37.0722 3752 PSI - ok
17:15:37.0769 3752 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:15:37.0769 3752 PxHlpa64 - ok
17:15:37.0863 3752 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
17:15:37.0894 3752 ql2300 - ok
17:15:37.0988 3752 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
17:15:38.0003 3752 ql40xx - ok
17:15:38.0034 3752 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:15:38.0050 3752 QWAVE - ok
17:15:38.0066 3752 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:15:38.0066 3752 QWAVEdrv - ok
17:15:38.0066 3752 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:15:38.0066 3752 RasAcd - ok
17:15:38.0097 3752 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:15:38.0112 3752 RasAgileVpn - ok
17:15:38.0128 3752 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:15:38.0128 3752 RasAuto - ok
17:15:38.0144 3752 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:15:38.0159 3752 Rasl2tp - ok
17:15:38.0206 3752 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:15:38.0222 3752 RasMan - ok
17:15:38.0253 3752 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:15:38.0253 3752 RasPppoe - ok
17:15:38.0268 3752 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:15:38.0268 3752 RasSstp - ok
17:15:38.0300 3752 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:15:38.0300 3752 rdbss - ok
17:15:38.0315 3752 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
17:15:38.0331 3752 rdpbus - ok
17:15:38.0346 3752 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:15:38.0346 3752 RDPCDD - ok
17:15:38.0362 3752 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:15:38.0362 3752 RDPENCDD - ok
17:15:38.0378 3752 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:15:38.0378 3752 RDPREFMP - ok
17:15:38.0424 3752 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
17:15:38.0424 3752 RDPWD - ok
17:15:38.0456 3752 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:15:38.0471 3752 rdyboost - ok
17:15:38.0502 3752 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:15:38.0502 3752 RemoteAccess - ok
17:15:38.0534 3752 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:15:38.0534 3752 RemoteRegistry - ok
17:15:38.0580 3752 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
17:15:38.0580 3752 RFCOMM - ok
17:15:38.0736 3752 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:15:38.0752 3752 RoxMediaDB12OEM - ok
17:15:38.0799 3752 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:15:38.0799 3752 RoxWatch12 - ok
17:15:38.0908 3752 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:15:38.0924 3752 RpcEptMapper - ok
17:15:38.0939 3752 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:15:38.0955 3752 RpcLocator - ok
17:15:38.0986 3752 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:15:38.0986 3752 RpcSs - ok
17:15:39.0048 3752 RSPCIESTOR (85b325723f67ef80927326fd7eb1cc10) C:\Windows\system32\DRIVERS\RtsPStor.sys
17:15:39.0064 3752 RSPCIESTOR - ok
17:15:39.0095 3752 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:15:39.0095 3752 rspndr - ok
17:15:39.0126 3752 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:15:39.0126 3752 SamSs - ok
17:15:39.0142 3752 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:15:39.0142 3752 sbp2port - ok
17:15:39.0173 3752 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:15:39.0173 3752 SCardSvr - ok
17:15:39.0189 3752 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:15:39.0204 3752 scfilter - ok
17:15:39.0267 3752 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:15:39.0282 3752 Schedule - ok
17:15:39.0314 3752 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:15:39.0314 3752 SCPolicySvc - ok
17:15:39.0329 3752 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
17:15:39.0345 3752 sdbus - ok
17:15:39.0360 3752 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:15:39.0376 3752 SDRSVC - ok
17:15:39.0407 3752 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:15:39.0407 3752 secdrv - ok
17:15:39.0423 3752 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:15:39.0423 3752 seclogon - ok
17:15:39.0626 3752 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:15:39.0626 3752 Secunia PSI Agent - ok
17:15:39.0704 3752 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe
17:15:39.0704 3752 Secunia Update Agent - ok
17:15:39.0813 3752 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:15:39.0813 3752 SENS - ok
17:15:39.0828 3752 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:15:39.0828 3752 SensrSvc - ok
17:15:39.0875 3752 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
17:15:39.0875 3752 Serenum - ok
17:15:39.0906 3752 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
17:15:39.0906 3752 Serial - ok
17:15:39.0922 3752 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
17:15:39.0938 3752 sermouse - ok
17:15:39.0969 3752 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:15:39.0984 3752 SessionEnv - ok
17:15:39.0984 3752 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:15:40.0000 3752 sffdisk - ok
17:15:40.0000 3752 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:15:40.0000 3752 sffp_mmc - ok
17:15:40.0016 3752 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:15:40.0031 3752 sffp_sd - ok
17:15:40.0031 3752 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
17:15:40.0031 3752 sfloppy - ok
17:15:40.0156 3752 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\AlienRespawn\sftservice.EXE
17:15:40.0156 3752 SftService - ok
17:15:40.0312 3752 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:15:40.0328 3752 SharedAccess - ok
17:15:40.0374 3752 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:15:40.0390 3752 ShellHWDetection - ok
17:15:40.0421 3752 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
17:15:40.0421 3752 SiSRaid2 - ok
17:15:40.0437 3752 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
17:15:40.0437 3752 SiSRaid4 - ok
17:15:40.0468 3752 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:15:40.0468 3752 Smb - ok
17:15:40.0484 3752 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:15:40.0484 3752 SNMPTRAP - ok
17:15:40.0499 3752 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:15:40.0499 3752 spldr - ok
17:15:40.0546 3752 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:15:40.0562 3752 Spooler - ok
17:15:40.0749 3752 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:15:40.0796 3752 sppsvc - ok
17:15:40.0905 3752 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:15:40.0920 3752 sppuinotify - ok
17:15:40.0952 3752 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:15:40.0967 3752 srv - ok
17:15:40.0998 3752 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:15:41.0045 3752 srv2 - ok
17:15:41.0076 3752 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:15:41.0092 3752 srvnet - ok
17:15:41.0123 3752 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:15:41.0139 3752 SSDPSRV - ok
17:15:41.0154 3752 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:15:41.0154 3752 SstpSvc - ok
17:15:41.0279 3752 STacSV (e82994866a370a480607637f28b82835) C:\Program Files\IDT\WDM\STacSV64.exe
17:15:41.0279 3752 STacSV - ok
17:15:41.0295 3752 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys
17:15:41.0310 3752 stdcfltn - ok
17:15:41.0342 3752 Steam Client Service - ok
17:15:41.0388 3752 Stereo Service (95f9eeb717a80970378d8587a55af0f1) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:15:41.0388 3752 Stereo Service - ok
17:15:41.0420 3752 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
17:15:41.0420 3752 stexstor - ok
17:15:41.0451 3752 STHDA (3ad0ed8b19cd76d2254de5fb298e3c26) C:\Windows\system32\DRIVERS\stwrt64.sys
17:15:41.0451 3752 STHDA - ok
17:15:41.0498 3752 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:15:41.0529 3752 stisvc - ok
17:15:41.0576 3752 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:15:41.0576 3752 stllssvr - ok
17:15:41.0591 3752 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:15:41.0591 3752 swenum - ok
17:15:41.0638 3752 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:15:41.0654 3752 swprv - ok
17:15:41.0747 3752 SynTP (d8205430cfd64fdb7d691d3bb74fd18f) C:\Windows\system32\DRIVERS\SynTP.sys
17:15:41.0778 3752 SynTP - ok
17:15:41.0950 3752 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:15:41.0966 3752 SysMain - ok
17:15:42.0012 3752 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:15:42.0028 3752 TabletInputService - ok
17:15:42.0044 3752 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:15:42.0059 3752 TapiSrv - ok
17:15:42.0075 3752 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:15:42.0075 3752 TBS - ok
17:15:42.0215 3752 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:15:42.0215 3752 Tcpip - ok
17:15:42.0418 3752 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:15:42.0434 3752 TCPIP6 - ok
17:15:42.0543 3752 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:15:42.0543 3752 tcpipreg - ok
17:15:42.0558 3752 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:15:42.0574 3752 TDPIPE - ok
17:15:42.0605 3752 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:15:42.0605 3752 TDTCP - ok
17:15:42.0621 3752 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:15:42.0621 3752 tdx - ok
17:15:42.0652 3752 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
17:15:42.0652 3752 TermDD - ok
17:15:42.0699 3752 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:15:42.0730 3752 TermService - ok
17:15:42.0746 3752 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:15:42.0746 3752 Themes - ok
17:15:42.0777 3752 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:15:42.0777 3752 THREADORDER - ok
17:15:42.0792 3752 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:15:42.0792 3752 TrkWks - ok
17:15:42.0824 3752 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:15:42.0839 3752 TrustedInstaller - ok
17:15:42.0839 3752 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:15:42.0855 3752 tssecsrv - ok
17:15:42.0886 3752 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:15:42.0886 3752 TsUsbFlt - ok
17:15:42.0886 3752 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
17:15:42.0886 3752 TsUsbGD - ok
17:15:42.0933 3752 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:15:42.0933 3752 tunnel - ok
17:15:42.0948 3752 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
17:15:42.0948 3752 uagp35 - ok
17:15:42.0980 3752 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:15:42.0995 3752 udfs - ok
17:15:43.0026 3752 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:15:43.0026 3752 UI0Detect - ok
17:15:43.0042 3752 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:15:43.0058 3752 uliagpkx - ok
17:15:43.0073 3752 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:15:43.0073 3752 umbus - ok
17:15:43.0089 3752 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
17:15:43.0104 3752 UmPass - ok
17:15:43.0120 3752 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:15:43.0136 3752 upnphost - ok
17:15:43.0167 3752 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
17:15:43.0167 3752 usbccgp - ok
17:15:43.0182 3752 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:15:43.0182 3752 usbcir - ok
17:15:43.0214 3752 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
17:15:43.0214 3752 usbehci - ok
17:15:43.0245 3752 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
17:15:43.0260 3752 usbhub - ok
17:15:43.0276 3752 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
17:15:43.0276 3752 usbohci - ok
17:15:43.0292 3752 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
17:15:43.0292 3752 usbprint - ok
17:15:43.0323 3752 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
17:15:43.0323 3752 USBSTOR - ok
17:15:43.0338 3752 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:15:43.0338 3752 usbuhci - ok
17:15:43.0385 3752 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
17:15:43.0401 3752 usbvideo - ok
17:15:43.0416 3752 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:15:43.0416 3752 UxSms - ok
17:15:43.0448 3752 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:15:43.0448 3752 VaultSvc - ok
17:15:43.0463 3752 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:15:43.0463 3752 vdrvroot - ok
17:15:43.0510 3752 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:15:43.0526 3752 vds - ok
17:15:43.0541 3752 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:15:43.0541 3752 vga - ok
17:15:43.0557 3752 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:15:43.0557 3752 VgaSave - ok
17:15:43.0588 3752 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:15:43.0604 3752 vhdmp - ok
17:15:43.0619 3752 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:15:43.0635 3752 viaide - ok
17:15:43.0650 3752 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:15:43.0650 3752 volmgr - ok
17:15:43.0682 3752 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:15:43.0697 3752 volmgrx - ok
17:15:43.0728 3752 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:15:43.0728 3752 volsnap - ok
17:15:43.0760 3752 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
17:15:43.0775 3752 vsmraid - ok
17:15:43.0869 3752 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:15:43.0900 3752 VSS - ok
17:15:43.0994 3752 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:15:43.0994 3752 vwifibus - ok
17:15:44.0009 3752 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:15:44.0025 3752 vwififlt - ok
17:15:44.0056 3752 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:15:44.0056 3752 W32Time - ok
17:15:44.0072 3752 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
17:15:44.0072 3752 WacomPen - ok
17:15:44.0103 3752 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:15:44.0103 3752 WANARP - ok
17:15:44.0103 3752 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:15:44.0103 3752 Wanarpv6 - ok
17:15:44.0181 3752 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:15:44.0228 3752 WatAdminSvc - ok
17:15:44.0321 3752 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:15:44.0337 3752 wbengine - ok
17:15:44.0415 3752 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:15:44.0415 3752 WbioSrvc - ok
17:15:44.0446 3752 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:15:44.0462 3752 wcncsvc - ok
17:15:44.0477 3752 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:15:44.0477 3752 WcsPlugInService - ok
17:15:44.0508 3752 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
17:15:44.0524 3752 Wd - ok
17:15:44.0555 3752 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:15:44.0586 3752 Wdf01000 - ok
17:15:44.0602 3752 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:15:44.0618 3752 WdiServiceHost - ok
17:15:44.0618 3752 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:15:44.0618 3752 WdiSystemHost - ok
17:15:44.0649 3752 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:15:44.0664 3752 WebClient - ok
17:15:44.0696 3752 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:15:44.0711 3752 Wecsvc - ok
17:15:44.0727 3752 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:15:44.0727 3752 wercplsupport - ok
17:15:44.0758 3752 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:15:44.0758 3752 WerSvc - ok
17:15:44.0789 3752 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:15:44.0789 3752 WfpLwf - ok
17:15:44.0852 3752 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
17:15:44.0867 3752 WimFltr - ok
17:15:44.0867 3752 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:15:44.0867 3752 WIMMount - ok
17:15:44.0883 3752 WinHttpAutoProxySvc - ok
17:15:44.0930 3752 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:15:44.0945 3752 Winmgmt - ok
17:15:45.0070 3752 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:15:45.0101 3752 WinRM - ok
17:15:45.0257 3752 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:15:45.0273 3752 Wlansvc - ok
17:15:45.0320 3752 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:15:45.0320 3752 WmiAcpi - ok
17:15:45.0351 3752 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:15:45.0366 3752 wmiApSrv - ok
17:15:45.0398 3752 WMPNetworkSvc - ok
17:15:45.0413 3752 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:15:45.0413 3752 WPCSvc - ok
17:15:45.0429 3752 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:15:45.0444 3752 WPDBusEnum - ok
17:15:45.0460 3752 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:15:45.0460 3752 ws2ifsl - ok
17:15:45.0460 3752 WSearch - ok
17:15:45.0569 3752 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:15:45.0585 3752 wuauserv - ok
17:15:45.0694 3752 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:15:45.0710 3752 WudfPf - ok
17:15:45.0725 3752 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:15:45.0725 3752 wudfsvc - ok
17:15:45.0756 3752 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:15:45.0756 3752 WwanSvc - ok
17:15:45.0788 3752 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
17:15:46.0380 3752 \Device\Harddisk0\DR0 - ok
17:15:46.0396 3752 Boot (0x1200) (b88f97224ec8177979417cfcaf3a7868) \Device\Harddisk0\DR0\Partition0
17:15:46.0396 3752 \Device\Harddisk0\DR0\Partition0 - ok
17:15:46.0427 3752 Boot (0x1200) (1e9a56b3fa33aa6f4d26ef295464d485) \Device\Harddisk0\DR0\Partition1
17:15:46.0443 3752 \Device\Harddisk0\DR0\Partition1 - ok
17:15:46.0443 3752 ============================================================
17:15:46.0443 3752 Scan finished
17:15:46.0443 3752 ============================================================
17:15:46.0443 2616 Detected object count: 0
17:15:46.0443 2616 Actual detected object count: 0

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-19 17:17:12
-----------------------------
17:17:12.486 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:12.486 Number of processors: 8 586 0x2A07
17:17:12.486 ComputerName: ERIC-PC UserName: Eric
17:17:16.526 Initialize success
17:17:49.184 AVAST engine defs: 12061901
17:17:56.423 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:17:56.438 Disk 0 Vendor: ST320LT0 0001 Size: 305245MB BusType: 8
17:17:56.454 Disk 0 MBR read successfully
17:17:56.454 Disk 0 MBR scan
17:17:56.454 Disk 0 Windows VISTA default MBR code
17:17:56.454 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
17:17:56.469 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 9968 MB offset 81920
17:17:56.485 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 295236 MB offset 20496384
17:17:56.516 Disk 0 scanning C:\Windows\system32\drivers
17:18:07.311 Service scanning
17:18:23.114 Modules scanning
17:18:23.114 Disk 0 trace - called modules:
17:18:23.130 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys PCTCore64.sys ACPI.sys iaStor.sys hal.dll
17:18:23.629 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800506a790]
17:18:23.629 3 CLASSPNP.SYS[fffff8800185b43f] -> nt!IofCallDriver -> [0xfffffa8004f81cb0]
17:18:23.629 5 stdcfltn.sys[fffff88001b6fc52] -> nt!IofCallDriver -> [0xfffffa8004f7fae0]
17:18:23.629 7 PCTCore64.sys[fffff8800117b720] -> nt!IofCallDriver -> [0xfffffa8004e20550]
17:18:23.629 9 ACPI.sys[fffff88000f397a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004e25050]
17:18:29.557 AVAST engine scan C:\Windows
17:18:35.984 AVAST engine scan C:\Windows\system32
17:18:48.121 Disk 0 MBR has been saved successfully to "C:\Users\Eric\Desktop\MBR.dat"
17:18:48.121 The log file has been saved successfully to "C:\Users\Eric\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-19 17:17:12
-----------------------------
17:17:12.486 OS Version: Windows x64 6.1.7601 Service Pack 1
17:17:12.486 Number of processors: 8 586 0x2A07
17:17:12.486 ComputerName: ERIC-PC UserName: Eric
17:17:16.526 Initialize success
17:17:49.184 AVAST engine defs: 12061901
17:17:56.423 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:17:56.438 Disk 0 Vendor: ST320LT0 0001 Size: 305245MB BusType: 8
17:17:56.454 Disk 0 MBR read successfully
17:17:56.454 Disk 0 MBR scan
17:17:56.454 Disk 0 Windows VISTA default MBR code
17:17:56.454 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
17:17:56.469 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 9968 MB offset 81920
17:17:56.485 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 295236 MB offset 20496384
17:17:56.516 Disk 0 scanning C:\Windows\system32\drivers
17:18:07.311 Service scanning
17:18:23.114 Modules scanning
17:18:23.114 Disk 0 trace - called modules:
17:18:23.130 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys PCTCore64.sys ACPI.sys iaStor.sys hal.dll
17:18:23.629 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800506a790]
17:18:23.629 3 CLASSPNP.SYS[fffff8800185b43f] -> nt!IofCallDriver -> [0xfffffa8004f81cb0]
17:18:23.629 5 stdcfltn.sys[fffff88001b6fc52] -> nt!IofCallDriver -> [0xfffffa8004f7fae0]
17:18:23.629 7 PCTCore64.sys[fffff8800117b720] -> nt!IofCallDriver -> [0xfffffa8004e20550]
17:18:23.629 9 ACPI.sys[fffff88000f397a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004e25050]
17:18:29.557 AVAST engine scan C:\Windows
17:18:35.984 AVAST engine scan C:\Windows\system32
17:18:48.121 Disk 0 MBR has been saved successfully to "C:\Users\Eric\Desktop\MBR.dat"
17:18:48.121 The log file has been saved successfully to "C:\Users\Eric\Desktop\aswMBR.txt"
17:20:37.652 AVAST engine scan C:\Windows\system32\drivers
17:20:48.416 AVAST engine scan C:\Users\Eric
17:26:33.111 AVAST engine scan C:\ProgramData
17:26:48.633 File: C:\ProgramData\exHFkP0h2dPW5H.exe **INFECTED** Win32:FakeAlert-CRZ [Trj]
18:13:52.439 Scan finished successfully
18:17:23.757 Disk 0 MBR has been saved successfully to "C:\Users\Eric\Desktop\MBR.dat"
18:17:23.820 The log file has been saved successfully to "C:\Users\Eric\Desktop\aswMBR.txt"

ESET Online Log:

C:\ProgramData\exHFkP0h2dPW5H.exe a variant of Win32/Kryptik.AHBK trojan cleaned by deleting - quarantined
C:\Users\Eric\AppData\Local\Temp\3073.tmp Win32/Olmasco.AA trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6T2A084R\mx_mainxu[1].htm HTML/Iframe.B.Gen virus deleted - quarantined


If I somehow reported the wrong things, or did something incorrect please let me know.
Thanks again.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 PM

Posted 19 June 2012 - 05:57 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#6 Kallor

Kallor
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:38 PM

Posted 19 June 2012 - 10:13 PM

When I ran a full scan on malwarebytes, it came up clean on the first scan.
Here is the result of the mini toolbox:

MiniToolBox by Farbar Version: 09-06-2012
Ran by Eric (administrator) on 19-06-2012 at 23:10:46
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
Hosts file not detected in the default directory
========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Eric-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : D0-DF-9A-3D-15-66
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : holycross.edu
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 5C-26-0A-63-10-17
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 38-59-F9-14-A9-A7
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6105:3313:78cc:9901%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.13(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 19, 2012 10:01:37 PM
Lease Expires . . . . . . . . . . : Wednesday, June 20, 2012 10:01:41 PM
Default Gateway . . . . . . . . . : fe80::34d7:6552:268a:4949%11
192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 188242425
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-B1-16-D8-5C-26-0A-63-10-17
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{695158CB-2E7F-4581-9A39-315342D4A3B4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{36C09DA9-C618-4073-BF15-D122D1255986}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.holycross.edu:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:803::1004
74.125.226.195
74.125.226.200
74.125.226.201
74.125.226.198
74.125.226.194
74.125.226.196
74.125.226.193
74.125.226.192
74.125.226.199
74.125.226.197
74.125.226.206


Pinging google.com [173.194.43.4] with 32 bytes of data:
Reply from 173.194.43.4: bytes=32 time=19ms TTL=55
Reply from 173.194.43.4: bytes=32 time=21ms TTL=55

Ping statistics for 173.194.43.4:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 21ms, Average = 20ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=44ms TTL=52
Reply from 98.139.183.24: bytes=32 time=104ms TTL=52

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 104ms, Average = 74ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...d0 df 9a 3d 15 66 ......Bluetooth Device (Personal Area Network)
12...5c 26 0a 63 10 17 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
11...38 59 f9 14 a9 a7 ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
22...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.13 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.13 281
192.168.1.13 255.255.255.255 On-link 192.168.1.13 281
192.168.1.255 255.255.255.255 On-link 192.168.1.13 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.13 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.13 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 281 ::/0 fe80::34d7:6552:268a:4949
1 306 ::1/128 On-link
11 281 fe80::/64 On-link
11 281 fe80::6105:3313:78cc:9901/128
On-link
1 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be %SystemRoot%\system32\NLAapi.dll

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog9 11 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/19/2012 10:02:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2012 06:52:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/19/2012 06:52:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/19/2012 05:23:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/19/2012 05:23:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/19/2012 01:47:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 10:25:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 10:23:48 PM) (Source: Microsoft Security Client Setup) (User: Eric)Eric
Description: HRESULT:0x8004FF0A
Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A.

Error: (06/18/2012 09:56:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 09:34:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/19/2012 10:03:27 PM) (Source: Microsoft-Windows-DNS-Client) (User: Eric)
Description: There was an error while attempting to read the local hosts file.

Error: (06/19/2012 10:02:49 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/19/2012 10:02:19 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (06/19/2012 10:02:17 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (06/19/2012 10:01:46 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (06/19/2012 04:23:29 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (06/19/2012 04:23:28 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (06/19/2012 04:23:26 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (06/19/2012 04:23:25 PM) (Source: Microsoft-Windows-DNS-Client) (User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts file.

Error: (06/19/2012 01:47:40 PM) (Source: Microsoft-Windows-DNS-Client) (User: Eric)
Description: There was an error while attempting to read the local hosts file.


Microsoft Office Sessions:
=========================
Error: (06/19/2012 10:02:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2012 06:52:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4TBPWLA\esetsmartinstaller_enu.exe

Error: (06/19/2012 06:52:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4TBPWLA\esetsmartinstaller_enu.exe

Error: (06/19/2012 05:23:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4TBPWLA\esetsmartinstaller_enu.exe

Error: (06/19/2012 05:23:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Eric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E4TBPWLA\esetsmartinstaller_enu.exe

Error: (06/19/2012 01:47:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 10:25:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 10:23:48 PM) (Source: Microsoft Security Client Setup)(User: Eric)Eric
Description: HRESULT:0x8004FF0A
Description:Microsoft Security Essentials installation was canceled. You canceled the Security Essentials installation on your computer. Error code:0x8004FF0A.

Error: (06/18/2012 09:56:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2012 09:34:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advanced Audio FX Engine (Version: 1.12.05)
AlienRespawn - Support Software (Version: 9.4.60)
AlienRespawn (Version: 9.4.60)
Alienware M17x Manual (Version: 1.0.0.1)
Alienware On-Screen Display (Version: 0.31.0.14C)
Banctec Service Agreement (Version: 2.0.0)
Bing Desktop (Version: 1.0.45.0)
Command Center (Version: 2.6.2.0)
Diablo III (Version: 1.0.3.10057)
DirectX 9 Runtime (Version: 1.00.0000)
EMSC (Version: 0.0.0.22C)
ESET Online Scanner v3
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
HitmanPro 3.6 (Version: 3.6.0.156)
IDT Audio (Version: 1.0.6330.0)
Integrated Webcam Live! Central (Version: 2.00.44)
Intel® Processor Graphics (Version: 8.15.10.2342)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
Java Auto Updater (Version: 2.0.7.1)
Java SE Development Kit 7 Update 5 (64-bit) (Version: 1.7.0.50)
Java™ 6 Update 33 (Version: 6.0.330)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50)
JavaFX 2.1.1 (64-bit) (Version: 2.1.1)
JavaFX 2.1.1 SDK (64-bit) (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mumble 1.2.3 (Version: 1.2.3)
NVIDIA 3D Vision Driver 267.64 (Version: 267.64)
NVIDIA Control Panel 267.64 (Version: 267.64)
NVIDIA Graphics Driver 267.64 (Version: 267.64)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.6764)
NVIDIA Update Components (Version: 1.0.21)
PC Tools Registry Tool (Version: 1.0.0.14)
PhotoShowExpress (Version: 2.0.063)
RBVirtualFolder64Inst (Version: 1.00.0000)
Rosetta Stone Homeschool (Version: 3.4.5)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Star Wars: The Old Republic (Version: 1.00)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 15.1.19.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Ventrilo Client (Version: 3.0.8)
Warcraft III
World of Warcraft (Version: 4.2.2.14545)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 4043.82 MB
Available physical RAM: 1946.49 MB
Total Pagefile: 8085.84 MB
Available Pagefile: 5856.5 MB
Total Virtual: 4095.88 MB
Available Virtual: 3950.7 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:288.32 GB) (Free:193.46 GB) NTFS

========================= Users: ========================================

User accounts for \\ERIC-PC

Administrator Eric Guest
UpdatusUser


**** End of log ****

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 PM

Posted 20 June 2012 - 12:27 AM

Hosts

Right click on the link- save link as

Browse to C:\windows\system32\drivers\etc folder-save it


Click on startmenu and type

cmd

right click on it and select run as administrator and run this command

netsh winsock reset

press ENTER


Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#8 Kallor

Kallor
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:38 PM

Posted 20 June 2012 - 01:14 PM

Thank you very much for the help! While I hope to never have to deal with something like this again, these forums will definitely be my first stop if something ever happens again.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:38 PM

Posted 20 June 2012 - 01:47 PM

You're most welcome :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users