Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirect


  • Please log in to reply
9 replies to this topic

#1 telii

telii

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 26 June 2012 - 12:24 PM

I have the redirect virus, too, it appears to be a popular bug right now. Microsoft Security Essentials is not finding it. I mainly use Firefox and Google but the problem exists when I use IE and yahoo. Where do I start looking for a removal tool? Thanks in advance for any help.

BC AdBot (Login to Remove)

 


#2 telii

telii
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 26 June 2012 - 12:34 PM

I forgot to mention the OS. I am using Windows 7 Home Premium. I have run a malware-bytes scan but it did not find anything.

#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 PM

Posted 26 June 2012 - 01:01 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 telii

telii
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 26 June 2012 - 09:52 PM

Results....
18:16:07.0308 1748 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
18:16:07.0588 1748 ============================================================
18:16:07.0588 1748 Current date / time: 2012/06/26 18:16:07.0588
18:16:07.0588 1748 SystemInfo:
18:16:07.0588 1748
18:16:07.0588 1748 OS Version: 6.1.7601 ServicePack: 1.0
18:16:07.0588 1748 Product type: Workstation
18:16:07.0588 1748 ComputerName: TOM-DEN
18:16:07.0588 1748 UserName: Tom
18:16:07.0588 1748 Windows directory: C:\Windows
18:16:07.0588 1748 System windows directory: C:\Windows
18:16:07.0588 1748 Running under WOW64
18:16:07.0588 1748 Processor architecture: Intel x64
18:16:07.0588 1748 Number of processors: 2
18:16:07.0588 1748 Page size: 0x1000
18:16:07.0588 1748 Boot type: Normal boot
18:16:07.0588 1748 ============================================================
18:16:08.0446 1748 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
18:16:08.0462 1748 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9265, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
18:16:08.0477 1748 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9265, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
18:16:08.0477 1748 Drive \Device\Harddisk3\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:16:08.0524 1748 Drive \Device\Harddisk5\DR5 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:16:08.0555 1748 ============================================================
18:16:08.0555 1748 \Device\Harddisk0\DR0:
18:16:08.0555 1748 MBR partitions:
18:16:08.0555 1748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:16:08.0555 1748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
18:16:08.0555 1748 \Device\Harddisk1\DR1:
18:16:08.0555 1748 MBR partitions:
18:16:08.0555 1748 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747061A1
18:16:08.0555 1748 \Device\Harddisk2\DR2:
18:16:08.0555 1748 MBR partitions:
18:16:08.0555 1748 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747061A1
18:16:08.0555 1748 \Device\Harddisk3\DR3:
18:16:08.0555 1748 MBR partitions:
18:16:08.0555 1748 \Device\Harddisk3\DR3\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
18:16:08.0555 1748 \Device\Harddisk5\DR5:
18:16:08.0555 1748 MBR partitions:
18:16:08.0555 1748 \Device\Harddisk5\DR5\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
18:16:08.0555 1748 ============================================================
18:16:08.0555 1748 C: <-> \Device\Harddisk0\DR0\Partition1
18:16:08.0571 1748 D: <-> \Device\Harddisk2\DR2\Partition0
18:16:08.0587 1748 H: <-> \Device\Harddisk5\DR5\Partition0
18:16:08.0602 1748 E: <-> \Device\Harddisk1\DR1\Partition0
18:16:08.0618 1748 F: <-> \Device\Harddisk3\DR3\Partition0
18:16:08.0618 1748 ============================================================
18:16:08.0618 1748 Initialize success
18:16:08.0618 1748 ============================================================
18:16:34.0108 2776 ============================================================
18:16:34.0108 2776 Scan started
18:16:34.0108 2776 Mode: Manual; TDLFS;
18:16:34.0108 2776 ============================================================
18:16:36.0136 2776 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
18:16:36.0136 2776 1394ohci - ok
18:16:36.0277 2776 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:16:36.0277 2776 ACPI - ok
18:16:36.0308 2776 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:16:36.0308 2776 AcpiPmi - ok
18:16:36.0979 2776 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:16:37.0025 2776 AdobeFlashPlayerUpdateSvc - ok
18:16:37.0072 2776 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
18:16:37.0072 2776 adp94xx - ok
18:16:37.0119 2776 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
18:16:37.0119 2776 adpahci - ok
18:16:37.0135 2776 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
18:16:37.0135 2776 adpu320 - ok
18:16:37.0166 2776 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
18:16:37.0166 2776 AeLookupSvc - ok
18:16:37.0228 2776 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:16:37.0238 2776 AFD - ok
18:16:37.0248 2776 AFS - ok
18:16:37.0298 2776 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:16:37.0298 2776 agp440 - ok
18:16:37.0308 2776 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
18:16:37.0318 2776 ALG - ok
18:16:37.0328 2776 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:16:37.0328 2776 aliide - ok
18:16:37.0338 2776 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:16:37.0338 2776 amdide - ok
18:16:37.0348 2776 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
18:16:37.0348 2776 AmdK8 - ok
18:16:37.0368 2776 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
18:16:37.0368 2776 AmdPPM - ok
18:16:37.0408 2776 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:16:37.0408 2776 amdsata - ok
18:16:37.0428 2776 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
18:16:37.0468 2776 amdsbs - ok
18:16:37.0508 2776 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:16:37.0508 2776 amdxata - ok
18:16:37.0558 2776 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:16:37.0558 2776 AppID - ok
18:16:37.0568 2776 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
18:16:37.0588 2776 AppIDSvc - ok
18:16:37.0618 2776 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
18:16:37.0618 2776 Appinfo - ok
18:16:37.0788 2776 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:16:37.0788 2776 Apple Mobile Device - ok
18:16:37.0798 2776 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
18:16:37.0808 2776 arc - ok
18:16:37.0818 2776 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
18:16:37.0818 2776 arcsas - ok
18:16:37.0858 2776 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:16:37.0858 2776 AsyncMac - ok
18:16:37.0878 2776 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:16:37.0878 2776 atapi - ok
18:16:38.0058 2776 ATIAVPCI (2fdf783e6285c3765de5520296df1cab) C:\Windows\system32\DRIVERS\atinavrr.sys
18:16:38.0068 2776 ATIAVPCI - ok
18:16:38.0278 2776 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:16:38.0288 2776 AudioEndpointBuilder - ok
18:16:38.0298 2776 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
18:16:38.0298 2776 AudioSrv - ok
18:16:38.0358 2776 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
18:16:38.0358 2776 AxInstSV - ok
18:16:38.0408 2776 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
18:16:38.0428 2776 b06bdrv - ok
18:16:38.0548 2776 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:16:38.0548 2776 b57nd60a - ok
18:16:38.0588 2776 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
18:16:38.0588 2776 BDESVC - ok
18:16:38.0598 2776 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:16:38.0598 2776 Beep - ok
18:16:38.0698 2776 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
18:16:38.0708 2776 BFE - ok
18:16:38.0808 2776 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
18:16:38.0818 2776 BITS - ok
18:16:38.0838 2776 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:16:38.0848 2776 blbdrive - ok
18:16:39.0008 2776 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
18:16:39.0008 2776 Bonjour Service - ok
18:16:39.0048 2776 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:16:39.0048 2776 bowser - ok
18:16:39.0078 2776 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:16:39.0078 2776 BrFiltLo - ok
18:16:39.0088 2776 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:16:39.0088 2776 BrFiltUp - ok
18:16:39.0108 2776 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:16:39.0108 2776 BridgeMP - ok
18:16:39.0168 2776 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
18:16:39.0168 2776 Browser - ok
18:16:39.0208 2776 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:16:39.0218 2776 Brserid - ok
18:16:39.0228 2776 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:16:39.0228 2776 BrSerWdm - ok
18:16:39.0238 2776 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:16:39.0248 2776 BrUsbMdm - ok
18:16:39.0248 2776 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:16:39.0248 2776 BrUsbSer - ok
18:16:39.0268 2776 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
18:16:39.0268 2776 BTHMODEM - ok
18:16:39.0294 2776 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
18:16:39.0294 2776 bthserv - ok
18:16:39.0294 2776 catchme - ok
18:16:39.0309 2776 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:16:39.0309 2776 cdfs - ok
18:16:39.0403 2776 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
18:16:39.0450 2776 cdrom - ok
18:16:39.0497 2776 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:16:39.0497 2776 CertPropSvc - ok
18:16:39.0512 2776 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
18:16:39.0512 2776 circlass - ok
18:16:39.0543 2776 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:16:39.0559 2776 CLFS - ok
18:16:39.0621 2776 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:16:39.0621 2776 clr_optimization_v2.0.50727_32 - ok
18:16:39.0637 2776 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:16:39.0637 2776 clr_optimization_v2.0.50727_64 - ok
18:16:39.0746 2776 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:16:39.0746 2776 clr_optimization_v4.0.30319_32 - ok
18:16:39.0793 2776 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:16:39.0855 2776 clr_optimization_v4.0.30319_64 - ok
18:16:39.0871 2776 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
18:16:39.0887 2776 CmBatt - ok
18:16:39.0933 2776 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:16:39.0933 2776 cmdide - ok
18:16:40.0011 2776 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:16:40.0027 2776 CNG - ok
18:16:40.0058 2776 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
18:16:40.0058 2776 Compbatt - ok
18:16:40.0121 2776 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
18:16:40.0121 2776 CompositeBus - ok
18:16:40.0121 2776 COMSysApp - ok
18:16:40.0167 2776 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
18:16:40.0167 2776 crcdisk - ok
18:16:40.0214 2776 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
18:16:40.0214 2776 CryptSvc - ok
18:16:40.0292 2776 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
18:16:40.0292 2776 ctxusbm - ok
18:16:40.0370 2776 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
18:16:40.0370 2776 dc3d - ok
18:16:40.0448 2776 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:16:40.0464 2776 DcomLaunch - ok
18:16:40.0479 2776 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
18:16:40.0495 2776 defragsvc - ok
18:16:40.0557 2776 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:16:40.0557 2776 DfsC - ok
18:16:40.0604 2776 dg_ssudbus (388039f99ce8769024ee0438352aca99) C:\Windows\system32\DRIVERS\ssudbus.sys
18:16:40.0620 2776 dg_ssudbus - ok
18:16:40.0667 2776 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
18:16:40.0682 2776 Dhcp - ok
18:16:40.0698 2776 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:16:40.0698 2776 discache - ok
18:16:40.0713 2776 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
18:16:40.0713 2776 Disk - ok
18:16:40.0776 2776 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
18:16:40.0776 2776 Dnscache - ok
18:16:40.0838 2776 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
18:16:40.0838 2776 dot3svc - ok
18:16:40.0885 2776 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
18:16:40.0885 2776 Dot4 - ok
18:16:40.0932 2776 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
18:16:40.0932 2776 Dot4Print - ok
18:16:40.0947 2776 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
18:16:40.0947 2776 dot4usb - ok
18:16:41.0010 2776 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
18:16:41.0010 2776 DPS - ok
18:16:41.0072 2776 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:16:41.0072 2776 drmkaud - ok
18:16:41.0197 2776 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:16:41.0197 2776 DXGKrnl - ok
18:16:41.0228 2776 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
18:16:41.0228 2776 EapHost - ok
18:16:41.0431 2776 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
18:16:41.0478 2776 ebdrv - ok
18:16:41.0587 2776 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
18:16:41.0587 2776 EFS - ok
18:16:41.0665 2776 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
18:16:41.0681 2776 ehRecvr - ok
18:16:41.0712 2776 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
18:16:41.0712 2776 ehSched - ok
18:16:41.0759 2776 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
18:16:41.0759 2776 elxstor - ok
18:16:41.0805 2776 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:16:41.0805 2776 ErrDev - ok
18:16:41.0852 2776 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
18:16:41.0852 2776 EventSystem - ok
18:16:41.0899 2776 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:16:41.0899 2776 exfat - ok
18:16:41.0915 2776 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:16:41.0915 2776 fastfat - ok
18:16:42.0008 2776 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
18:16:42.0008 2776 Fax - ok
18:16:42.0039 2776 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:16:42.0039 2776 fdc - ok
18:16:42.0039 2776 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
18:16:42.0039 2776 fdPHost - ok
18:16:42.0055 2776 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
18:16:42.0055 2776 FDResPub - ok
18:16:42.0071 2776 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:16:42.0071 2776 FileInfo - ok
18:16:42.0071 2776 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:16:42.0086 2776 Filetrace - ok
18:16:42.0102 2776 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:16:42.0102 2776 flpydisk - ok
18:16:42.0149 2776 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:16:42.0149 2776 FltMgr - ok
18:16:42.0242 2776 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
18:16:42.0258 2776 FontCache - ok
18:16:42.0336 2776 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:16:42.0336 2776 FontCache3.0.0.0 - ok
18:16:42.0367 2776 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:16:42.0367 2776 FsDepends - ok
18:16:42.0398 2776 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
18:16:42.0398 2776 Fs_Rec - ok
18:16:42.0445 2776 FTDIBUS (82d4bd620f7e27ea268ea0e2f701a7ae) C:\Windows\system32\drivers\ftdibus.sys
18:16:42.0445 2776 FTDIBUS - ok
18:16:42.0507 2776 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:16:42.0507 2776 fvevol - ok
18:16:42.0507 2776 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:16:42.0523 2776 gagp30kx - ok
18:16:42.0570 2776 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:16:42.0570 2776 GEARAspiWDM - ok
18:16:42.0663 2776 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
18:16:42.0679 2776 gpsvc - ok
18:16:42.0695 2776 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:16:42.0695 2776 hcw85cir - ok
18:16:42.0757 2776 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:16:42.0757 2776 HdAudAddService - ok
18:16:42.0788 2776 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
18:16:42.0788 2776 HDAudBus - ok
18:16:42.0804 2776 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
18:16:42.0804 2776 HidBatt - ok
18:16:42.0829 2776 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
18:16:42.0829 2776 HidBth - ok
18:16:42.0849 2776 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
18:16:42.0849 2776 HidIr - ok
18:16:42.0859 2776 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
18:16:42.0859 2776 hidserv - ok
18:16:42.0919 2776 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:16:42.0919 2776 HidUsb - ok
18:16:42.0959 2776 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
18:16:42.0959 2776 hkmsvc - ok
18:16:43.0009 2776 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
18:16:43.0009 2776 HomeGroupListener - ok
18:16:43.0059 2776 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
18:16:43.0059 2776 HomeGroupProvider - ok
18:16:43.0089 2776 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:16:43.0089 2776 HpSAMD - ok
18:16:43.0189 2776 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:16:43.0199 2776 HTTP - ok
18:16:43.0239 2776 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:16:43.0239 2776 hwpolicy - ok
18:16:43.0249 2776 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
18:16:43.0249 2776 i8042prt - ok
18:16:43.0309 2776 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:16:43.0309 2776 iaStorV - ok
18:16:43.0409 2776 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:16:43.0419 2776 idsvc - ok
18:16:43.0859 2776 IHA_MessageCenter (5cab9d1ab5c9384d28dff89dbe7a72bb) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
18:16:43.0859 2776 IHA_MessageCenter - ok
18:16:43.0929 2776 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
18:16:43.0929 2776 iirsp - ok
18:16:44.0009 2776 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
18:16:44.0019 2776 IKEEXT - ok
18:16:44.0039 2776 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:16:44.0039 2776 intelide - ok
18:16:44.0059 2776 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:16:44.0059 2776 intelppm - ok
18:16:44.0079 2776 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
18:16:44.0079 2776 IPBusEnum - ok
18:16:44.0129 2776 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:16:44.0129 2776 IpFilterDriver - ok
18:16:44.0189 2776 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
18:16:44.0199 2776 iphlpsvc - ok
18:16:44.0249 2776 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:16:44.0249 2776 IPMIDRV - ok
18:16:44.0279 2776 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:16:44.0289 2776 IPNAT - ok
18:16:44.0399 2776 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
18:16:44.0409 2776 iPod Service - ok
18:16:44.0469 2776 iPodDrv (02def37ab75e0032c50724646f708de8) C:\Windows\system32\drivers\iPodDrv.sys
18:16:44.0469 2776 iPodDrv - ok
18:16:44.0499 2776 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:16:44.0509 2776 IRENUM - ok
18:16:44.0599 2776 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:16:44.0599 2776 isapnp - ok
18:16:44.0639 2776 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:16:44.0639 2776 iScsiPrt - ok
18:16:44.0689 2776 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:16:44.0689 2776 kbdclass - ok
18:16:44.0709 2776 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:16:44.0709 2776 kbdhid - ok
18:16:44.0739 2776 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:16:44.0739 2776 KeyIso - ok
18:16:44.0769 2776 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:16:44.0769 2776 KSecDD - ok
18:16:44.0779 2776 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:16:44.0789 2776 KSecPkg - ok
18:16:44.0789 2776 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:16:44.0789 2776 ksthunk - ok
18:16:44.0819 2776 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
18:16:44.0819 2776 KtmRm - ok
18:16:44.0882 2776 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
18:16:44.0897 2776 LanmanServer - ok
18:16:44.0944 2776 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
18:16:44.0944 2776 LanmanWorkstation - ok
18:16:44.0960 2776 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:16:44.0960 2776 lltdio - ok
18:16:44.0991 2776 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
18:16:44.0991 2776 lltdsvc - ok
18:16:45.0007 2776 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
18:16:45.0007 2776 lmhosts - ok
18:16:45.0038 2776 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:16:45.0038 2776 LSI_FC - ok
18:16:45.0053 2776 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:16:45.0053 2776 LSI_SAS - ok
18:16:45.0069 2776 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:16:45.0069 2776 LSI_SAS2 - ok
18:16:45.0085 2776 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:16:45.0085 2776 LSI_SCSI - ok
18:16:45.0116 2776 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:16:45.0116 2776 luafv - ok
18:16:45.0178 2776 LVRS64 (224ab3850f573a419f921c41a15d7f5b) C:\Windows\system32\DRIVERS\lvrs64.sys
18:16:45.0178 2776 LVRS64 - ok
18:16:46.0271 2776 LVUVC64 (bfba84b8a9c233ae42b11cf7bdfc6c01) C:\Windows\system32\DRIVERS\lvuvc64.sys
18:16:46.0614 2776 LVUVC64 - ok
18:16:46.0744 2776 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
18:16:46.0794 2776 McciCMService - ok
18:16:47.0014 2776 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
18:16:47.0024 2776 McciCMService64 - ok
18:16:47.0484 2776 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
18:16:47.0494 2776 Mcx2Svc - ok
18:16:47.0564 2776 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
18:16:47.0564 2776 megasas - ok
18:16:47.0644 2776 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
18:16:47.0654 2776 MegaSR - ok
18:16:47.0854 2776 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:16:47.0854 2776 MMCSS - ok
18:16:47.0874 2776 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:16:47.0884 2776 Modem - ok
18:16:47.0904 2776 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:16:47.0904 2776 monitor - ok
18:16:47.0974 2776 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:16:47.0974 2776 mouclass - ok
18:16:48.0034 2776 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:16:48.0034 2776 mouhid - ok
18:16:48.0114 2776 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:16:48.0114 2776 mountmgr - ok
18:16:48.0274 2776 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:16:48.0294 2776 MozillaMaintenance - ok
18:16:48.0444 2776 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
18:16:48.0484 2776 MpFilter - ok
18:16:48.0614 2776 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:16:48.0614 2776 mpio - ok
18:16:48.0644 2776 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:16:48.0644 2776 mpsdrv - ok
18:16:48.0769 2776 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
18:16:48.0785 2776 MpsSvc - ok
18:16:48.0878 2776 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
18:16:48.0894 2776 MREMP50 - ok
18:16:48.0941 2776 MREMP50a64 - ok
18:16:48.0956 2776 MREMPR5 - ok
18:16:48.0956 2776 MRENDIS5 - ok
18:16:49.0003 2776 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
18:16:49.0003 2776 MRESP50 - ok
18:16:49.0019 2776 MRESP50a64 - ok
18:16:49.0066 2776 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:16:49.0081 2776 MRxDAV - ok
18:16:49.0128 2776 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:16:49.0144 2776 mrxsmb - ok
18:16:49.0549 2776 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:16:49.0565 2776 mrxsmb10 - ok
18:16:49.0612 2776 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:16:49.0612 2776 mrxsmb20 - ok
18:16:49.0674 2776 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:16:49.0674 2776 msahci - ok
18:16:49.0721 2776 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:16:49.0721 2776 msdsm - ok
18:16:49.0752 2776 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
18:16:49.0768 2776 MSDTC - ok
18:16:49.0830 2776 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:16:49.0830 2776 Msfs - ok
18:16:49.0846 2776 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:16:49.0846 2776 mshidkmdf - ok
18:16:49.0877 2776 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:16:49.0877 2776 msisadrv - ok
18:16:49.0908 2776 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
18:16:49.0924 2776 MSiSCSI - ok
18:16:49.0924 2776 msiserver - ok
18:16:49.0939 2776 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:16:49.0939 2776 MSKSSRV - ok
18:16:50.0033 2776 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) C:\Program Files\Microsoft Security Client\MsMpEng.exe
18:16:50.0033 2776 MsMpSvc - ok
18:16:50.0048 2776 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:16:50.0048 2776 MSPCLOCK - ok
18:16:50.0064 2776 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:16:50.0064 2776 MSPQM - ok
18:16:50.0142 2776 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:16:50.0142 2776 MsRPC - ok
18:16:50.0719 2776 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
18:16:50.0719 2776 mssmbios - ok
18:16:50.0782 2776 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:16:50.0782 2776 MSTEE - ok
18:16:50.0797 2776 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
18:16:50.0797 2776 MTConfig - ok
18:16:50.0875 2776 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
18:16:50.0969 2776 MTsensor - ok
18:16:51.0062 2776 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:16:51.0062 2776 Mup - ok
18:16:51.0203 2776 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
18:16:51.0218 2776 napagent - ok
18:16:51.0718 2776 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:16:51.0749 2776 NativeWifiP - ok
18:16:51.0858 2776 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:16:51.0874 2776 NDIS - ok
18:16:51.0905 2776 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:16:51.0920 2776 NdisCap - ok
18:16:51.0952 2776 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:16:51.0952 2776 NdisTapi - ok
18:16:52.0014 2776 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:16:52.0014 2776 Ndisuio - ok
18:16:52.0123 2776 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:16:52.0123 2776 NdisWan - ok
18:16:52.0279 2776 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:16:52.0279 2776 NDProxy - ok
18:16:52.0357 2776 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:16:52.0357 2776 NetBIOS - ok
18:16:52.0529 2776 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:16:52.0529 2776 NetBT - ok
18:16:52.0622 2776 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:16:52.0638 2776 Netlogon - ok
18:16:53.0215 2776 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
18:16:53.0231 2776 Netman - ok
18:16:54.0089 2776 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
18:16:54.0089 2776 netprofm - ok
18:16:54.0557 2776 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:16:54.0572 2776 NetTcpPortSharing - ok
18:16:54.0713 2776 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
18:16:54.0713 2776 nfrd960 - ok
18:16:55.0087 2776 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:16:55.0103 2776 NisDrv - ok
18:16:55.0711 2776 NisSrv (10a43829a9e606af3eef25a1c1665923) C:\Program Files\Microsoft Security Client\NisSrv.exe
18:16:55.0711 2776 NisSrv - ok
18:16:56.0195 2776 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
18:16:56.0210 2776 NlaSvc - ok
18:16:56.0335 2776 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:16:56.0366 2776 Npfs - ok
18:16:56.0850 2776 NPVR Recording Service (6b75a30458b485ab58fb3f4dc22eda68) C:\Program Files (x86)\NPVR\NRecord.exe
18:16:56.0850 2776 NPVR Recording Service - ok
18:16:56.0928 2776 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
18:16:56.0944 2776 nsi - ok
18:16:57.0022 2776 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:16:57.0022 2776 nsiproxy - ok
18:16:57.0739 2776 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:16:57.0755 2776 Ntfs - ok
18:16:58.0862 2776 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
18:16:58.0862 2776 NuidFltr - ok
18:16:58.0894 2776 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:16:58.0925 2776 Null - ok
18:16:58.0987 2776 NVENETFD (a85b4f2ef3a7304a5399ef0526423040) C:\Windows\system32\DRIVERS\nvm62x64.sys
18:16:58.0987 2776 NVENETFD - ok
18:17:01.0390 2776 nvlddmkm (e55cab397f77d5208db18a78b1b7c0d5) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:17:01.0468 2776 nvlddmkm - ok
18:17:01.0811 2776 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:17:01.0826 2776 nvraid - ok
18:17:01.0842 2776 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:17:01.0842 2776 nvstor - ok
18:17:01.0904 2776 nvsvc (43bc8151893ae6afe42e149d663c2221) C:\Windows\system32\nvvsvc.exe
18:17:01.0904 2776 nvsvc - ok
18:17:02.0014 2776 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:17:02.0060 2776 nv_agp - ok
18:17:02.0138 2776 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:17:02.0138 2776 ohci1394 - ok
18:17:02.0201 2776 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:17:02.0216 2776 p2pimsvc - ok
18:17:02.0310 2776 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
18:17:02.0310 2776 p2psvc - ok
18:17:02.0341 2776 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:17:02.0341 2776 Parport - ok
18:17:02.0404 2776 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
18:17:02.0404 2776 partmgr - ok
18:17:02.0435 2776 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
18:17:02.0435 2776 PcaSvc - ok
18:17:02.0544 2776 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:17:02.0544 2776 pci - ok
18:17:02.0560 2776 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:17:02.0560 2776 pciide - ok
18:17:02.0638 2776 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
18:17:02.0653 2776 pcmcia - ok
18:17:02.0669 2776 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:17:02.0669 2776 pcw - ok
18:17:02.0762 2776 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:17:02.0762 2776 PEAUTH - ok
18:17:02.0856 2776 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
18:17:02.0856 2776 PerfHost - ok
18:17:03.0059 2776 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
18:17:03.0074 2776 pla - ok
18:17:03.0371 2776 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
18:17:03.0371 2776 PlugPlay - ok
18:17:03.0386 2776 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
18:17:03.0386 2776 PNRPAutoReg - ok
18:17:03.0402 2776 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
18:17:03.0418 2776 PNRPsvc - ok
18:17:03.0792 2776 Point64 (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys
18:17:03.0808 2776 Point64 - ok
18:17:04.0463 2776 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
18:17:04.0494 2776 PolicyAgent - ok
18:17:04.0681 2776 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
18:17:04.0681 2776 Power - ok
18:17:04.0822 2776 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:17:04.0822 2776 PptpMiniport - ok
18:17:04.0931 2776 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
18:17:04.0946 2776 Processor - ok
18:17:05.0212 2776 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
18:17:05.0212 2776 ProfSvc - ok
18:17:05.0305 2776 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:17:05.0305 2776 ProtectedStorage - ok
18:17:05.0446 2776 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:17:05.0461 2776 Psched - ok
18:17:06.0335 2776 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
18:17:06.0366 2776 ql2300 - ok
18:17:07.0286 2776 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
18:17:07.0318 2776 ql40xx - ok
18:17:07.0349 2776 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
18:17:07.0364 2776 QWAVE - ok
18:17:07.0380 2776 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:17:07.0380 2776 QWAVEdrv - ok
18:17:07.0396 2776 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:17:07.0396 2776 RasAcd - ok
18:17:07.0411 2776 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:17:07.0411 2776 RasAgileVpn - ok
18:17:07.0427 2776 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
18:17:07.0427 2776 RasAuto - ok
18:17:07.0489 2776 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:17:07.0489 2776 Rasl2tp - ok
18:17:07.0552 2776 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
18:17:07.0552 2776 RasMan - ok
18:17:07.0567 2776 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:17:07.0567 2776 RasPppoe - ok
18:17:07.0583 2776 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:17:07.0583 2776 RasSstp - ok
18:17:07.0630 2776 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:17:07.0645 2776 rdbss - ok
18:17:07.0661 2776 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:17:07.0661 2776 rdpbus - ok
18:17:07.0661 2776 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:17:07.0661 2776 RDPCDD - ok
18:17:07.0692 2776 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:17:07.0692 2776 RDPENCDD - ok
18:17:07.0692 2776 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:17:07.0692 2776 RDPREFMP - ok
18:17:07.0817 2776 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
18:17:07.0817 2776 RDPWD - ok
18:17:07.0879 2776 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:17:07.0879 2776 rdyboost - ok
18:17:07.0895 2776 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
18:17:07.0895 2776 RemoteAccess - ok
18:17:07.0910 2776 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
18:17:07.0926 2776 RemoteRegistry - ok
18:17:07.0942 2776 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
18:17:07.0942 2776 RpcEptMapper - ok
18:17:07.0957 2776 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
18:17:07.0957 2776 RpcLocator - ok
18:17:08.0035 2776 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
18:17:08.0051 2776 RpcSs - ok
18:17:08.0098 2776 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:17:08.0098 2776 rspndr - ok
18:17:08.0129 2776 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:17:08.0129 2776 SamSs - ok
18:17:08.0176 2776 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:17:08.0176 2776 sbp2port - ok
18:17:08.0207 2776 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
18:17:08.0207 2776 SCardSvr - ok
18:17:08.0254 2776 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:17:08.0254 2776 scfilter - ok
18:17:08.0363 2776 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
18:17:08.0378 2776 Schedule - ok
18:17:08.0425 2776 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
18:17:08.0425 2776 SCPolicySvc - ok
18:17:08.0472 2776 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
18:17:08.0472 2776 SDRSVC - ok
18:17:08.0519 2776 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
18:17:08.0519 2776 secdrv - ok
18:17:08.0566 2776 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
18:17:08.0566 2776 seclogon - ok
18:17:08.0581 2776 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
18:17:08.0581 2776 SENS - ok
18:17:08.0597 2776 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
18:17:08.0597 2776 SensrSvc - ok
18:17:08.0612 2776 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:17:08.0612 2776 Serenum - ok
18:17:08.0644 2776 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:17:08.0644 2776 Serial - ok
18:17:08.0675 2776 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
18:17:08.0675 2776 sermouse - ok
18:17:08.0768 2776 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
18:17:08.0784 2776 SessionEnv - ok
18:17:08.0815 2776 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:17:08.0815 2776 sffdisk - ok
18:17:08.0831 2776 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:17:08.0831 2776 sffp_mmc - ok
18:17:08.0831 2776 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:17:08.0846 2776 sffp_sd - ok
18:17:08.0846 2776 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
18:17:08.0846 2776 sfloppy - ok
18:17:08.0893 2776 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
18:17:08.0909 2776 SharedAccess - ok
18:17:09.0190 2776 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
18:17:09.0205 2776 ShellHWDetection - ok
18:17:09.0595 2776 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:17:09.0595 2776 SiSRaid2 - ok
18:17:09.0642 2776 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
18:17:09.0642 2776 SiSRaid4 - ok
18:17:09.0689 2776 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:17:09.0689 2776 Smb - ok
18:17:09.0736 2776 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
18:17:09.0751 2776 SNMPTRAP - ok
18:17:09.0767 2776 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:17:09.0767 2776 spldr - ok
18:17:09.0829 2776 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
18:17:09.0845 2776 Spooler - ok
18:17:11.0420 2776 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
18:17:11.0483 2776 sppsvc - ok
18:17:11.0592 2776 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
18:17:11.0608 2776 sppuinotify - ok
18:17:11.0810 2776 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:17:11.0826 2776 srv - ok
18:17:12.0419 2776 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:17:12.0434 2776 srv2 - ok
18:17:12.0450 2776 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:17:12.0450 2776 srvnet - ok
18:17:12.0481 2776 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
18:17:12.0497 2776 SSDPSRV - ok
18:17:12.0528 2776 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
18:17:12.0528 2776 SstpSvc - ok
18:17:12.0575 2776 ssudmdm (ad42ca614e086bcadbd53fffc404ac24) C:\Windows\system32\DRIVERS\ssudmdm.sys
18:17:12.0590 2776 ssudmdm - ok
18:17:12.0606 2776 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
18:17:12.0606 2776 stexstor - ok
18:17:12.0684 2776 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
18:17:12.0684 2776 stisvc - ok
18:17:12.0746 2776 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
18:17:12.0746 2776 swenum - ok
18:17:12.0778 2776 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
18:17:12.0793 2776 swprv - ok
18:17:13.0542 2776 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
18:17:13.0573 2776 SysMain - ok
18:17:13.0932 2776 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
18:17:13.0932 2776 TabletInputService - ok
18:17:13.0979 2776 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
18:17:13.0994 2776 TapiSrv - ok
18:17:14.0010 2776 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
18:17:14.0026 2776 TBS - ok
18:17:15.0726 2776 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
18:17:15.0742 2776 Tcpip - ok
18:17:21.0061 2776 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
18:17:21.0077 2776 TCPIP6 - ok
18:17:22.0387 2776 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:17:22.0387 2776 tcpipreg - ok
18:17:22.0418 2776 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:17:22.0434 2776 TDPIPE - ok
18:17:22.0465 2776 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
18:17:22.0465 2776 TDTCP - ok
18:17:22.0528 2776 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:17:22.0528 2776 tdx - ok
18:17:22.0574 2776 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
18:17:22.0574 2776 TermDD - ok
18:17:24.0259 2776 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
18:17:24.0290 2776 TermService - ok
18:17:24.0337 2776 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
18:17:24.0337 2776 Themes - ok
18:17:24.0400 2776 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
18:17:24.0415 2776 THREADORDER - ok
18:17:24.0540 2776 TomTomHOMEService (39bd95a9fe72aaf5c675ad146be456a9) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
18:17:24.0540 2776 TomTomHOMEService - ok
18:17:24.0556 2776 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
18:17:24.0556 2776 TrkWks - ok
18:17:25.0507 2776 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
18:17:25.0523 2776 TrustedInstaller - ok
18:17:25.0554 2776 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:17:25.0554 2776 tssecsrv - ok
18:17:25.0632 2776 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:17:25.0632 2776 TsUsbFlt - ok
18:17:25.0710 2776 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:17:25.0710 2776 tunnel - ok
18:17:25.0741 2776 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
18:17:25.0741 2776 uagp35 - ok
18:17:25.0804 2776 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:17:25.0804 2776 udfs - ok
18:17:25.0835 2776 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
18:17:25.0835 2776 UI0Detect - ok
18:17:25.0866 2776 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:17:25.0866 2776 uliagpkx - ok
18:17:25.0913 2776 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
18:17:25.0913 2776 umbus - ok
18:17:25.0928 2776 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
18:17:25.0928 2776 UmPass - ok
18:17:25.0960 2776 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
18:17:25.0960 2776 upnphost - ok
18:17:26.0006 2776 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
18:17:26.0006 2776 USBAAPL64 - ok
18:17:26.0038 2776 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:17:26.0053 2776 usbaudio - ok
18:17:26.0100 2776 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:17:26.0116 2776 usbccgp - ok
18:17:26.0396 2776 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:17:26.0396 2776 usbcir - ok
18:17:26.0412 2776 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:17:26.0412 2776 usbehci - ok
18:17:26.0630 2776 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:17:26.0646 2776 usbhub - ok
18:17:26.0662 2776 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
18:17:26.0662 2776 usbohci - ok
18:17:26.0677 2776 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:17:26.0677 2776 usbprint - ok
18:17:26.0724 2776 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:17:26.0724 2776 USBSTOR - ok
18:17:26.0771 2776 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:17:26.0771 2776 usbuhci - ok
18:17:26.0802 2776 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
18:17:26.0802 2776 usbvideo - ok
18:17:26.0818 2776 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
18:17:26.0818 2776 UxSms - ok
18:17:26.0880 2776 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
18:17:26.0880 2776 VaultSvc - ok
18:17:26.0942 2776 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:17:26.0942 2776 vdrvroot - ok
18:17:28.0346 2776 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
18:17:28.0378 2776 vds - ok
18:17:28.0409 2776 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:17:28.0409 2776 vga - ok
18:17:28.0424 2776 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:17:28.0424 2776 VgaSave - ok
18:17:28.0471 2776 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:17:28.0471 2776 vhdmp - ok
18:17:28.0534 2776 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:17:28.0534 2776 viaide - ok
18:17:28.0565 2776 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:17:28.0565 2776 volmgr - ok
18:17:28.0627 2776 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:17:28.0643 2776 volmgrx - ok
18:17:28.0658 2776 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:17:28.0674 2776 volsnap - ok
18:17:28.0690 2776 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
18:17:28.0690 2776 vsmraid - ok
18:17:29.0470 2776 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
18:17:29.0501 2776 VSS - ok
18:17:30.0655 2776 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:17:30.0671 2776 vwifibus - ok
18:17:31.0139 2776 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
18:17:31.0170 2776 W32Time - ok
18:17:31.0217 2776 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
18:17:31.0217 2776 WacomPen - ok
18:17:31.0435 2776 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:17:31.0435 2776 WANARP - ok
18:17:31.0451 2776 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:17:31.0451 2776 Wanarpv6 - ok
18:17:33.0448 2776 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
18:17:33.0479 2776 WatAdminSvc - ok
18:17:35.0382 2776 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
18:17:35.0413 2776 wbengine - ok
18:17:36.0583 2776 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
18:17:36.0599 2776 WbioSrvc - ok
18:17:37.0160 2776 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
18:17:37.0176 2776 wcncsvc - ok
18:17:37.0254 2776 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
18:17:37.0254 2776 WcsPlugInService - ok
18:17:37.0426 2776 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
18:17:37.0426 2776 Wd - ok
18:17:38.0330 2776 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:17:38.0346 2776 Wdf01000 - ok
18:17:38.0502 2776 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:17:38.0518 2776 WdiServiceHost - ok
18:17:38.0518 2776 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
18:17:38.0518 2776 WdiSystemHost - ok
18:17:38.0939 2776 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
18:17:38.0939 2776 WebClient - ok
18:17:39.0329 2776 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
18:17:39.0344 2776 Wecsvc - ok
18:17:39.0454 2776 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
18:17:39.0454 2776 wercplsupport - ok
18:17:39.0578 2776 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
18:17:39.0578 2776 WerSvc - ok
18:17:39.0734 2776 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:17:39.0750 2776 WfpLwf - ok
18:17:39.0781 2776 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:17:39.0781 2776 WIMMount - ok
18:17:39.0828 2776 WinDefend - ok
18:17:39.0906 2776 WinHttpAutoProxySvc - ok
18:17:40.0421 2776 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
18:17:40.0452 2776 Winmgmt - ok
18:17:43.0244 2776 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
18:17:43.0868 2776 WinRM - ok
18:17:44.0867 2776 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:17:44.0867 2776 WinUsb - ok
18:17:45.0132 2776 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
18:17:45.0148 2776 Wlansvc - ok
18:17:45.0209 2776 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:17:45.0210 2776 WmiAcpi - ok
18:17:45.0249 2776 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
18:17:45.0252 2776 wmiApSrv - ok
18:17:45.0277 2776 WMPNetworkSvc - ok
18:17:45.0320 2776 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
18:17:45.0320 2776 WPCSvc - ok
18:17:45.0367 2776 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
18:17:45.0367 2776 WPDBusEnum - ok
18:17:45.0398 2776 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:17:45.0398 2776 ws2ifsl - ok
18:17:45.0414 2776 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
18:17:45.0414 2776 wscsvc - ok
18:17:45.0414 2776 WSearch - ok
18:17:45.0819 2776 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
18:17:45.0835 2776 wuauserv - ok
18:17:46.0116 2776 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:17:46.0116 2776 WudfPf - ok
18:17:46.0162 2776 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:17:46.0162 2776 WUDFRd - ok
18:17:46.0209 2776 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
18:17:46.0209 2776 wudfsvc - ok
18:17:46.0240 2776 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
18:17:46.0240 2776 WwanSvc - ok
18:17:46.0287 2776 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:17:46.0693 2776 \Device\Harddisk0\DR0 - ok
18:17:46.0693 2776 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
18:17:46.0771 2776 \Device\Harddisk1\DR1 - ok
18:17:46.0786 2776 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
18:17:46.0849 2776 \Device\Harddisk2\DR2 - ok
18:17:46.0849 2776 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
18:17:46.0880 2776 \Device\Harddisk3\DR3 ( TDSS File System ) - warning
18:17:46.0880 2776 \Device\Harddisk3\DR3 - detected TDSS File System (1)
18:17:46.0911 2776 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk5\DR5
18:17:47.0020 2776 \Device\Harddisk5\DR5 - ok
18:17:47.0052 2776 Boot (0x1200) (4caa806966fc86bac134a0d76ec6c03d) \Device\Harddisk0\DR0\Partition0
18:17:47.0052 2776 \Device\Harddisk0\DR0\Partition0 - ok
18:17:47.0067 2776 Boot (0x1200) (12634c8af130b66201df7b5983fab237) \Device\Harddisk0\DR0\Partition1
18:17:47.0067 2776 \Device\Harddisk0\DR0\Partition1 - ok
18:17:47.0083 2776 Boot (0x1200) (d7806fc395c3c374d4f8058cd9027fb4) \Device\Harddisk1\DR1\Partition0
18:17:47.0083 2776 \Device\Harddisk1\DR1\Partition0 - ok
18:17:47.0083 2776 Boot (0x1200) (ef97d514222c931a5b69b178fbf9e55b) \Device\Harddisk2\DR2\Partition0
18:17:47.0083 2776 \Device\Harddisk2\DR2\Partition0 - ok
18:17:47.0098 2776 Boot (0x1200) (200953eec9d50c7e98048803d898d299) \Device\Harddisk3\DR3\Partition0
18:17:47.0098 2776 \Device\Harddisk3\DR3\Partition0 - ok
18:17:47.0098 2776 Boot (0x1200) (2ca3e468f4497eba9ede6277e84bf706) \Device\Harddisk5\DR5\Partition0
18:17:47.0098 2776 \Device\Harddisk5\DR5\Partition0 - ok
18:17:47.0098 2776 ============================================================
18:17:47.0098 2776 Scan finished
18:17:47.0098 2776 ============================================================
18:17:47.0114 3232 Detected object count: 1
18:17:47.0114 3232 Actual detected object count: 1
18:18:23.0322 3232 \Device\Harddisk3\DR3\TDLFS\config.ini - copied to quarantine
18:18:23.0322 3232 \Device\Harddisk3\DR3\TDLFS\tdl - copied to quarantine
18:18:23.0337 3232 \Device\Harddisk3\DR3\TDLFS\rsrc.dat - copied to quarantine
18:18:23.0337 3232 \Device\Harddisk3\DR3\TDLFS\bckfg.tmp - copied to quarantine
18:18:23.0337 3232 \Device\Harddisk3\DR3\TDLFS\tdlcmd.dll - copied to quarantine
18:18:23.0337 3232 \Device\Harddisk3\DR3 ( TDSS File System ) - User select action: Quarantine
18:18:51.0387 3832 Deinitialize success



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-26 18:19:06
-----------------------------
18:19:06.894 OS Version: Windows x64 6.1.7601 Service Pack 1
18:19:06.894 Number of processors: 2 586 0x4302
18:19:06.894 ComputerName: TOM-DEN UserName: Tom
18:19:08.907 Initialize success
18:19:52.101 AVAST engine defs: 12062601
18:21:16.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000057
18:21:16.187 Disk 0 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 3
18:21:16.203 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000058
18:21:16.203 Disk 1 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 3
18:21:16.203 Disk 2 \Device\Harddisk2\DR2 -> \Device\00000059
18:21:16.203 Disk 2 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 3
18:21:16.203 Disk 3 \Device\Harddisk3\DR3 -> \Device\0000005b
18:21:16.203 Disk 3 Vendor: WDC_WD50 12.0 Size: 476940MB BusType: 3
18:21:16.219 Disk 0 MBR read successfully
18:21:16.219 Disk 0 MBR scan
18:21:16.234 Disk 0 Windows 7 default MBR code
18:21:16.234 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:21:16.250 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953767 MB offset 206848
18:21:16.250 Disk 0 scanning C:\Windows\system32\drivers
18:21:25.253 Service scanning
18:21:43.255 Modules scanning
18:21:43.255 Disk 0 trace - called modules:
18:21:43.271 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor.sys
18:21:43.271 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004609060]
18:21:43.271 3 CLASSPNP.SYS[fffff8800199e43f] -> nt!IofCallDriver -> [0xfffffa80043c2040]
18:21:43.271 5 ACPI.sys[fffff88000f187a1] -> nt!IofCallDriver -> \Device\00000057[0xfffffa80043d79c0]
18:21:45.627 AVAST engine scan C:\Windows
18:21:48.934 AVAST engine scan C:\Windows\system32
18:24:28.866 AVAST engine scan C:\Windows\system32\drivers
18:24:40.301 AVAST engine scan C:\Users\Tom
18:46:00.977 AVAST engine scan C:\ProgramData
18:46:34.127 Scan finished successfully
19:44:11.323 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
19:44:11.339 The log file has been saved successfully to "C:\aswMBR.txt"



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



C:\TDSSKiller_Quarantine\26.06.2012_18.16.07\tdlfs0000\tsk0004.dta Win32/Olmarik.ADZ trojan cleaned by deleting - quarantined
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\7bec11ca-456a6ab2 Java/Exploit.CVE-2011-3544.F trojan deleted - quarantined
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\252ccbd2-19764f7f Java/Exploit.CVE-2012-0507.CA trojan deleted - quarantined
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\3aa4da42-4ef153b7 multiple threats deleted - quarantined
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\270c07d4-53df6608 a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\26ac7ea2-5d6d4c31 multiple threats deleted - quarantined
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41\29b4c469-4cbe136c a variant of Java/TrojanDownloader.Agent.NDJ trojan deleted - quarantined
C:\Users\Tom\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\1290de77-65db09db Java/Exploit.CVE-2011-3544.F trojan deleted - quarantined
C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\17e0mzp8.default\extensions\fjyxmxvwju@fjyxmxvwju.org.xpi JS/Redirector.NBX trojan deleted - quarantined
C:\Users\Tom\Desktop\regacesetup.exe multiple threats cleaned by deleting - quarantined

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 PM

Posted 26 June 2012 - 10:10 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


Do you still have redirects?

#6 telii

telii
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 27 June 2012 - 06:36 AM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.27.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Tom :: TOM-DEN [administrator]

6/26/2012 11:31:57 PM
mbam-log-2012-06-26 (23-31-57).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 686032
Time elapsed: 1 hour(s), 12 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


***************************************************************************************************************************************************
***************************************************************************************************************************************************
***************************************************************************************************************************************************

MiniToolBox by Farbar Version: 25-06-2012
Ran by Tom (administrator) on 27-06-2012 at 07:36:02
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce Networking Controller = Local Area Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tom-Den
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller #2
Physical Address. . . . . . . . . : 00-1A-92-4E-DF-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : NVIDIA nForce Networking Controller
Physical Address. . . . . . . . . : 00-1A-92-4E-CC-47
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7d97:e7ac:2376:2cd0%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, June 26, 2012 6:05:57 PM
Lease Expires . . . . . . . . . . : Thursday, June 28, 2012 7:33:03 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234887826
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-26-C4-AA-00-1A-92-4E-CC-47
DNS Servers . . . . . . . . . . . : 192.168.1.1
71.242.0.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C25261A1-1B43-43CD-92D6-CC948A936A5E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:56:174:9f0b:d038(Preferred)
Link-local IPv6 Address . . . . . : fe80::56:174:9f0b:d038%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:802::1004
74.125.228.70
74.125.228.71
74.125.228.64
74.125.228.68
74.125.228.67
74.125.228.69
74.125.228.78
74.125.228.73
74.125.228.65
74.125.228.72
74.125.228.66


Pinging google.com [74.125.228.68] with 32 bytes of data:
Reply from 74.125.228.68: bytes=32 time=16ms TTL=54
Reply from 74.125.228.68: bytes=32 time=11ms TTL=54

Ping statistics for 74.125.228.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 16ms, Average = 13ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=54ms TTL=55
Reply from 209.191.122.70: bytes=32 time=61ms TTL=55

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 54ms, Maximum = 61ms, Average = 57ms
Server: Wireless_Broadband_Router.home
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...00 1a 92 4e df c3 ......NVIDIA nForce Networking Controller #2
10...00 1a 92 4e cc 47 ......NVIDIA nForce Networking Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.5 276
192.168.1.5 255.255.255.255 On-link 192.168.1.5 276
192.168.1.255 255.255.255.255 On-link 192.168.1.5 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.5 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.5 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:56:174:9f0b:d038/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::56:174:9f0b:d038/128
On-link
10 276 fe80::7d97:e7ac:2376:2cd0/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/27/2012 01:02:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/27/2012 01:02:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 07:45:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 07:45:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 07:45:24 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 06:18:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/26/2012 06:08:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Please use sxstrace.exe for detailed diagnosis.

Error: (06/26/2012 06:06:00 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (06/26/2012 00:21:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 13.0.1.4548, time stamp: 0x4fda5ff0
Faulting module name: NPSWF32_11_3_300_262.dll, version: 11.3.300.262, time stamp: 0x4fe21212
Exception code: 0x40000015
Fault offset: 0x0030c9dc
Faulting process id: 0x740
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (06/25/2012 09:58:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Error in manifest or policy file "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" on line Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition is Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (06/27/2012 07:33:05 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (06/27/2012 03:54:22 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.

Error: (06/26/2012 07:02:26 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (06/26/2012 06:06:00 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (06/25/2012 10:33:05 PM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (06/25/2012 09:52:19 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (06/25/2012 09:49:22 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.

Error: (06/25/2012 07:39:16 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (06/25/2012 04:59:03 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk5\DR5.

Error: (06/25/2012 03:53:21 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS


Microsoft Office Sessions:
=========================
Error: (06/27/2012 01:02:42 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Tom\downloads\esetsmartinstaller_enu.exe

Error: (06/27/2012 01:02:26 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (06/26/2012 07:45:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tom\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 07:45:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tom\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 07:45:24 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tom\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 06:18:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tom\Downloads\esetsmartinstaller_enu.exe

Error: (06/26/2012 06:08:36 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Citrix\ICA Client\MFC80.DLLC:\Program Files (x86)\Citrix\ICA Client\Microsoft.VC80.MFCLOC.MANIFEST5

Error: (06/26/2012 06:06:00 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/26/2012 00:21:49 AM) (Source: Application Error)(User: )
Description: plugin-container.exe13.0.1.45484fda5ff0NPSWF32_11_3_300_262.dll11.3.300.2624fe21212400000150030c9dc74001cd533fb9bd1c60C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll7258d5d0-bf46-11e1-a1e2-001a924edfc3

Error: (06/25/2012 09:58:29 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Citrix\ICA Client\MFC80.DLLC:\Program Files (x86)\Citrix\ICA Client\Microsoft.VC80.MFCLOC.MANIFEST5


=========================== Installed Programs ============================

7-Zip 9.16 (x64 edition) (Version: 9.16.00.0)
AC3Filter 1.63b (Version: 1.63b)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader 9.5.1 (Version: 9.5.1)
Amazon Kindle
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Auslogics Duplicate File Finder (Version: version 2.2)
Bonjour (Version: 3.0.0.10)
Centra Client
Citrix Access Gateway Endpoint Analysis (Version: 9.3.52.3)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
ConvertHelper 2.2
Debut Video Capture Software
DigitImg (Version: 2.00.0000)
doubleTwist (Version: 3.2.0.12944)
Dropbox (Version: 1.4.7)
ESET Online Scanner v3
Express Zip File Compression Software
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
FLV Player (Version: 2.0.25)
HandBrake 0.9.6 (Version: 0.9.6)
HP Memories Disc (Version: 1.0.4.805)
HP Software Update (Version: 1.0.3.1)
Human Interface Programmer (HIP) (Version: 1.2)
IHA_MessageCenter (Version: 1.1.0)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Jing (Version: 2.4.10231)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft IntelliType Pro 8.1 (Version: 8.15.406.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NextPVR
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Drivers (Version: 1.10.62.40)
OpenOffice.org 3.2 (Version: 3.2.9502)
Photosmart 140,240,7200,7600,7700,7900 Series (Version: 2.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Prism Video File Converter
PSShortcuts (Version: 1.00.0000)
PSUsage (Version: 1.20.0000)
PVSonyDll (Version: 1.00.0001)
QuickTime (Version: 7.72.80.56)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.187)
TomTom HOME 2.8.1.2218 (Version: 2.8.1.2218)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Verizon Help and Support Tool
VideoPad Video Editor
Vz In Home Agent (Version: 8.03.53)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 4094.49 MB
Available physical RAM: 2908.7 MB
Total Pagefile: 8187.18 MB
Available Pagefile: 6087.81 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.29 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:931.41 GB) (Free:84.21 GB) NTFS
3 Drive d: (WD1T1) (Fixed) (Total:931.51 GB) (Free:204.42 GB) NTFS
4 Drive e: (WD1T2) (Fixed) (Total:931.51 GB) (Free:58.06 GB) NTFS
5 Drive f: (New Volume) (Fixed) (Total:465.76 GB) (Free:58.41 GB) NTFS
6 Drive g: (Animals) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
7 Drive h: (FreeAgent Drive) (Fixed) (Total:698.64 GB) (Free:2.91 GB) NTFS

========================= Users: ========================================

User accounts for \\TOM-DEN

Administrator Guest Lori
Tom


**** End of log ****

#7 telii

telii
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 27 June 2012 - 06:41 AM

I do not appear to have the problem this morning. I'll try it out more when I get home from work this evening. In any event, thank you for all of you efforts.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 PM

Posted 27 June 2012 - 07:36 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off


Update your antivirus ,java and flash player frequently,do not click on suspicious links

Safe surfing :)

#9 telii

telii
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:51 PM

Posted 27 June 2012 - 07:51 PM

TFC ran. New restore point created. I do have one more question for you. If I do get on a dodgy site and a pop up tells me to run their "anti-virus scan", is there anything I can do? Using task manager to close the browser or doing a hard reboot or am I already hosed?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:51 PM

Posted 27 June 2012 - 08:04 PM

If you're not able to close the browser

Launch task manager-Click on processes tab

End your browser session

If you use internet explorer,click on iexplore.exe and click END PROCESS

For firefox click on firefox.exe and click END PROCESS

You can use applications tab to end tasks but sometimes your browser may not respond.

good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users