Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware -- popups and redirects gallore


  • Please log in to reply
7 replies to this topic

#1 swingblade

swingblade

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 27 June 2012 - 05:05 PM

Hi. I'm hoping I'm posting this in the right spot. I'm having an issue that I've seen others have had and it appears they've been able to get them fixed with the help of folks on here. I get routine popup ads on the bottom right of my browser windows (showing up in FF, Chrome and IE), and periodic redirects. They're all ads and often related to things I have recently searched for -- so I'm being tracked.

I'm pretty sure I need to go the ComboFix route, but I've also seen the warnings to not run it unless instructed. So, I want someone to instruct me. Not sure how to pull log files, etc., but I'm ready to get my hands dirty to get my machine clean. Please help!!!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 27 June 2012 - 05:09 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 swingblade

swingblade
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 27 June 2012 - 05:13 PM

Thanks. Here's the TDSSKiller log:


17:12:09.0470 3908 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
17:12:09.0892 3908 ============================================================
17:12:09.0892 3908 Current date / time: 2012/06/27 17:12:09.0892
17:12:09.0892 3908 SystemInfo:
17:12:09.0892 3908
17:12:09.0892 3908 OS Version: 6.1.7600 ServicePack: 0.0
17:12:09.0893 3908 Product type: Workstation
17:12:09.0893 3908 ComputerName: NEIL-LAPTOP
17:12:09.0893 3908 UserName: Neil
17:12:09.0893 3908 Windows directory: C:\Windows
17:12:09.0893 3908 System windows directory: C:\Windows
17:12:09.0893 3908 Running under WOW64
17:12:09.0893 3908 Processor architecture: Intel x64
17:12:09.0893 3908 Number of processors: 4
17:12:09.0893 3908 Page size: 0x1000
17:12:09.0893 3908 Boot type: Normal boot
17:12:09.0893 3908 ============================================================
17:12:10.0266 3908 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:10.0272 3908 ============================================================
17:12:10.0272 3908 \Device\Harddisk0\DR0:
17:12:10.0272 3908 MBR partitions:
17:12:10.0272 3908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:12:10.0272 3908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x211AB000
17:12:10.0272 3908 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2120F000, BlocksNum 0x41EB800
17:12:10.0272 3908 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
17:12:10.0272 3908 ============================================================
17:12:10.0296 3908 C: <-> \Device\Harddisk0\DR0\Partition1
17:12:10.0334 3908 D: <-> \Device\Harddisk0\DR0\Partition2
17:12:10.0334 3908 ============================================================
17:12:10.0334 3908 Initialize success
17:12:10.0334 3908 ============================================================
17:12:22.0035 3104 ============================================================
17:12:22.0035 3104 Scan started
17:12:22.0035 3104 Mode: Manual; TDLFS;
17:12:22.0035 3104 ============================================================
17:12:22.0466 3104 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
17:12:22.0470 3104 1394ohci - ok
17:12:22.0511 3104 Accelerometer (5aa055fe5ae506e19e9a8f537756ee10) C:\Windows\system32\DRIVERS\Accelerometer.sys
17:12:22.0511 3104 Accelerometer - ok
17:12:22.0566 3104 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
17:12:22.0569 3104 ACPI - ok
17:12:22.0610 3104 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
17:12:22.0611 3104 AcpiPmi - ok
17:12:22.0699 3104 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
17:12:22.0701 3104 Adobe LM Service - ok
17:12:22.0807 3104 Adobe Version Cue CS2 (41d15ead554396bf35b7c5246ad47a28) C:\progra~2\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
17:12:22.0810 3104 Adobe Version Cue CS2 - ok
17:12:22.0926 3104 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:12:22.0927 3104 AdobeARMservice - ok
17:12:23.0089 3104 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:12:23.0091 3104 AdobeFlashPlayerUpdateSvc - ok
17:12:23.0196 3104 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:12:23.0204 3104 adp94xx - ok
17:12:23.0276 3104 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:12:23.0281 3104 adpahci - ok
17:12:23.0335 3104 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:12:23.0338 3104 adpu320 - ok
17:12:23.0371 3104 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:12:23.0372 3104 AeLookupSvc - ok
17:12:23.0461 3104 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
17:12:23.0463 3104 AESTFilters - ok
17:12:23.0553 3104 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
17:12:23.0559 3104 AFD - ok
17:12:23.0607 3104 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
17:12:23.0608 3104 agp440 - ok
17:12:24.0149 3104 Akamai (c775d704feb2b600a5bf7b0b088546af) c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll
17:12:24.0150 3104 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll. md5: c775d704feb2b600a5bf7b0b088546af
17:12:24.0154 3104 Akamai ( HiddenFile.Multi.Generic ) - warning
17:12:24.0155 3104 Akamai - detected HiddenFile.Multi.Generic (1)
17:12:24.0265 3104 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:12:24.0267 3104 ALG - ok
17:12:24.0330 3104 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
17:12:24.0330 3104 aliide - ok
17:12:24.0369 3104 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
17:12:24.0370 3104 amdide - ok
17:12:24.0407 3104 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:12:24.0408 3104 AmdK8 - ok
17:12:24.0423 3104 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:12:24.0424 3104 AmdPPM - ok
17:12:24.0476 3104 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
17:12:24.0478 3104 amdsata - ok
17:12:24.0523 3104 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:12:24.0526 3104 amdsbs - ok
17:12:24.0540 3104 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
17:12:24.0541 3104 amdxata - ok
17:12:24.0581 3104 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
17:12:24.0582 3104 AppID - ok
17:12:24.0617 3104 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:12:24.0618 3104 AppIDSvc - ok
17:12:24.0633 3104 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
17:12:24.0635 3104 Appinfo - ok
17:12:24.0711 3104 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:12:24.0713 3104 arc - ok
17:12:24.0740 3104 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:12:24.0742 3104 arcsas - ok
17:12:24.0794 3104 aspnet_state - ok
17:12:24.0830 3104 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:12:24.0831 3104 AsyncMac - ok
17:12:24.0863 3104 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
17:12:24.0863 3104 atapi - ok
17:12:24.0971 3104 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:12:24.0984 3104 AudioEndpointBuilder - ok
17:12:24.0995 3104 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
17:12:25.0000 3104 AudioSrv - ok
17:12:25.0034 3104 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
17:12:25.0036 3104 AxInstSV - ok
17:12:25.0109 3104 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:12:25.0117 3104 b06bdrv - ok
17:12:25.0168 3104 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:12:25.0173 3104 b57nd60a - ok
17:12:25.0324 3104 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
17:12:25.0328 3104 BBSvc - ok
17:12:25.0368 3104 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
17:12:25.0371 3104 BBUpdate - ok
17:12:25.0403 3104 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:12:25.0406 3104 BDESVC - ok
17:12:25.0430 3104 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:12:25.0431 3104 Beep - ok
17:12:25.0504 3104 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
17:12:25.0515 3104 BFE - ok
17:12:25.0581 3104 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
17:12:25.0595 3104 BITS - ok
17:12:25.0662 3104 BlackBox - ok
17:12:25.0690 3104 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:12:25.0691 3104 blbdrive - ok
17:12:25.0729 3104 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
17:12:25.0731 3104 bowser - ok
17:12:25.0755 3104 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:12:25.0756 3104 BrFiltLo - ok
17:12:25.0774 3104 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:12:25.0775 3104 BrFiltUp - ok
17:12:25.0816 3104 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
17:12:25.0818 3104 BridgeMP - ok
17:12:25.0869 3104 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
17:12:25.0872 3104 Browser - ok
17:12:25.0907 3104 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:12:25.0911 3104 Brserid - ok
17:12:25.0940 3104 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:12:25.0941 3104 BrSerWdm - ok
17:12:25.0953 3104 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:12:25.0955 3104 BrUsbMdm - ok
17:12:25.0975 3104 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:12:25.0976 3104 BrUsbSer - ok
17:12:25.0998 3104 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:12:25.0999 3104 BTHMODEM - ok
17:12:26.0045 3104 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:12:26.0047 3104 bthserv - ok
17:12:26.0091 3104 catchme - ok
17:12:26.0141 3104 CbFs (5fe05bb71c1d0878163334f5c8d99016) C:\Windows\system32\drivers\cbfs64.sys
17:12:26.0143 3104 CbFs - ok
17:12:26.0189 3104 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:12:26.0191 3104 cdfs - ok
17:12:26.0234 3104 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
17:12:26.0237 3104 cdrom - ok
17:12:26.0277 3104 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:12:26.0279 3104 CertPropSvc - ok
17:12:26.0297 3104 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:12:26.0298 3104 circlass - ok
17:12:26.0345 3104 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:12:26.0349 3104 CLFS - ok
17:12:26.0420 3104 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:12:26.0422 3104 clr_optimization_v2.0.50727_32 - ok
17:12:26.0467 3104 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:12:26.0470 3104 clr_optimization_v2.0.50727_64 - ok
17:12:26.0538 3104 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:12:26.0541 3104 clr_optimization_v4.0.30319_32 - ok
17:12:26.0577 3104 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:12:26.0580 3104 clr_optimization_v4.0.30319_64 - ok
17:12:26.0623 3104 clwvd (d68d9f4d53010b7e84d4e80a2e485554) C:\Windows\system32\DRIVERS\clwvd.sys
17:12:26.0624 3104 clwvd - ok
17:12:26.0662 3104 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:12:26.0663 3104 CmBatt - ok
17:12:26.0679 3104 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
17:12:26.0680 3104 cmdide - ok
17:12:26.0748 3104 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
17:12:26.0754 3104 CNG - ok
17:12:26.0770 3104 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:12:26.0771 3104 Compbatt - ok
17:12:26.0801 3104 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
17:12:26.0802 3104 CompositeBus - ok
17:12:26.0822 3104 COMSysApp - ok
17:12:26.0860 3104 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:12:26.0861 3104 crcdisk - ok
17:12:26.0936 3104 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
17:12:26.0939 3104 CryptSvc - ok
17:12:26.0985 3104 dc3d (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys
17:12:26.0987 3104 dc3d - ok
17:12:27.0041 3104 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:12:27.0050 3104 DcomLaunch - ok
17:12:27.0093 3104 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:12:27.0097 3104 defragsvc - ok
17:12:27.0166 3104 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
17:12:27.0169 3104 DfsC - ok
17:12:27.0221 3104 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
17:12:27.0227 3104 Dhcp - ok
17:12:27.0253 3104 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:12:27.0254 3104 discache - ok
17:12:27.0299 3104 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:12:27.0300 3104 Disk - ok
17:12:27.0330 3104 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
17:12:27.0334 3104 Dnscache - ok
17:12:27.0371 3104 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
17:12:27.0375 3104 dot3svc - ok
17:12:27.0394 3104 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
17:12:27.0397 3104 DPS - ok
17:12:27.0421 3104 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:12:27.0422 3104 drmkaud - ok
17:12:27.0462 3104 dump_wmimmc - ok
17:12:27.0511 3104 DVMIO (a298aea9fca253e7eff040a08c7c6376) C:\Windows\system32\DRIVERS\dvmio.sys
17:12:27.0511 3104 DVMIO - ok
17:12:27.0678 3104 DvmMDES (ee06215c6bd7e56d941ccc5819a4fc69) C:\SwSetup\HPQWMM\QuickWeb\QW.SYS\config\DVMExportService.exe
17:12:27.0684 3104 DvmMDES - ok
17:12:27.0774 3104 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
17:12:27.0786 3104 DXGKrnl - ok
17:12:27.0811 3104 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:12:27.0813 3104 EapHost - ok
17:12:28.0049 3104 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:12:28.0086 3104 ebdrv - ok
17:12:28.0216 3104 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
17:12:28.0218 3104 EFS - ok
17:12:28.0320 3104 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
17:12:28.0331 3104 ehRecvr - ok
17:12:28.0363 3104 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:12:28.0365 3104 ehSched - ok
17:12:28.0443 3104 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:12:28.0453 3104 elxstor - ok
17:12:28.0479 3104 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
17:12:28.0479 3104 ErrDev - ok
17:12:28.0534 3104 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:12:28.0541 3104 EventSystem - ok
17:12:28.0717 3104 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:12:28.0739 3104 EvtEng - ok
17:12:28.0876 3104 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:12:28.0880 3104 exfat - ok
17:12:28.0906 3104 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:12:28.0910 3104 fastfat - ok
17:12:28.0931 3104 FastUserSwitchingCompatibility - ok
17:12:29.0016 3104 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
17:12:29.0028 3104 Fax - ok
17:12:29.0064 3104 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:12:29.0065 3104 fdc - ok
17:12:29.0094 3104 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:12:29.0095 3104 fdPHost - ok
17:12:29.0106 3104 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:12:29.0107 3104 FDResPub - ok
17:12:29.0141 3104 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:12:29.0143 3104 FileInfo - ok
17:12:29.0152 3104 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:12:29.0153 3104 Filetrace - ok
17:12:29.0174 3104 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:12:29.0175 3104 flpydisk - ok
17:12:29.0202 3104 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
17:12:29.0206 3104 FltMgr - ok
17:12:29.0300 3104 FontCache (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
17:12:29.0319 3104 FontCache - ok
17:12:29.0376 3104 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:12:29.0377 3104 FontCache3.0.0.0 - ok
17:12:29.0437 3104 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:12:29.0439 3104 FsDepends - ok
17:12:29.0472 3104 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
17:12:29.0473 3104 Fs_Rec - ok
17:12:29.0512 3104 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:12:29.0515 3104 fvevol - ok
17:12:29.0546 3104 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:12:29.0548 3104 gagp30kx - ok
17:12:29.0645 3104 GamesAppService (c403c5db49a0f9aaf4f2128edc0106d8) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:12:29.0649 3104 GamesAppService - ok
17:12:29.0729 3104 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
17:12:29.0742 3104 gpsvc - ok
17:12:29.0772 3104 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:12:29.0773 3104 hcw85cir - ok
17:12:29.0823 3104 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
17:12:29.0828 3104 HdAudAddService - ok
17:12:29.0850 3104 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
17:12:29.0852 3104 HDAudBus - ok
17:12:29.0885 3104 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
17:12:29.0886 3104 HECIx64 - ok
17:12:29.0907 3104 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:12:29.0908 3104 HidBatt - ok
17:12:29.0932 3104 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:12:29.0934 3104 HidBth - ok
17:12:29.0976 3104 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:12:29.0978 3104 HidIr - ok
17:12:30.0007 3104 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
17:12:30.0009 3104 hidserv - ok
17:12:30.0050 3104 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
17:12:30.0051 3104 HidUsb - ok
17:12:30.0076 3104 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
17:12:30.0078 3104 hkmsvc - ok
17:12:30.0121 3104 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
17:12:30.0125 3104 HomeGroupListener - ok
17:12:30.0165 3104 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
17:12:30.0169 3104 HomeGroupProvider - ok
17:12:30.0300 3104 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:12:30.0301 3104 HP Support Assistant Service - ok
17:12:30.0373 3104 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
17:12:30.0375 3104 HP Wireless Assistant Service - ok
17:12:30.0454 3104 HPAuto (da075126f867727810ee9b98b3041c4c) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
17:12:30.0464 3104 HPAuto - ok
17:12:30.0519 3104 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
17:12:30.0524 3104 HPClientSvc - ok
17:12:30.0584 3104 HPDrvMntSvc.exe (c958976c7daaf47084a33ebbc6e28b84) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
17:12:30.0586 3104 HPDrvMntSvc.exe - ok
17:12:30.0688 3104 hpdskflt (0ac88fbe4bf315f5f8fd862426c11540) C:\Windows\system32\DRIVERS\hpdskflt.sys
17:12:30.0689 3104 hpdskflt - ok
17:12:30.0758 3104 hpqwmiex (09fbd4c4db2fd84b9ab1c5bfdcc95559) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:12:30.0771 3104 hpqwmiex - ok
17:12:30.0820 3104 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
17:12:30.0822 3104 HpSAMD - ok
17:12:30.0828 3104 hpsrv (778ce2c015dec896c5c9323342bd71d4) C:\Windows\system32\Hpservice.exe
17:12:30.0830 3104 hpsrv - ok
17:12:30.0919 3104 HPWMISVC (171000873eb522e5ea3dd4c4e0b689b2) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
17:12:30.0920 3104 HPWMISVC - ok
17:12:31.0006 3104 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
17:12:31.0019 3104 HTTP - ok
17:12:31.0035 3104 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
17:12:31.0036 3104 hwpolicy - ok
17:12:31.0085 3104 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
17:12:31.0087 3104 i8042prt - ok
17:12:31.0156 3104 iaStor (a5f72bb0d024e7e463344105be613ae4) C:\Windows\system32\DRIVERS\iaStor.sys
17:12:31.0161 3104 iaStor - ok
17:12:31.0246 3104 IAStorDataMgrSvc (1e7999fe262b0a5fb84485c3a9ad06f1) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:12:31.0247 3104 IAStorDataMgrSvc - ok
17:12:31.0307 3104 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
17:12:31.0313 3104 iaStorV - ok
17:12:31.0440 3104 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:12:31.0454 3104 idsvc - ok
17:12:32.0099 3104 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:12:32.0327 3104 igfx - ok
17:12:32.0447 3104 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:12:32.0449 3104 iirsp - ok
17:12:32.0524 3104 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
17:12:32.0539 3104 IKEEXT - ok
17:12:32.0581 3104 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
17:12:32.0583 3104 Impcd - ok
17:12:32.0648 3104 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys
17:12:32.0653 3104 IntcDAud - ok
17:12:32.0684 3104 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
17:12:32.0685 3104 intelide - ok
17:12:32.0718 3104 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:12:32.0719 3104 intelppm - ok
17:12:32.0757 3104 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:12:32.0760 3104 IPBusEnum - ok
17:12:32.0810 3104 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:12:32.0812 3104 IpFilterDriver - ok
17:12:32.0869 3104 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
17:12:32.0877 3104 iphlpsvc - ok
17:12:32.0904 3104 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:12:32.0906 3104 IPMIDRV - ok
17:12:32.0921 3104 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:12:32.0923 3104 IPNAT - ok
17:12:32.0952 3104 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:12:32.0953 3104 IRENUM - ok
17:12:32.0972 3104 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
17:12:32.0973 3104 isapnp - ok
17:12:33.0010 3104 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
17:12:33.0013 3104 iScsiPrt - ok
17:12:33.0041 3104 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
17:12:33.0041 3104 kbdclass - ok
17:12:33.0069 3104 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
17:12:33.0071 3104 kbdhid - ok
17:12:33.0116 3104 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:12:33.0118 3104 KeyIso - ok
17:12:33.0148 3104 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
17:12:33.0150 3104 KSecDD - ok
17:12:33.0179 3104 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
17:12:33.0182 3104 KSecPkg - ok
17:12:33.0200 3104 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:12:33.0201 3104 ksthunk - ok
17:12:33.0253 3104 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:12:33.0259 3104 KtmRm - ok
17:12:33.0296 3104 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
17:12:33.0301 3104 LanmanServer - ok
17:12:33.0346 3104 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
17:12:33.0350 3104 LanmanWorkstation - ok
17:12:33.0438 3104 LightScribeService (fcbdcc6f1801e32244235608e1277752) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
17:12:33.0440 3104 LightScribeService - ok
17:12:33.0495 3104 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:12:33.0497 3104 lltdio - ok
17:12:33.0538 3104 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:12:33.0544 3104 lltdsvc - ok
17:12:33.0569 3104 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:12:33.0571 3104 lmhosts - ok
17:12:33.0658 3104 LMS (25884ca77f8d926b69167bc231d3726e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
17:12:33.0664 3104 LMS - ok
17:12:33.0715 3104 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:12:33.0717 3104 LSI_FC - ok
17:12:33.0739 3104 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:12:33.0740 3104 LSI_SAS - ok
17:12:33.0752 3104 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:12:33.0754 3104 LSI_SAS2 - ok
17:12:33.0773 3104 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:12:33.0775 3104 LSI_SCSI - ok
17:12:33.0806 3104 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:12:33.0808 3104 luafv - ok
17:12:33.0841 3104 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
17:12:33.0844 3104 Mcx2Svc - ok
17:12:33.0871 3104 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:12:33.0872 3104 megasas - ok
17:12:33.0902 3104 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:12:33.0907 3104 MegaSR - ok
17:12:34.0017 3104 Microsoft SharePoint Workspace Audit Service - ok
17:12:34.0052 3104 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:12:34.0054 3104 MMCSS - ok
17:12:34.0087 3104 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:12:34.0088 3104 Modem - ok
17:12:34.0117 3104 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:12:34.0118 3104 monitor - ok
17:12:34.0145 3104 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
17:12:34.0146 3104 mouclass - ok
17:12:34.0174 3104 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:12:34.0175 3104 mouhid - ok
17:12:34.0208 3104 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
17:12:34.0210 3104 mountmgr - ok
17:12:34.0237 3104 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
17:12:34.0240 3104 mpio - ok
17:12:34.0271 3104 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:12:34.0273 3104 mpsdrv - ok
17:12:34.0333 3104 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
17:12:34.0342 3104 MpsSvc - ok
17:12:34.0365 3104 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
17:12:34.0367 3104 MRxDAV - ok
17:12:34.0414 3104 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:12:34.0416 3104 mrxsmb - ok
17:12:34.0484 3104 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:12:34.0489 3104 mrxsmb10 - ok
17:12:34.0509 3104 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:12:34.0511 3104 mrxsmb20 - ok
17:12:34.0541 3104 msahci (d1318d7b87b71003a5c6c7c31ec80288) C:\Windows\system32\DRIVERS\msahci.sys
17:12:34.0542 3104 msahci - ok
17:12:34.0570 3104 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
17:12:34.0573 3104 msdsm - ok
17:12:34.0606 3104 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:12:34.0609 3104 MSDTC - ok
17:12:34.0649 3104 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:12:34.0650 3104 Msfs - ok
17:12:34.0674 3104 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:12:34.0675 3104 mshidkmdf - ok
17:12:34.0688 3104 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
17:12:34.0689 3104 msisadrv - ok
17:12:34.0735 3104 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:12:34.0738 3104 MSiSCSI - ok
17:12:34.0743 3104 msiserver - ok
17:12:34.0770 3104 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:12:34.0771 3104 MSKSSRV - ok
17:12:34.0787 3104 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:12:34.0788 3104 MSPCLOCK - ok
17:12:34.0812 3104 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:12:34.0813 3104 MSPQM - ok
17:12:34.0844 3104 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
17:12:34.0849 3104 MsRPC - ok
17:12:34.0868 3104 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
17:12:34.0868 3104 mssmbios - ok
17:12:34.0878 3104 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:12:34.0879 3104 MSTEE - ok
17:12:34.0893 3104 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:12:34.0894 3104 MTConfig - ok
17:12:34.0908 3104 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:12:34.0909 3104 Mup - ok
17:12:34.0988 3104 MyWiFiDHCPDNS (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:12:34.0994 3104 MyWiFiDHCPDNS - ok
17:12:35.0039 3104 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
17:12:35.0047 3104 napagent - ok
17:12:35.0098 3104 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:12:35.0103 3104 NativeWifiP - ok
17:12:35.0177 3104 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
17:12:35.0191 3104 NDIS - ok
17:12:35.0225 3104 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:12:35.0226 3104 NdisCap - ok
17:12:35.0259 3104 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:12:35.0261 3104 NdisTapi - ok
17:12:35.0300 3104 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
17:12:35.0302 3104 Ndisuio - ok
17:12:35.0325 3104 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:12:35.0328 3104 NdisWan - ok
17:12:35.0358 3104 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
17:12:35.0360 3104 NDProxy - ok
17:12:35.0380 3104 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:12:35.0381 3104 NetBIOS - ok
17:12:35.0409 3104 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
17:12:35.0413 3104 NetBT - ok
17:12:35.0460 3104 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:12:35.0462 3104 Netlogon - ok
17:12:35.0502 3104 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:12:35.0508 3104 Netman - ok
17:12:35.0550 3104 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:12:35.0558 3104 netprofm - ok
17:12:35.0624 3104 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:12:35.0627 3104 NetTcpPortSharing - ok
17:12:36.0107 3104 NETw5s64 (24f64343f14a119308456e1ca7507b26) C:\Windows\system32\DRIVERS\NETw5s64.sys
17:12:36.0281 3104 NETw5s64 - ok
17:12:36.0723 3104 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
17:12:36.0785 3104 netw5v64 - ok
17:12:37.0513 3104 NETwNs64 (b9c587bdaa61a689883439d5ae6fe7f3) C:\Windows\system32\DRIVERS\NETwNs64.sys
17:12:37.0680 3104 NETwNs64 - ok
17:12:37.0821 3104 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:12:37.0823 3104 nfrd960 - ok
17:12:37.0876 3104 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
17:12:37.0882 3104 NlaSvc - ok
17:12:38.0121 3104 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
17:12:38.0155 3104 NOBU - ok
17:12:38.0256 3104 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:12:38.0258 3104 Npfs - ok
17:12:38.0268 3104 npggsvc - ok
17:12:38.0276 3104 NPPTNT2 - ok
17:12:38.0305 3104 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:12:38.0307 3104 nsi - ok
17:12:38.0322 3104 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:12:38.0323 3104 nsiproxy - ok
17:12:38.0472 3104 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
17:12:38.0498 3104 Ntfs - ok
17:12:38.0600 3104 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:12:38.0601 3104 Null - ok
17:12:38.0635 3104 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
17:12:38.0638 3104 nvraid - ok
17:12:38.0656 3104 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
17:12:38.0659 3104 nvstor - ok
17:12:38.0710 3104 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
17:12:38.0712 3104 nv_agp - ok
17:12:38.0739 3104 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
17:12:38.0741 3104 ohci1394 - ok
17:12:38.0828 3104 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:12:38.0832 3104 ose64 - ok
17:12:39.0203 3104 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:12:39.0289 3104 osppsvc - ok
17:12:39.0411 3104 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:12:39.0417 3104 p2pimsvc - ok
17:12:39.0465 3104 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:12:39.0472 3104 p2psvc - ok
17:12:39.0516 3104 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:12:39.0518 3104 Parport - ok
17:12:39.0573 3104 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
17:12:39.0575 3104 partmgr - ok
17:12:39.0603 3104 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:12:39.0607 3104 PcaSvc - ok
17:12:39.0633 3104 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
17:12:39.0636 3104 pci - ok
17:12:39.0653 3104 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
17:12:39.0654 3104 pciide - ok
17:12:39.0693 3104 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:12:39.0696 3104 pcmcia - ok
17:12:39.0712 3104 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:12:39.0713 3104 pcw - ok
17:12:39.0757 3104 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:12:39.0765 3104 PEAUTH - ok
17:12:39.0844 3104 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:12:39.0846 3104 PerfHost - ok
17:12:39.0971 3104 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
17:12:39.0994 3104 pla - ok
17:12:40.0060 3104 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
17:12:40.0068 3104 PlugPlay - ok
17:12:40.0090 3104 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:12:40.0093 3104 PNRPAutoReg - ok
17:12:40.0123 3104 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:12:40.0128 3104 PNRPsvc - ok
17:12:40.0191 3104 Point64 (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys
17:12:40.0193 3104 Point64 - ok
17:12:40.0249 3104 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
17:12:40.0258 3104 PolicyAgent - ok
17:12:40.0308 3104 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:12:40.0313 3104 Power - ok
17:12:40.0354 3104 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
17:12:40.0356 3104 PptpMiniport - ok
17:12:40.0384 3104 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:12:40.0385 3104 Processor - ok
17:12:40.0436 3104 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
17:12:40.0441 3104 ProfSvc - ok
17:12:40.0483 3104 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:12:40.0485 3104 ProtectedStorage - ok
17:12:40.0514 3104 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
17:12:40.0516 3104 Psched - ok
17:12:40.0618 3104 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:12:40.0641 3104 ql2300 - ok
17:12:40.0756 3104 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:12:40.0758 3104 ql40xx - ok
17:12:40.0799 3104 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:12:40.0803 3104 QWAVE - ok
17:12:40.0837 3104 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:12:40.0837 3104 QWAVEdrv - ok
17:12:40.0868 3104 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:12:40.0869 3104 RasAcd - ok
17:12:40.0901 3104 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:12:40.0903 3104 RasAgileVpn - ok
17:12:40.0942 3104 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:12:40.0946 3104 RasAuto - ok
17:12:40.0973 3104 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:12:40.0976 3104 Rasl2tp - ok
17:12:41.0011 3104 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
17:12:41.0017 3104 RasMan - ok
17:12:41.0042 3104 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:12:41.0044 3104 RasPppoe - ok
17:12:41.0071 3104 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:12:41.0073 3104 RasSstp - ok
17:12:41.0105 3104 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
17:12:41.0110 3104 rdbss - ok
17:12:41.0140 3104 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:12:41.0141 3104 rdpbus - ok
17:12:41.0171 3104 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:12:41.0171 3104 RDPCDD - ok
17:12:41.0186 3104 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:12:41.0186 3104 RDPENCDD - ok
17:12:41.0207 3104 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:12:41.0207 3104 RDPREFMP - ok
17:12:41.0253 3104 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
17:12:41.0257 3104 RDPWD - ok
17:12:41.0321 3104 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
17:12:41.0325 3104 rdyboost - ok
17:12:41.0458 3104 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:12:41.0472 3104 RegSrvc - ok
17:12:41.0502 3104 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:12:41.0506 3104 RemoteAccess - ok
17:12:41.0537 3104 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:12:41.0541 3104 RemoteRegistry - ok
17:12:41.0655 3104 RoxioNow Service (c1568e17039b2ec2b73a4f880ddd51e5) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
17:12:41.0661 3104 RoxioNow Service - ok
17:12:41.0676 3104 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:12:41.0679 3104 RpcEptMapper - ok
17:12:41.0707 3104 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:12:41.0709 3104 RpcLocator - ok
17:12:41.0753 3104 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
17:12:41.0759 3104 RpcSs - ok
17:12:41.0821 3104 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:12:41.0823 3104 rspndr - ok
17:12:41.0860 3104 RTL8167 (6074829c74c5c72ab65ad2cee9c1bb47) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:12:41.0864 3104 RTL8167 - ok
17:12:41.0905 3104 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:12:41.0906 3104 SamSs - ok
17:12:41.0933 3104 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
17:12:41.0935 3104 sbp2port - ok
17:12:41.0970 3104 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:12:41.0975 3104 SCardSvr - ok
17:12:41.0994 3104 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
17:12:41.0995 3104 scfilter - ok
17:12:42.0125 3104 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
17:12:42.0142 3104 Schedule - ok
17:12:42.0176 3104 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
17:12:42.0177 3104 SCPolicySvc - ok
17:12:42.0224 3104 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys
17:12:42.0226 3104 sdbus - ok
17:12:42.0257 3104 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
17:12:42.0261 3104 SDRSVC - ok
17:12:42.0281 3104 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:12:42.0282 3104 secdrv - ok
17:12:42.0291 3104 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
17:12:42.0293 3104 seclogon - ok
17:12:42.0321 3104 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
17:12:42.0324 3104 SENS - ok
17:12:42.0353 3104 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:12:42.0355 3104 SensrSvc - ok
17:12:42.0384 3104 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:12:42.0385 3104 Serenum - ok
17:12:42.0402 3104 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:12:42.0403 3104 Serial - ok
17:12:42.0440 3104 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:12:42.0442 3104 sermouse - ok
17:12:42.0478 3104 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
17:12:42.0481 3104 SessionEnv - ok
17:12:42.0500 3104 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
17:12:42.0501 3104 sffdisk - ok
17:12:42.0513 3104 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:12:42.0514 3104 sffp_mmc - ok
17:12:42.0521 3104 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
17:12:42.0522 3104 sffp_sd - ok
17:12:42.0540 3104 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:12:42.0541 3104 sfloppy - ok
17:12:42.0579 3104 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:12:42.0585 3104 SharedAccess - ok
17:12:42.0622 3104 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
17:12:42.0628 3104 ShellHWDetection - ok
17:12:42.0664 3104 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:12:42.0665 3104 SiSRaid2 - ok
17:12:42.0696 3104 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:12:42.0698 3104 SiSRaid4 - ok
17:12:42.0735 3104 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:12:42.0737 3104 Smb - ok
17:12:42.0782 3104 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:12:42.0784 3104 SNMPTRAP - ok
17:12:42.0800 3104 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:12:42.0800 3104 spldr - ok
17:12:42.0882 3104 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
17:12:42.0892 3104 Spooler - ok
17:12:43.0115 3104 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
17:12:43.0169 3104 sppsvc - ok
17:12:43.0267 3104 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:12:43.0270 3104 sppuinotify - ok
17:12:43.0355 3104 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
17:12:43.0363 3104 srv - ok
17:12:43.0404 3104 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
17:12:43.0409 3104 srv2 - ok
17:12:43.0467 3104 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:12:43.0472 3104 SrvHsfHDA - ok
17:12:43.0576 3104 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:12:43.0601 3104 SrvHsfV92 - ok
17:12:43.0761 3104 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:12:43.0773 3104 SrvHsfWinac - ok
17:12:43.0827 3104 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
17:12:43.0830 3104 srvnet - ok
17:12:43.0871 3104 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:12:43.0876 3104 SSDPSRV - ok
17:12:43.0896 3104 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:12:43.0899 3104 SstpSvc - ok
17:12:43.0969 3104 STacSV (b2d8b364a831427a5741f6c408fa8ae3) C:\Program Files\IDT\WDM\STacSV64.exe
17:12:43.0975 3104 STacSV - ok
17:12:44.0003 3104 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:12:44.0005 3104 stexstor - ok
17:12:44.0049 3104 STHDA (ef5acde92ba3f691bbfef781cb063501) C:\Windows\system32\DRIVERS\stwrt64.sys
17:12:44.0057 3104 STHDA - ok
17:12:44.0136 3104 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
17:12:44.0147 3104 stisvc - ok
17:12:44.0170 3104 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
17:12:44.0171 3104 swenum - ok
17:12:44.0222 3104 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:12:44.0230 3104 swprv - ok
17:12:44.0347 3104 SynTP (961cfac2a5318e212f459d651f28e0a4) C:\Windows\system32\DRIVERS\SynTP.sys
17:12:44.0363 3104 SynTP - ok
17:12:44.0559 3104 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
17:12:44.0587 3104 SysMain - ok
17:12:44.0681 3104 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
17:12:44.0685 3104 TabletInputService - ok
17:12:44.0716 3104 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
17:12:44.0722 3104 TapiSrv - ok
17:12:44.0737 3104 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:12:44.0739 3104 TBS - ok
17:12:44.0949 3104 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
17:12:44.0975 3104 Tcpip - ok
17:12:45.0229 3104 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
17:12:45.0246 3104 TCPIP6 - ok
17:12:45.0311 3104 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
17:12:45.0313 3104 tcpipreg - ok
17:12:45.0342 3104 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:12:45.0343 3104 TDPIPE - ok
17:12:45.0374 3104 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
17:12:45.0375 3104 TDTCP - ok
17:12:45.0402 3104 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
17:12:45.0403 3104 tdx - ok
17:12:45.0431 3104 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
17:12:45.0432 3104 TermDD - ok
17:12:45.0503 3104 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
17:12:45.0517 3104 TermService - ok
17:12:45.0536 3104 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:12:45.0539 3104 Themes - ok
17:12:45.0573 3104 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:12:45.0575 3104 THREADORDER - ok
17:12:45.0591 3104 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:12:45.0594 3104 TrkWks - ok
17:12:45.0641 3104 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
17:12:45.0643 3104 TrustedInstaller - ok
17:12:45.0672 3104 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:12:45.0673 3104 tssecsrv - ok
17:12:45.0719 3104 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
17:12:45.0721 3104 tunnel - ok
17:12:45.0744 3104 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:12:45.0746 3104 uagp35 - ok
17:12:45.0791 3104 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
17:12:45.0795 3104 udfs - ok
17:12:45.0821 3104 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:12:45.0823 3104 UI0Detect - ok
17:12:45.0858 3104 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
17:12:45.0860 3104 uliagpkx - ok
17:12:45.0903 3104 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
17:12:45.0904 3104 umbus - ok
17:12:45.0925 3104 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:12:45.0926 3104 UmPass - ok
17:12:46.0168 3104 UNS (2b971a72c0d6bd8a710e2748353773dd) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
17:12:46.0198 3104 UNS - ok
17:12:46.0308 3104 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:12:46.0316 3104 upnphost - ok
17:12:46.0380 3104 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
17:12:46.0383 3104 usbaudio - ok
17:12:46.0411 3104 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
17:12:46.0413 3104 usbccgp - ok
17:12:46.0444 3104 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
17:12:46.0446 3104 usbcir - ok
17:12:46.0470 3104 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
17:12:46.0472 3104 usbehci - ok
17:12:46.0512 3104 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
17:12:46.0517 3104 usbhub - ok
17:12:46.0539 3104 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
17:12:46.0540 3104 usbohci - ok
17:12:46.0561 3104 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:12:46.0562 3104 usbprint - ok
17:12:46.0580 3104 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:12:46.0582 3104 USBSTOR - ok
17:12:46.0606 3104 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
17:12:46.0607 3104 usbuhci - ok
17:12:46.0654 3104 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
17:12:46.0657 3104 usbvideo - ok
17:12:46.0682 3104 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:12:46.0684 3104 UxSms - ok
17:12:46.0727 3104 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
17:12:46.0728 3104 VaultSvc - ok
17:12:46.0759 3104 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
17:12:46.0760 3104 vdrvroot - ok
17:12:46.0803 3104 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
17:12:46.0814 3104 vds - ok
17:12:46.0847 3104 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:12:46.0848 3104 vga - ok
17:12:46.0868 3104 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:12:46.0869 3104 VgaSave - ok
17:12:46.0913 3104 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
17:12:46.0916 3104 vhdmp - ok
17:12:46.0946 3104 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
17:12:46.0947 3104 viaide - ok
17:12:46.0971 3104 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
17:12:46.0972 3104 volmgr - ok
17:12:47.0001 3104 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
17:12:47.0006 3104 volmgrx - ok
17:12:47.0037 3104 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
17:12:47.0041 3104 volsnap - ok
17:12:47.0084 3104 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:12:47.0086 3104 vsmraid - ok
17:12:47.0197 3104 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
17:12:47.0222 3104 VSS - ok
17:12:47.0329 3104 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:12:47.0330 3104 vwifibus - ok
17:12:47.0364 3104 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:12:47.0366 3104 vwififlt - ok
17:12:47.0381 3104 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
17:12:47.0382 3104 vwifimp - ok
17:12:47.0440 3104 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:12:47.0447 3104 W32Time - ok
17:12:47.0474 3104 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:12:47.0475 3104 WacomPen - ok
17:12:47.0519 3104 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:12:47.0521 3104 WANARP - ok
17:12:47.0528 3104 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
17:12:47.0530 3104 Wanarpv6 - ok
17:12:47.0659 3104 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:12:47.0681 3104 WatAdminSvc - ok
17:12:47.0793 3104 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
17:12:47.0821 3104 wbengine - ok
17:12:47.0928 3104 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:12:47.0933 3104 WbioSrvc - ok
17:12:47.0981 3104 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
17:12:47.0988 3104 wcncsvc - ok
17:12:48.0001 3104 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:12:48.0004 3104 WcsPlugInService - ok
17:12:48.0035 3104 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:12:48.0036 3104 Wd - ok
17:12:48.0085 3104 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:12:48.0094 3104 Wdf01000 - ok
17:12:48.0150 3104 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:12:48.0153 3104 WdiServiceHost - ok
17:12:48.0157 3104 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:12:48.0160 3104 WdiSystemHost - ok
17:12:48.0186 3104 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys
17:12:48.0187 3104 wdkmd - ok
17:12:48.0224 3104 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
17:12:48.0229 3104 WebClient - ok
17:12:48.0269 3104 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:12:48.0274 3104 Wecsvc - ok
17:12:48.0299 3104 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:12:48.0303 3104 wercplsupport - ok
17:12:48.0329 3104 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:12:48.0332 3104 WerSvc - ok
17:12:48.0360 3104 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:12:48.0361 3104 WfpLwf - ok
17:12:48.0383 3104 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:12:48.0385 3104 WIMMount - ok
17:12:48.0440 3104 WinDefend - ok
17:12:48.0452 3104 WinHttpAutoProxySvc - ok
17:12:48.0527 3104 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:12:48.0530 3104 Winmgmt - ok
17:12:48.0676 3104 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
17:12:48.0711 3104 WinRM - ok
17:12:48.0884 3104 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
17:12:48.0886 3104 WinUsb - ok
17:12:48.0970 3104 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:12:48.0986 3104 Wlansvc - ok
17:12:49.0172 3104 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:12:49.0208 3104 wlidsvc - ok
17:12:49.0315 3104 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
17:12:49.0316 3104 WmiAcpi - ok
17:12:49.0392 3104 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:12:49.0396 3104 wmiApSrv - ok
17:12:49.0429 3104 WMPNetworkSvc - ok
17:12:49.0473 3104 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:12:49.0476 3104 WPCSvc - ok
17:12:49.0493 3104 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
17:12:49.0498 3104 WPDBusEnum - ok
17:12:49.0525 3104 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:12:49.0526 3104 ws2ifsl - ok
17:12:49.0562 3104 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
17:12:49.0566 3104 wscsvc - ok
17:12:49.0570 3104 WSearch - ok
17:12:49.0754 3104 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
17:12:49.0784 3104 wuauserv - ok
17:12:49.0906 3104 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
17:12:49.0909 3104 WudfPf - ok
17:12:49.0951 3104 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:49.0955 3104 WUDFRd - ok
17:12:49.0993 3104 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
17:12:49.0997 3104 wudfsvc - ok
17:12:50.0020 3104 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:12:50.0026 3104 WwanSvc - ok
17:12:50.0214 3104 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:12:50.0225 3104 YahooAUService - ok
17:12:50.0273 3104 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
17:12:50.0278 3104 yukonw7 - ok
17:12:50.0321 3104 MBR (0x1B8) (319274de38836f837434dfc069ac7d69) \Device\Harddisk0\DR0
17:12:50.0593 3104 \Device\Harddisk0\DR0 - ok
17:12:50.0600 3104 Boot (0x1200) (a40eb50f80dbb634d447faa2ec8ff277) \Device\Harddisk0\DR0\Partition0
17:12:50.0602 3104 \Device\Harddisk0\DR0\Partition0 - ok
17:12:50.0629 3104 Boot (0x1200) (48f90a7bd5d1acff193e50588435e546) \Device\Harddisk0\DR0\Partition1
17:12:50.0631 3104 \Device\Harddisk0\DR0\Partition1 - ok
17:12:50.0665 3104 Boot (0x1200) (07f423d607097262deefabe8c9c1bd28) \Device\Harddisk0\DR0\Partition2
17:12:50.0667 3104 \Device\Harddisk0\DR0\Partition2 - ok
17:12:50.0684 3104 Boot (0x1200) (8dfca36e4652c882b3f51bfda3bc3e8c) \Device\Harddisk0\DR0\Partition3
17:12:50.0684 3104 \Device\Harddisk0\DR0\Partition3 - ok
17:12:50.0685 3104 ============================================================
17:12:50.0685 3104 Scan finished
17:12:50.0685 3104 ============================================================
17:12:50.0702 5708 Detected object count: 1
17:12:50.0702 5708 Actual detected object count: 1
17:13:02.0860 5708 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
17:13:02.0861 5708 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

#4 swingblade

swingblade
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 27 June 2012 - 05:22 PM

Here's the log for Avast:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-06-27 17:14:02
-----------------------------
17:14:02.554 OS Version: Windows x64 6.1.7600
17:14:02.554 Number of processors: 4 586 0x2505
17:14:02.555 ComputerName: NEIL-LAPTOP UserName: Neil
17:14:03.514 Initialize success
17:14:10.655 AVAST engine defs: 12062700
17:14:24.441 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:14:24.446 Disk 0 Vendor: Hitachi_ PB3O Size: 305245MB BusType: 3
17:14:24.467 Disk 0 MBR read successfully
17:14:24.471 Disk 0 MBR scan
17:14:24.478 Disk 0 unknown MBR code
17:14:24.488 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
17:14:24.507 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 271190 MB offset 409600
17:14:24.543 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 33751 MB offset 555806720
17:14:24.561 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
17:14:24.594 Disk 0 scanning C:\Windows\system32\drivers
17:14:33.990 Service scanning
17:15:06.317 Modules scanning
17:15:06.318 Disk 0 trace - called modules:
17:15:06.344 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
17:15:06.346 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005282060]
17:15:06.347 3 CLASSPNP.SYS[fffff88001a5643f] -> nt!IofCallDriver -> [0xfffffa800511ab10]
17:15:06.348 5 hpdskflt.sys[fffff880016a8289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004f85050]
17:15:07.235 AVAST engine scan C:\Windows
17:15:09.957 AVAST engine scan C:\Windows\system32
17:18:49.070 AVAST engine scan C:\Windows\system32\drivers
17:19:01.126 AVAST engine scan C:\Users\Neil
17:21:04.231 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
17:21:04.232 The log file has been saved successfully to "C:\aswMBR.txt"

#5 swingblade

swingblade
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 27 June 2012 - 11:38 PM

Here is the list from ESETSorry for the delay.

C:\Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe.vir Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToOLbar32.dll.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Ywdk7xB31FUKYm.exe.vir a variant of Win32/Kryptik.WPB trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\GAC_32\Desktop.ini.vir Win32/Sirefef.DL trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\GAC_64\Desktop.ini.vir Win64/Sirefef.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir Win64/Sirefef.E trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\SysWOW64\FastUserSwitchingCompatibilityex.dll.vir a variant of Win32/Routmo.N trojan cleaned by deleting - quarantined
C:\Users\Neil\AppData\Local\Temp\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\Users\Neil\AppData\Local\Temp\YontooSetup-Silent.exe Win32/Adware.Yontoo application cleaned by deleting - quarantined
C:\Users\Neil\AppData\Local\Temp\ICReinstall\cnet2_snm-2_98_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Neil\AppData\Roaming\ZumoDrive\cache\Copy of Copy of Shortcut to google.lnk LNK/Exploit.CVE-2010-2568 trojan cleaned by deleting - quarantined
C:\Users\Neil\AppData\Roaming\ZumoDrive\cache\Copy of Shortcut to google.lnk LNK/Exploit.CVE-2010-2568 trojan cleaned by deleting - quarantined
C:\Users\Neil\AppData\Roaming\ZumoDrive\cache\Shortcut to google.lnk LNK/Exploit.CVE-2010-2568 trojan cleaned by deleting - quarantined
C:\Users\Neil\Downloads\cnet2_snm-2_98_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Neil\Downloads\cnet_soph_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\Neil\Downloads\FreeYouTubeDownloaderSetup.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 28 June 2012 - 03:39 AM

You did not follow my instructions.You ran combofix and we need to analyze your combofix log which cannot be done in this forum.

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

Edited by narenxp, 28 June 2012 - 03:40 AM.


#7 swingblade

swingblade
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:02 PM

Posted 28 June 2012 - 07:34 AM

I didn't run ComboFix. I ran the three programs you said by your instructions.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:02 AM

Posted 28 June 2012 - 07:35 AM

C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe.vir Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToOLbar32.dll.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\ProgramData\Ywdk7xB31FUKYm.exe.vir a variant of Win32/Kryptik.WPB trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\GAC_32\Desktop.ini.vir Win32/Sirefef.DL trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\GAC_64\Desktop.ini.vir Win64/Sirefef.F trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\System32\consrv.dll.vir Win64/Sirefef.E trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\SysWOW64\FastUserSwitchingCompatibilityex.dll.vir a variant of Win32/Routmo.N trojan cleaned by deleting - quarantined

This is from combofix quarantine folder.Please follow my previous instructions :thumbup2:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users