Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirection to fake antivirus sites


  • Please log in to reply
14 replies to this topic

#1 BellaLeonessa

BellaLeonessa

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 01 July 2012 - 05:30 PM

When on legit websites most of the time, news websites, I'm redirected to fake antivirus sites. Is there any one who can help me get rid of this problem, virus or whatever it is?

Edited by hamluis, 01 July 2012 - 05:32 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:27 AM

Posted 01 July 2012 - 05:41 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 BellaLeonessa

BellaLeonessa
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 01 July 2012 - 06:38 PM

TDSKiller log:

19:18:38.0844 2280 TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
19:18:39.0300 2280 ============================================================
19:18:39.0300 2280 Current date / time: 2012/07/01 19:18:39.0300
19:18:39.0300 2280 SystemInfo:
19:18:39.0300 2280
19:18:39.0300 2280 OS Version: 6.0.6002 ServicePack: 2.0
19:18:39.0300 2280 Product type: Workstation
19:18:39.0300 2280 ComputerName: KISSABOO-PC
19:18:39.0300 2280 UserName: kissaboo
19:18:39.0300 2280 Windows directory: C:\Windows
19:18:39.0300 2280 System windows directory: C:\Windows
19:18:39.0301 2280 Running under WOW64
19:18:39.0301 2280 Processor architecture: Intel x64
19:18:39.0301 2280 Number of processors: 2
19:18:39.0301 2280 Page size: 0x1000
19:18:39.0301 2280 Boot type: Normal boot
19:18:39.0301 2280 ============================================================
19:18:40.0770 2280 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:40.0790 2280 ============================================================
19:18:40.0790 2280 \Device\Harddisk0\DR0:
19:18:40.0790 2280 MBR partitions:
19:18:40.0790 2280 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
19:18:40.0790 2280 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0
19:18:40.0790 2280 ============================================================
19:18:40.0820 2280 C: <-> \Device\Harddisk0\DR0\Partition1
19:18:40.0846 2280 D: <-> \Device\Harddisk0\DR0\Partition0
19:18:40.0846 2280 ============================================================
19:18:40.0846 2280 Initialize success
19:18:40.0846 2280 ============================================================
19:19:03.0483 1348 ============================================================
19:19:03.0483 1348 Scan started
19:19:03.0483 1348 Mode: Manual; TDLFS;
19:19:03.0483 1348 ============================================================
19:19:04.0040 1348 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:19:04.0042 1348 ACPI - ok
19:19:04.0100 1348 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
19:19:04.0106 1348 adfs - ok
19:19:04.0191 1348 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:04.0192 1348 AdobeARMservice - ok
19:19:04.0279 1348 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:19:04.0280 1348 AdobeFlashPlayerUpdateSvc - ok
19:19:04.0317 1348 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:19:04.0322 1348 adp94xx - ok
19:19:04.0348 1348 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:19:04.0351 1348 adpahci - ok
19:19:04.0371 1348 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:19:04.0373 1348 adpu160m - ok
19:19:04.0388 1348 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:19:04.0390 1348 adpu320 - ok
19:19:04.0430 1348 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
19:19:04.0431 1348 AeLookupSvc - ok
19:19:04.0467 1348 AERTFilters (7394641611ef3ab2d041f104f1e8c1b9) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
19:19:04.0468 1348 AERTFilters - ok
19:19:04.0545 1348 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
19:19:04.0549 1348 AFD - ok
19:19:04.0575 1348 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:19:04.0581 1348 agp440 - ok
19:19:04.0606 1348 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:19:04.0607 1348 aic78xx - ok
19:19:04.0629 1348 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
19:19:04.0631 1348 ALG - ok
19:19:04.0639 1348 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
19:19:04.0646 1348 aliide - ok
19:19:04.0660 1348 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:19:04.0665 1348 amdide - ok
19:19:04.0686 1348 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:19:04.0687 1348 AmdK8 - ok
19:19:04.0823 1348 AntiVirSchedulerService (0a1cc583e8147004e4ad4625d7fbf88c) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:19:04.0825 1348 AntiVirSchedulerService - ok
19:19:04.0868 1348 AntiVirService (c9a36ef935aced86aedf93e97e606911) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:19:04.0870 1348 AntiVirService - ok
19:19:04.0913 1348 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
19:19:04.0914 1348 Appinfo - ok
19:19:04.0936 1348 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:19:04.0938 1348 arc - ok
19:19:04.0959 1348 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:19:04.0961 1348 arcsas - ok
19:19:04.0981 1348 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:04.0982 1348 AsyncMac - ok
19:19:05.0030 1348 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
19:19:05.0031 1348 atapi - ok
19:19:05.0091 1348 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:19:05.0094 1348 AudioEndpointBuilder - ok
19:19:05.0104 1348 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
19:19:05.0109 1348 AudioSrv - ok
19:19:05.0122 1348 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
19:19:05.0124 1348 avgntflt - ok
19:19:05.0138 1348 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
19:19:05.0139 1348 avipbb - ok
19:19:05.0160 1348 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
19:19:05.0160 1348 avkmgr - ok
19:19:05.0220 1348 BFE (ffb96c2589ffa60473ead78b39fbde29) C:\Windows\System32\bfe.dll
19:19:05.0224 1348 BFE - ok
19:19:05.0282 1348 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
19:19:05.0294 1348 BITS - ok
19:19:05.0334 1348 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:19:05.0335 1348 blbdrive - ok
19:19:05.0382 1348 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:19:05.0383 1348 bowser - ok
19:19:05.0397 1348 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:19:05.0398 1348 BrFiltLo - ok
19:19:05.0413 1348 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:19:05.0416 1348 BrFiltUp - ok
19:19:05.0442 1348 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
19:19:05.0444 1348 Browser - ok
19:19:05.0461 1348 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:19:05.0463 1348 Brserid - ok
19:19:05.0476 1348 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:19:05.0481 1348 BrSerWdm - ok
19:19:05.0494 1348 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:19:05.0498 1348 BrUsbMdm - ok
19:19:05.0509 1348 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:19:05.0513 1348 BrUsbSer - ok
19:19:05.0527 1348 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:19:05.0528 1348 BTHMODEM - ok
19:19:05.0591 1348 CAXHWBS2 (6c2dd66a3db32450d661ba89b18b1941) C:\Windows\system32\DRIVERS\CAXHWBS2.sys
19:19:05.0595 1348 CAXHWBS2 - ok
19:19:05.0620 1348 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:19:05.0622 1348 cdfs - ok
19:19:05.0672 1348 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:19:05.0677 1348 cdrom - ok
19:19:05.0740 1348 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:19:05.0742 1348 CertPropSvc - ok
19:19:05.0762 1348 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
19:19:05.0763 1348 circlass - ok
19:19:05.0925 1348 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:19:05.0929 1348 CLFS - ok
19:19:06.0004 1348 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:06.0006 1348 clr_optimization_v2.0.50727_32 - ok
19:19:06.0068 1348 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:06.0070 1348 clr_optimization_v2.0.50727_64 - ok
19:19:06.0186 1348 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:06.0188 1348 clr_optimization_v4.0.30319_32 - ok
19:19:06.0215 1348 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:06.0217 1348 clr_optimization_v4.0.30319_64 - ok
19:19:06.0226 1348 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:19:06.0227 1348 cmdide - ok
19:19:06.0240 1348 Compbatt (34a6aa82aa36c87fc8816f2097efa345) C:\Windows\system32\drivers\compbatt.sys
19:19:06.0241 1348 Compbatt - ok
19:19:06.0246 1348 COMSysApp - ok
19:19:06.0252 1348 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:19:06.0253 1348 crcdisk - ok
19:19:06.0315 1348 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
19:19:06.0317 1348 CryptSvc - ok
19:19:06.0391 1348 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:19:06.0398 1348 DcomLaunch - ok
19:19:06.0457 1348 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:19:06.0459 1348 DfsC - ok
19:19:06.0634 1348 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
19:19:06.0675 1348 DFSR - ok
19:19:06.0779 1348 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
19:19:06.0782 1348 Dhcp - ok
19:19:06.0824 1348 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:19:06.0826 1348 disk - ok
19:19:06.0857 1348 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
19:19:06.0858 1348 Dnscache - ok
19:19:06.0938 1348 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
19:19:06.0940 1348 DockLoginService - ok
19:19:06.0989 1348 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
19:19:06.0992 1348 dot3svc - ok
19:19:07.0025 1348 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
19:19:07.0027 1348 DPS - ok
19:19:07.0071 1348 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:19:07.0071 1348 drmkaud - ok
19:19:07.0155 1348 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:19:07.0167 1348 DXGKrnl - ok
19:19:07.0221 1348 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
19:19:07.0224 1348 e1express - ok
19:19:07.0243 1348 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:19:07.0250 1348 E1G60 - ok
19:19:07.0269 1348 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
19:19:07.0271 1348 EapHost - ok
19:19:07.0318 1348 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:19:07.0319 1348 Ecache - ok
19:19:07.0376 1348 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
19:19:07.0379 1348 ehRecvr - ok
19:19:07.0399 1348 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
19:19:07.0401 1348 ehSched - ok
19:19:07.0419 1348 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
19:19:07.0420 1348 ehstart - ok
19:19:07.0451 1348 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:19:07.0455 1348 elxstor - ok
19:19:07.0514 1348 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
19:19:07.0517 1348 EMDMgmt - ok
19:19:07.0535 1348 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
19:19:07.0536 1348 ErrDev - ok
19:19:07.0600 1348 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
19:19:07.0604 1348 EventSystem - ok
19:19:07.0636 1348 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:19:07.0645 1348 exfat - ok
19:19:07.0697 1348 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:19:07.0701 1348 fastfat - ok
19:19:07.0727 1348 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:19:07.0731 1348 fdc - ok
19:19:07.0751 1348 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
19:19:07.0757 1348 fdPHost - ok
19:19:07.0777 1348 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
19:19:07.0779 1348 FDResPub - ok
19:19:07.0789 1348 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:19:07.0790 1348 FileInfo - ok
19:19:07.0807 1348 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:19:07.0808 1348 Filetrace - ok
19:19:07.0832 1348 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:19:07.0848 1348 flpydisk - ok
19:19:07.0868 1348 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:19:07.0871 1348 FltMgr - ok
19:19:07.0977 1348 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
19:19:07.0985 1348 FontCache - ok
19:19:08.0054 1348 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:08.0055 1348 FontCache3.0.0.0 - ok
19:19:08.0100 1348 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
19:19:08.0105 1348 Fs_Rec - ok
19:19:08.0132 1348 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:19:08.0133 1348 gagp30kx - ok
19:19:08.0182 1348 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
19:19:08.0187 1348 gpsvc - ok
19:19:08.0404 1348 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:08.0405 1348 gupdate - ok
19:19:08.0424 1348 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:08.0425 1348 gupdatem - ok
19:19:08.0465 1348 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:19:08.0466 1348 gusvc - ok
19:19:08.0652 1348 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:19:08.0662 1348 HDAudBus - ok
19:19:08.0682 1348 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:19:08.0682 1348 HidBth - ok
19:19:08.0699 1348 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
19:19:08.0700 1348 HidIr - ok
19:19:08.0744 1348 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
19:19:08.0746 1348 hidserv - ok
19:19:08.0793 1348 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:19:08.0796 1348 HidUsb - ok
19:19:08.0833 1348 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
19:19:08.0835 1348 hkmsvc - ok
19:19:08.0866 1348 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
19:19:08.0872 1348 HpCISSs - ok
19:19:08.0959 1348 HSF_DPV (60f1d0ede7ae2b92b3a8886e825b7147) C:\Windows\system32\DRIVERS\CAX_DPV.sys
19:19:08.0977 1348 HSF_DPV - ok
19:19:09.0120 1348 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:19:09.0127 1348 HTTP - ok
19:19:09.0141 1348 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:19:09.0142 1348 i2omp - ok
19:19:09.0170 1348 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:19:09.0176 1348 i8042prt - ok
19:19:09.0225 1348 iaStor (756879fa65978df948437ce3fd1eaccd) C:\Windows\system32\drivers\iastor.sys
19:19:09.0229 1348 iaStor - ok
19:19:09.0256 1348 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:19:09.0269 1348 iaStorV - ok
19:19:09.0408 1348 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:09.0415 1348 idsvc - ok
19:19:09.0703 1348 igfx (2161876969e428a494f8d7c38fa6f513) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:19:09.0815 1348 igfx - ok
19:19:09.0854 1348 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:19:09.0855 1348 iirsp - ok
19:19:09.0918 1348 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
19:19:09.0924 1348 IKEEXT - ok
19:19:09.0993 1348 IntcAzAudAddService (49a1c3833af724b2555c0689347dcd05) C:\Windows\system32\drivers\RTKVHD64.sys
19:19:10.0025 1348 IntcAzAudAddService - ok
19:19:10.0142 1348 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\DRIVERS\intelide.sys
19:19:10.0142 1348 intelide - ok
19:19:10.0154 1348 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:19:10.0155 1348 intelppm - ok
19:19:10.0184 1348 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
19:19:10.0186 1348 IPBusEnum - ok
19:19:10.0240 1348 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:10.0242 1348 IpFilterDriver - ok
19:19:10.0292 1348 iphlpsvc (bf0dbfa9792c5c14fa00f61c75116c1b) C:\Windows\System32\iphlpsvc.dll
19:19:10.0297 1348 iphlpsvc - ok
19:19:10.0301 1348 IpInIp - ok
19:19:10.0319 1348 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
19:19:10.0320 1348 IPMIDRV - ok
19:19:10.0340 1348 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:19:10.0342 1348 IPNAT - ok
19:19:10.0374 1348 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:19:10.0374 1348 IRENUM - ok
19:19:10.0401 1348 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:19:10.0402 1348 isapnp - ok
19:19:10.0448 1348 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:19:10.0451 1348 iScsiPrt - ok
19:19:10.0472 1348 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:19:10.0473 1348 iteatapi - ok
19:19:10.0486 1348 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:19:10.0487 1348 iteraid - ok
19:19:10.0503 1348 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:19:10.0504 1348 kbdclass - ok
19:19:10.0558 1348 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
19:19:10.0559 1348 kbdhid - ok
19:19:10.0609 1348 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:19:10.0611 1348 KeyIso - ok
19:19:10.0692 1348 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:19:10.0694 1348 Kodak AiO Network Discovery Service - ok
19:19:10.0762 1348 KSecDD (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
19:19:10.0767 1348 KSecDD - ok
19:19:10.0788 1348 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:19:10.0788 1348 ksthunk - ok
19:19:10.0830 1348 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
19:19:10.0834 1348 KtmRm - ok
19:19:10.0901 1348 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
19:19:10.0904 1348 LanmanServer - ok
19:19:10.0955 1348 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
19:19:10.0959 1348 LanmanWorkstation - ok
19:19:10.0978 1348 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:19:10.0979 1348 lltdio - ok
19:19:11.0016 1348 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
19:19:11.0019 1348 lltdsvc - ok
19:19:11.0035 1348 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
19:19:11.0037 1348 lmhosts - ok
19:19:11.0056 1348 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:19:11.0062 1348 LSI_FC - ok
19:19:11.0076 1348 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:19:11.0077 1348 LSI_SAS - ok
19:19:11.0091 1348 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:19:11.0097 1348 LSI_SCSI - ok
19:19:11.0120 1348 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:19:11.0121 1348 luafv - ok
19:19:11.0139 1348 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
19:19:11.0141 1348 Mcx2Svc - ok
19:19:11.0158 1348 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:19:11.0158 1348 mdmxsdk - ok
19:19:11.0171 1348 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:19:11.0171 1348 megasas - ok
19:19:11.0198 1348 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:19:11.0202 1348 MegaSR - ok
19:19:11.0221 1348 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:19:11.0224 1348 MMCSS - ok
19:19:11.0241 1348 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:19:11.0242 1348 Modem - ok
19:19:11.0252 1348 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:19:11.0253 1348 monitor - ok
19:19:11.0262 1348 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:19:11.0263 1348 mouclass - ok
19:19:11.0285 1348 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:19:11.0287 1348 mouhid - ok
19:19:11.0293 1348 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:19:11.0294 1348 MountMgr - ok
19:19:11.0317 1348 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:19:11.0318 1348 MpFilter - ok
19:19:11.0353 1348 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
19:19:11.0361 1348 mpio - ok
19:19:11.0380 1348 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:19:11.0386 1348 mpsdrv - ok
19:19:11.0461 1348 MpsSvc (897e3baf68ba406a61682ae39c83900c) C:\Windows\system32\mpssvc.dll
19:19:11.0467 1348 MpsSvc - ok
19:19:11.0497 1348 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:19:11.0497 1348 Mraid35x - ok
19:19:11.0514 1348 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:19:11.0515 1348 MRxDAV - ok
19:19:11.0571 1348 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:11.0572 1348 mrxsmb - ok
19:19:11.0623 1348 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:11.0626 1348 mrxsmb10 - ok
19:19:11.0641 1348 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:11.0642 1348 mrxsmb20 - ok
19:19:11.0659 1348 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
19:19:11.0663 1348 msahci - ok
19:19:11.0686 1348 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
19:19:11.0692 1348 msdsm - ok
19:19:11.0720 1348 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
19:19:11.0722 1348 MSDTC - ok
19:19:11.0742 1348 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:19:11.0743 1348 Msfs - ok
19:19:11.0750 1348 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:19:11.0751 1348 msisadrv - ok
19:19:11.0789 1348 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
19:19:11.0791 1348 MSiSCSI - ok
19:19:11.0794 1348 msiserver - ok
19:19:11.0809 1348 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:19:11.0810 1348 MSKSSRV - ok
19:19:11.0862 1348 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:19:11.0862 1348 MsMpSvc - ok
19:19:11.0877 1348 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:11.0878 1348 MSPCLOCK - ok
19:19:11.0882 1348 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:19:11.0885 1348 MSPQM - ok
19:19:11.0943 1348 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:19:11.0947 1348 MsRPC - ok
19:19:11.0957 1348 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:19:11.0958 1348 mssmbios - ok
19:19:11.0974 1348 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:19:11.0975 1348 MSTEE - ok
19:19:11.0987 1348 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:19:11.0989 1348 Mup - ok
19:19:12.0023 1348 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
19:19:12.0029 1348 napagent - ok
19:19:12.0091 1348 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:19:12.0093 1348 NativeWifiP - ok
19:19:12.0175 1348 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:19:12.0182 1348 NDIS - ok
19:19:12.0191 1348 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:19:12.0192 1348 NdisTapi - ok
19:19:12.0219 1348 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:19:12.0220 1348 Ndisuio - ok
19:19:12.0278 1348 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:19:12.0280 1348 NdisWan - ok
19:19:12.0295 1348 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:19:12.0305 1348 NDProxy - ok
19:19:12.0331 1348 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:19:12.0331 1348 NetBIOS - ok
19:19:12.0380 1348 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:19:12.0382 1348 netbt - ok
19:19:12.0426 1348 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:19:12.0427 1348 Netlogon - ok
19:19:12.0466 1348 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
19:19:12.0470 1348 Netman - ok
19:19:12.0490 1348 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
19:19:12.0493 1348 netprofm - ok
19:19:12.0519 1348 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:19:12.0520 1348 NetTcpPortSharing - ok
19:19:12.0541 1348 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:19:12.0542 1348 nfrd960 - ok
19:19:12.0594 1348 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:19:12.0596 1348 NisDrv - ok
19:19:12.0664 1348 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:19:12.0667 1348 NisSrv - ok
19:19:12.0687 1348 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
19:19:12.0690 1348 NlaSvc - ok
19:19:12.0718 1348 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:19:12.0719 1348 Npfs - ok
19:19:12.0748 1348 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
19:19:12.0750 1348 nsi - ok
19:19:12.0763 1348 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:19:12.0764 1348 nsiproxy - ok
19:19:12.0865 1348 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:19:12.0883 1348 Ntfs - ok
19:19:12.0980 1348 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:19:12.0985 1348 Null - ok
19:19:13.0014 1348 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:19:13.0022 1348 nvraid - ok
19:19:13.0041 1348 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:19:13.0043 1348 nvstor - ok
19:19:13.0061 1348 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:19:13.0063 1348 nv_agp - ok
19:19:13.0068 1348 NwlnkFlt - ok
19:19:13.0085 1348 NwlnkFwd - ok
19:19:13.0121 1348 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
19:19:13.0122 1348 ohci1394 - ok
19:19:13.0183 1348 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:19:13.0185 1348 ose - ok
19:19:13.0459 1348 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:19:13.0519 1348 osppsvc - ok
19:19:13.0578 1348 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:19:13.0589 1348 p2pimsvc - ok
19:19:13.0600 1348 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:19:13.0608 1348 p2psvc - ok
19:19:13.0634 1348 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
19:19:13.0640 1348 Parport - ok
19:19:13.0689 1348 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
19:19:13.0690 1348 partmgr - ok
19:19:13.0716 1348 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
19:19:13.0719 1348 PcaSvc - ok
19:19:13.0774 1348 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:19:13.0776 1348 pci - ok
19:19:13.0802 1348 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
19:19:13.0803 1348 pciide - ok
19:19:13.0825 1348 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:19:13.0827 1348 pcmcia - ok
19:19:13.0869 1348 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:19:13.0877 1348 PEAUTH - ok
19:19:13.0938 1348 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
19:19:13.0940 1348 PerfHost - ok
19:19:14.0022 1348 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
19:19:14.0040 1348 pla - ok
19:19:14.0095 1348 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
19:19:14.0102 1348 PlugPlay - ok
19:19:14.0149 1348 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:19:14.0158 1348 PNRPAutoReg - ok
19:19:14.0174 1348 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
19:19:14.0182 1348 PNRPsvc - ok
19:19:14.0233 1348 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
19:19:14.0241 1348 PolicyAgent - ok
19:19:14.0328 1348 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:19:14.0330 1348 PptpMiniport - ok
19:19:14.0361 1348 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
19:19:14.0368 1348 Processor - ok
19:19:14.0419 1348 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
19:19:14.0422 1348 ProfSvc - ok
19:19:14.0467 1348 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:19:14.0469 1348 ProtectedStorage - ok
19:19:14.0519 1348 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:19:14.0521 1348 PSched - ok
19:19:14.0561 1348 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
19:19:14.0562 1348 PxHlpa64 - ok
19:19:14.0619 1348 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:19:14.0643 1348 ql2300 - ok
19:19:14.0663 1348 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:19:14.0664 1348 ql40xx - ok
19:19:14.0696 1348 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
19:19:14.0701 1348 QWAVE - ok
19:19:14.0726 1348 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:19:14.0731 1348 QWAVEdrv - ok
19:19:14.0862 1348 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys
19:19:14.0892 1348 R300 - ok
19:19:14.0951 1348 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:19:14.0956 1348 RasAcd - ok
19:19:14.0969 1348 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
19:19:14.0972 1348 RasAuto - ok
19:19:14.0981 1348 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:14.0982 1348 Rasl2tp - ok
19:19:15.0005 1348 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
19:19:15.0009 1348 RasMan - ok
19:19:15.0054 1348 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:15.0056 1348 RasPppoe - ok
19:19:15.0098 1348 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:19:15.0104 1348 RasSstp - ok
19:19:15.0161 1348 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:19:15.0164 1348 rdbss - ok
19:19:15.0188 1348 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:15.0192 1348 RDPCDD - ok
19:19:15.0220 1348 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
19:19:15.0223 1348 rdpdr - ok
19:19:15.0228 1348 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:19:15.0232 1348 RDPENCDD - ok
19:19:15.0295 1348 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
19:19:15.0306 1348 RDPWD - ok
19:19:15.0338 1348 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
19:19:15.0340 1348 RemoteAccess - ok
19:19:15.0391 1348 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
19:19:15.0395 1348 RemoteRegistry - ok
19:19:15.0425 1348 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
19:19:15.0426 1348 RimUsb - ok
19:19:15.0440 1348 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
19:19:15.0442 1348 RpcLocator - ok
19:19:15.0512 1348 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
19:19:15.0520 1348 RpcSs - ok
19:19:15.0538 1348 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:19:15.0540 1348 rspndr - ok
19:19:15.0584 1348 RTL8169 (b263b3aebcde2210d1cc25756601b8ea) C:\Windows\system32\DRIVERS\Rtlh64.sys
19:19:15.0588 1348 RTL8169 - ok
19:19:15.0642 1348 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
19:19:15.0643 1348 SamSs - ok
19:19:15.0677 1348 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:19:15.0678 1348 sbp2port - ok
19:19:15.0730 1348 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
19:19:15.0733 1348 SCardSvr - ok
19:19:15.0811 1348 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
19:19:15.0820 1348 Schedule - ok
19:19:15.0872 1348 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
19:19:15.0873 1348 SCPolicySvc - ok
19:19:15.0906 1348 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
19:19:15.0910 1348 SDRSVC - ok
19:19:16.0108 1348 SeaPort (331e7bde228914574fc9ae6cd520dafa) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
19:19:16.0110 1348 SeaPort - ok
19:19:16.0154 1348 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:19:16.0159 1348 secdrv - ok
19:19:16.0169 1348 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
19:19:16.0172 1348 seclogon - ok
19:19:16.0185 1348 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
19:19:16.0188 1348 SENS - ok
19:19:16.0203 1348 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
19:19:16.0204 1348 Serenum - ok
19:19:16.0219 1348 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
19:19:16.0220 1348 Serial - ok
19:19:16.0241 1348 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:19:16.0242 1348 sermouse - ok
19:19:16.0275 1348 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
19:19:16.0278 1348 SessionEnv - ok
19:19:16.0296 1348 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
19:19:16.0300 1348 sffdisk - ok
19:19:16.0310 1348 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
19:19:16.0315 1348 sffp_mmc - ok
19:19:16.0322 1348 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
19:19:16.0328 1348 sffp_sd - ok
19:19:16.0349 1348 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:19:16.0353 1348 sfloppy - ok
19:19:16.0392 1348 SharedAccess (4c5aee179da7e1ee9a9ccb9da289af34) C:\Windows\System32\ipnathlp.dll
19:19:16.0397 1348 SharedAccess - ok
19:19:16.0453 1348 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
19:19:16.0457 1348 ShellHWDetection - ok
19:19:16.0475 1348 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:19:16.0481 1348 SiSRaid2 - ok
19:19:16.0501 1348 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:19:16.0508 1348 SiSRaid4 - ok
19:19:16.0648 1348 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
19:19:16.0682 1348 slsvc - ok
19:19:16.0783 1348 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
19:19:16.0786 1348 SLUINotify - ok
19:19:16.0846 1348 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:19:16.0847 1348 Smb - ok
19:19:16.0883 1348 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
19:19:16.0885 1348 SNMPTRAP - ok
19:19:16.0937 1348 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:19:16.0938 1348 spldr - ok
19:19:16.0993 1348 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
19:19:16.0998 1348 Spooler - ok
19:19:17.0061 1348 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:19:17.0066 1348 srv - ok
19:19:17.0120 1348 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:19:17.0122 1348 srv2 - ok
19:19:17.0137 1348 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:19:17.0138 1348 srvnet - ok
19:19:17.0154 1348 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
19:19:17.0159 1348 SSDPSRV - ok
19:19:17.0188 1348 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
19:19:17.0192 1348 SstpSvc - ok
19:19:17.0252 1348 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
19:19:17.0261 1348 stisvc - ok
19:19:17.0314 1348 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:19:17.0357 1348 stllssvr - ok
19:19:17.0380 1348 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:19:17.0384 1348 swenum - ok
19:19:17.0455 1348 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
19:19:17.0462 1348 swprv - ok
19:19:17.0475 1348 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:19:17.0476 1348 Symc8xx - ok
19:19:17.0492 1348 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:19:17.0493 1348 Sym_hi - ok
19:19:17.0509 1348 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:19:17.0513 1348 Sym_u3 - ok
19:19:17.0584 1348 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
19:19:17.0590 1348 SysMain - ok
19:19:17.0606 1348 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
19:19:17.0608 1348 TabletInputService - ok
19:19:17.0628 1348 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
19:19:17.0631 1348 TapiSrv - ok
19:19:17.0641 1348 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
19:19:17.0643 1348 TBS - ok
19:19:17.0730 1348 Tcpip (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\drivers\tcpip.sys
19:19:17.0742 1348 Tcpip - ok
19:19:17.0755 1348 Tcpip6 (ac8d5728e6ad6a7c4819d9a67008337a) C:\Windows\system32\DRIVERS\tcpip.sys
19:19:17.0765 1348 Tcpip6 - ok
19:19:17.0780 1348 tcpipreg (fd8fde859e38e40a20085ebb0c22b416) C:\Windows\system32\drivers\tcpipreg.sys
19:19:17.0781 1348 tcpipreg - ok
19:19:17.0797 1348 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:19:17.0800 1348 TDPIPE - ok
19:19:17.0818 1348 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:19:17.0821 1348 TDTCP - ok
19:19:17.0873 1348 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:19:17.0878 1348 tdx - ok
19:19:17.0918 1348 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:19:17.0923 1348 TermDD - ok
19:19:17.0986 1348 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
19:19:17.0992 1348 TermService - ok
19:19:18.0044 1348 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
19:19:18.0047 1348 Themes - ok
19:19:18.0071 1348 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
19:19:18.0073 1348 THREADORDER - ok
19:19:18.0080 1348 tljkva - ok
19:19:18.0115 1348 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
19:19:18.0118 1348 TrkWks - ok
19:19:18.0187 1348 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
19:19:18.0188 1348 TrustedInstaller - ok
19:19:18.0212 1348 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:18.0217 1348 tssecsrv - ok
19:19:18.0240 1348 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:19:18.0241 1348 tunmp - ok
19:19:18.0283 1348 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:19:18.0292 1348 tunnel - ok
19:19:18.0310 1348 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:19:18.0311 1348 uagp35 - ok
19:19:18.0342 1348 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:19:18.0345 1348 udfs - ok
19:19:18.0358 1348 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
19:19:18.0362 1348 UI0Detect - ok
19:19:18.0387 1348 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:19:18.0388 1348 uliagpkx - ok
19:19:18.0408 1348 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:19:18.0411 1348 uliahci - ok
19:19:18.0437 1348 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:19:18.0438 1348 UlSata - ok
19:19:18.0454 1348 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:19:18.0456 1348 ulsata2 - ok
19:19:18.0473 1348 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:19:18.0474 1348 umbus - ok
19:19:18.0512 1348 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
19:19:18.0516 1348 upnphost - ok
19:19:18.0590 1348 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
19:19:18.0591 1348 usbaudio - ok
19:19:18.0594 1348 usbbus - ok
19:19:18.0627 1348 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:18.0631 1348 usbccgp - ok
19:19:18.0650 1348 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
19:19:18.0656 1348 usbcir - ok
19:19:18.0660 1348 UsbDiag - ok
19:19:18.0683 1348 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:19:18.0684 1348 usbehci - ok
19:19:18.0739 1348 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:19:18.0741 1348 usbhub - ok
19:19:18.0760 1348 USBModem - ok
19:19:18.0779 1348 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
19:19:18.0779 1348 usbohci - ok
19:19:18.0793 1348 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
19:19:18.0794 1348 usbprint - ok
19:19:18.0812 1348 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
19:19:18.0813 1348 usbscan - ok
19:19:18.0865 1348 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:18.0866 1348 USBSTOR - ok
19:19:18.0871 1348 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:19:18.0876 1348 usbuhci - ok
19:19:18.0920 1348 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
19:19:18.0922 1348 UxSms - ok
19:19:18.0984 1348 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
19:19:18.0990 1348 vds - ok
19:19:19.0014 1348 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:19:19.0018 1348 vga - ok
19:19:19.0034 1348 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:19:19.0035 1348 VgaSave - ok
19:19:19.0052 1348 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:19:19.0057 1348 viaide - ok
19:19:19.0106 1348 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:19:19.0107 1348 volmgr - ok
19:19:19.0170 1348 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:19:19.0174 1348 volmgrx - ok
19:19:19.0232 1348 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:19:19.0235 1348 volsnap - ok
19:19:19.0256 1348 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:19:19.0258 1348 vsmraid - ok
19:19:19.0356 1348 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
19:19:19.0373 1348 VSS - ok
19:19:19.0432 1348 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
19:19:19.0436 1348 W32Time - ok
19:19:19.0470 1348 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:19:19.0471 1348 WacomPen - ok
19:19:19.0525 1348 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:19.0528 1348 Wanarp - ok
19:19:19.0534 1348 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:19.0535 1348 Wanarpv6 - ok
19:19:19.0568 1348 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
19:19:19.0576 1348 wcncsvc - ok
19:19:19.0609 1348 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
19:19:19.0612 1348 WcsPlugInService - ok
19:19:19.0626 1348 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:19:19.0627 1348 Wd - ok
19:19:19.0678 1348 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
19:19:19.0689 1348 Wdf01000 - ok
19:19:19.0702 1348 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:19:19.0705 1348 WdiServiceHost - ok
19:19:19.0711 1348 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
19:19:19.0715 1348 WdiSystemHost - ok
19:19:19.0738 1348 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
19:19:19.0742 1348 WebClient - ok
19:19:19.0796 1348 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
19:19:19.0801 1348 Wecsvc - ok
19:19:19.0813 1348 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
19:19:19.0816 1348 wercplsupport - ok
19:19:19.0837 1348 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
19:19:19.0840 1348 WerSvc - ok
19:19:19.0883 1348 winachsf (a53cde6beea165fe9b430476eede3c54) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
19:19:19.0891 1348 winachsf - ok
19:19:19.0946 1348 WinDefend - ok
19:19:19.0962 1348 WinHttpAutoProxySvc - ok
19:19:20.0040 1348 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
19:19:20.0042 1348 Winmgmt - ok
19:19:20.0162 1348 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
19:19:20.0192 1348 WinRM - ok
19:19:20.0298 1348 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
19:19:20.0307 1348 Wlansvc - ok
19:19:20.0452 1348 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:19:20.0470 1348 wlidsvc - ok
19:19:20.0533 1348 WmiAcpi (7999dfb1c555efc0db69576f70027867) C:\Windows\system32\drivers\wmiacpi.sys
19:19:20.0537 1348 WmiAcpi - ok
19:19:20.0569 1348 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
19:19:20.0571 1348 wmiApSrv - ok
19:19:20.0578 1348 WMPNetworkSvc - ok
19:19:20.0617 1348 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
19:19:20.0621 1348 WPCSvc - ok
19:19:20.0677 1348 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
19:19:20.0680 1348 WPDBusEnum - ok
19:19:20.0728 1348 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:19:20.0733 1348 WpdUsb - ok
19:19:20.0934 1348 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:19:20.0943 1348 WPFFontCache_v0400 - ok
19:19:20.0963 1348 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:19:20.0964 1348 ws2ifsl - ok
19:19:21.0014 1348 wscsvc (9ea3e6d0ef7a5c2b9181961052a4b01a) C:\Windows\System32\wscsvc.dll
19:19:21.0017 1348 wscsvc - ok
19:19:21.0022 1348 WSearch - ok
19:19:21.0143 1348 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:19:21.0164 1348 wuauserv - ok
19:19:21.0238 1348 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:19:21.0240 1348 WUDFRd - ok
19:19:21.0254 1348 wudfsvc (6cbd51ff913c851d56ed9dc7f2a27dde) C:\Windows\System32\WUDFSvc.dll
19:19:21.0258 1348 wudfsvc - ok
19:19:21.0288 1348 XAudio (f22e443518bc599d12888daf292a56d8) C:\Windows\system32\DRIVERS\xaudio64.sys
19:19:21.0289 1348 XAudio - ok
19:19:21.0319 1348 XAudioService (963c27034bba4ac52a13f7a3c657c708) C:\Windows\system32\DRIVERS\xaudio64.exe
19:19:21.0323 1348 XAudioService - ok
19:19:21.0354 1348 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
19:19:21.0735 1348 \Device\Harddisk0\DR0 - ok
19:19:21.0768 1348 Boot (0x1200) (f7b3d4355901439c142a635e5e09771e) \Device\Harddisk0\DR0\Partition0
19:19:21.0769 1348 \Device\Harddisk0\DR0\Partition0 - ok
19:19:21.0772 1348 Boot (0x1200) (03ff3b6fadddba8b46cc06b9759eab41) \Device\Harddisk0\DR0\Partition1
19:19:21.0773 1348 \Device\Harddisk0\DR0\Partition1 - ok
19:19:21.0774 1348 ============================================================
19:19:21.0774 1348 Scan finished
19:19:21.0774 1348 ============================================================
19:19:21.0782 4556 Detected object count: 0
19:19:21.0782 4556 Actual detected object count: 0
19:21:06.0433 6524 Deinitialize success



aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-01 19:22:04
-----------------------------
19:22:04.801 OS Version: Windows x64 6.0.6002 Service Pack 2
19:22:04.801 Number of processors: 2 586 0x170A
19:22:04.801 ComputerName: KISSABOO-PC UserName: kissaboo
19:22:06.408 Initialize success
19:23:06.395 AVAST engine defs: 12070101
19:23:43.195 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:23:43.211 Disk 0 Vendor: Hitachi_HDS721075KLA330 GK8OA97A Size: 715404MB BusType: 3
19:23:43.211 Disk 0 MBR read successfully
19:23:43.226 Disk 0 MBR scan
19:23:43.242 Disk 0 Windows VISTA default MBR code
19:23:43.242 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
19:23:43.273 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 15000 MB offset 81920
19:23:43.304 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 700363 MB offset 30801920
19:23:43.351 Disk 0 scanning C:\Windows\system32\drivers
19:23:58.468 Service scanning
19:24:29.925 Modules scanning
19:24:29.925 Disk 0 trace - called modules:
19:24:29.957 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:24:29.957 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006331500]
19:24:29.957 3 CLASSPNP.SYS[fffffa6000fd5c33] -> nt!IofCallDriver -> [0xfffffa80060c9930]
19:24:29.972 5 acpi.sys[fffffa60008fcfde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80060cd940]
19:24:31.751 AVAST engine scan C:\Windows
19:24:34.340 AVAST engine scan C:\Windows\system32
19:30:13.673 AVAST engine scan C:\Windows\system32\drivers
19:30:33.943 AVAST engine scan C:\Users\kissaboo
19:33:34.610 Disk 0 MBR has been saved successfully to "C:\Users\kissaboo\Documents\MBR.dat"
19:33:34.615 The log file has been saved successfully to "C:\Users\kissaboo\Documents\aswMBR.txt"


Waiting ESET scan to finish

#4 BellaLeonessa

BellaLeonessa
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 01 July 2012 - 08:18 PM

Nothing came up for the ESET scan.

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:27 AM

Posted 01 July 2012 - 08:22 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

On which browser do you face redirects?

#6 BellaLeonessa

BellaLeonessa
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 01 July 2012 - 08:30 PM

I've downloaded Malwarebytes it found nothing because I've used it on my PC before. Is there a way I can delete it from my registry or something as to where it runs as if it was never on my computer so t will find infections?

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:27 AM

Posted 01 July 2012 - 08:32 PM

If you have run the updated one ignore malwarebytes

Run mini toolbox alone also let me know On which browser do you face redirects?

Edited by narenxp, 01 July 2012 - 08:33 PM.


#8 Shere Ali

Shere Ali

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 02 July 2012 - 08:57 AM

I saw many free antivirus in this site ,but I can not take decision that which free antivirus is better for my laptop (Asus serial A43E)? Please help http://www.free-antivirus.co/antivirus/avira-free.html

#9 BellaLeonessa

BellaLeonessa
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 02 July 2012 - 10:29 AM

It happens on Internet Explorer

#10 BellaLeonessa

BellaLeonessa
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 02 July 2012 - 11:05 AM

Mini ToolBox log:

MiniToolBox by Farbar Version: 25-06-2012
Ran by kissaboo (administrator) on 02-07-2012 at 12:04:08
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : kissaboo-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-24-E8-03-E8-88
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d9af:6b3d:c1ba:bc4d%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, June 30, 2012 5:00:18 PM
Lease Expires . . . . . . . . . . : Monday, July 09, 2012 8:04:39 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 251667688
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-B1-07-57-00-24-E8-03-E8-88
DNS Servers . . . . . . . . . . . : 65.32.5.111
65.32.5.112
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{3D8CE7F4-3DF3-4E44-82B9-1CA6EE11F528}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:18a8:1797:3f57:fff5(Preferred)
Link-local IPv6 Address . . . . . : fe80::18a8:1797:3f57:fff5%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: google.com
Addresses: 2001:4860:800a::65
173.194.37.64
173.194.37.65
173.194.37.66
173.194.37.67
173.194.37.68
173.194.37.69
173.194.37.70
173.194.37.71
173.194.37.72
173.194.37.73
173.194.37.78



Pinging google.com [173.194.37.66] with 32 bytes of data:

Reply from 173.194.37.66: bytes=32 time=38ms TTL=52

Reply from 173.194.37.66: bytes=32 time=41ms TTL=52



Ping statistics for 173.194.37.66:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 38ms, Maximum = 41ms, Average = 39ms

Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=35ms TTL=52

Reply from 209.191.122.70: bytes=32 time=35ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 35ms, Maximum = 35ms, Average = 35ms

Server: dns-redir-lb-01.tampabay.rr.com
Address: 65.32.5.111

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 24 e8 03 e8 88 ...... Realtek PCIe FE Family Controller
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.{3D8CE7F4-3DF3-4E44-82B9-1CA6EE11F528}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.10 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.10 276
192.168.0.10 255.255.255.255 On-link 192.168.0.10 276
192.168.0.255 255.255.255.255 On-link 192.168.0.10 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.10 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.10 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:5ef5:79fd:18a8:1797:3f57:fff5/128
On-link
11 276 fe80::/64 On-link
10 266 fe80::/64 On-link
10 266 fe80::18a8:1797:3f57:fff5/128
On-link
11 276 fe80::d9af:6b3d:c1ba:bc4d/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/01/2012 07:34:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/01/2012 07:34:22 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (06/30/2012 05:01:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 07:54:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 06:13:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 04:54:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 03:02:53 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Descripton = Configured Microsoft Office Professional 2010; Hr = 0x8007043c).

Error: (06/24/2012 03:02:50 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Descripton = Configured Microsoft Office Professional 2010; Hr = 0x8007043c).

Error: (06/24/2012 02:58:55 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Descripton = Configured Microsoft Office Professional 2010; Hr = 0x8007043c).

Error: (06/24/2012 02:58:50 PM) (Source: System Restore) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -Embedding; Descripton = Configured Microsoft Office Professional 2010; Hr = 0x8007043c).


System errors:
=============
Error: (06/30/2012 05:01:45 PM) (Source: Service Control Manager) (User: )
Description: tljkva

Error: (06/30/2012 05:00:16 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:45:37 PM on 6/30/2012 was unexpected.

Error: (06/30/2012 02:01:07 PM) (Source: DCOM) (User: kissaboo-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}kissaboo-PCkissabooS-1-5-21-4003450189-3407766541-3014810002-1000LocalHost (Using LRPC)

Error: (06/27/2012 10:52:32 PM) (Source: Print) (User: kissaboo-PC)
Description: The document Microsoft Word - REL_1240_NEW_TESTAMENT_SUM_12, owned by kissaboo, failed to print on printer Canon iP2700 series. Try to print the document again, or restart the print spooler.
Data type: NT EMF 1.008. Size of the spool file in bytes: 264168. Number of bytes printed: 62984. Total number of pages in the document: 7. Number of pages printed: 0. Client computer: \\KISSABOO-PC. Win32 error code returned by the print processor: Microsoft Word - REL_1240_NEW_TESTAMENT_SUM_120. Microsoft Word - REL_1240_NEW_TESTAMENT_SUM_121

Error: (06/27/2012 08:59:27 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (06/26/2012 05:23:31 PM) (Source: Service Control Manager) (User: )
Description: 30000AntiVirSchedulerService

Error: (06/26/2012 09:05:21 AM) (Source: VDS Dynamic Provider) (User: )
Description: The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505

Error: (06/25/2012 06:35:44 PM) (Source: Service Control Manager) (User: )
Description: 30000AntiVirSchedulerService

Error: (06/24/2012 07:54:39 PM) (Source: Service Control Manager) (User: )
Description: tljkva

Error: (06/24/2012 07:53:39 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 7:51:21 PM on 6/24/2012 was unexpected.


Microsoft Office Sessions:
=========================
Error: (07/01/2012 07:34:28 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\kissaboo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GD53KH4C\esetsmartinstaller_enu.exe

Error: (07/01/2012 07:34:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\kissaboo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GD53KH4C\esetsmartinstaller_enu.exe

Error: (06/30/2012 05:01:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 07:54:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 06:13:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 04:54:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/24/2012 03:02:53 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional 20100x8007043c

Error: (06/24/2012 03:02:50 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional 20100x8007043c

Error: (06/24/2012 02:58:55 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional 20100x8007043c

Error: (06/24/2012 02:58:50 PM) (Source: System Restore)(User: )
Description: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional 20100x8007043c


=========================== Installed Programs ============================

aioprnt (Version: 5.3.1.0)
Akamai NetSession Interface
Ask Toolbar Updater (Version: 1.2.1.22229)
Canon iP2700 series Printer Driver
Conexant D850 PCI V.92 Modem (Version: 7.74.00)
Dell Dock (Version: 1.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Kodak AIO Printer (Version: 7.3.4.0)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Modem Diagnostic Tool (Version: 1.0.24.0)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Yahoo! BrowserPlus 2.9.8

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 6132.27 MB
Available physical RAM: 4152.85 MB
Total Pagefile: 12481.56 MB
Available Pagefile: 9470.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.64 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:683.95 GB) (Free:542.73 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.1 GB) NTFS
3 Drive e: (OFFICE14) (CDROM) (Total:2.35 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\KISSABOO-PC

Administrator Guest kissaboo


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:27 AM

Posted 02 July 2012 - 11:42 AM

Reset internet explorer using this guide

http://support.microsoft.com/kb/923737

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

copy the contents of text file and paste it here

#12 BellaLeonessa

BellaLeonessa
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 02 July 2012 - 01:45 PM

Autorun log:

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "EKIJ5000StatusMonitor" "Status Monitor for KODAK AiO Printer (64-Bit AMD Athlon™/Opteron™ Build)" "Eastman Kodak Company" "c:\windows\system32\spool\drivers\x64\3\ekij5000mui.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe"
+ "Skytel" "" "" "File not found: C:\Program Files\Realtek\Audio\HDA\Skytel.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "ApnUpdater" "Ask Updater" "Ask" "c:\program files (x86)\ask.com\updater\updater.exe"
+ "Autorun Eater" "" "" "File not found: C:\Program Files (x86)\Autorun Eater\oldmcdonald.exe"
+ "avgnt" "Avira System Tray Tool" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avgnt.exe"
+ "EKIJ5000StatusMonitor" "" "" "c:\windows\syswow64\spool\drivers\x64\3\ekij5000mui.exe"
+ "PDVDDXSrv" "CyberLink PowerDVD Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\update\realsched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Digital Line Detect.lnk" "Digital Line Detection" "Avanquest Software " "c:\program files (x86)\digital line detect\dlg.exe"
"C:\Users\kissaboo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Dell Dock.lnk" "Dell Dock" "Stardock Corporation" "c:\program files\dell\delldock\delldock.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Akamai NetSession Interface" "Akamai NetSession Client" "Akamai Technologies, Inc" "c:\users\kissaboo\appdata\local\akamai\netsession_win.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files (x86)\windows live\messenger\msnmsgr.exe"
+ "Sidebar" "Windows Sidebar" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe"
+ "WMPNSCFG" "" "" "File not found: C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Shell Extension for Malware scanning" "Avira Shell Extension Library 64-bit" "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\shlext64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Ask Toolbar" "Ask Toolbar" "Ask" "c:\program files (x86)\ask.com\genericasktoolbar.dll"
+ "MediaBar" "" "" "File not found: C:\PROGRA~2\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll"
"Task Scheduler" "" "" ""
+ "\Kodak AiO Scheduled Maintenance" "KODAK Statistics" "Eastman Kodak Company" "c:\program files (x86)\kodak\aio\center\kodak.statistics.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
+ "\RealUpgradeLogonTaskS-1-5-21-4003450189-3407766541-3014810002-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\RealUpgradeScheduledTaskS-1-5-21-4003450189-3407766541-3014810002-1000" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files (x86)\real\realupgrade\realupgrade.exe"
+ "\Scheduled Update for Ask Toolbar" "" "" "c:\program files (x86)\ask.com\updatetask.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AERTFilters" "Andrea filters APO access service (64-bit)" "Andrea Electronics Corporation" "c:\program files\realtek\audio\hda\aertsr64.exe"
+ "AntiVirSchedulerService" "Service to schedule Avira Free Antivirus jobs and updates." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the Avira search engine." "Avira Operations GmbH & Co. KG" "c:\program files (x86)\avira\antivir desktop\avguard.exe"
+ "DockLoginService" "Dock Login Service" "Stardock Corporation" "c:\program files\dell\delldock\docklogin.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files (x86)\google\common\google updater\googleupdaterservice.exe"
+ "Kodak AiO Network Discovery Service" "Kodak mDNS Network Discovery Service" "Eastman Kodak Company" "c:\program files (x86)\kodak\aio\center\ekaiohostservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly." "Microsoft Corporation" "c:\program files (x86)\microsoft\search enhancement pack\seaport\seaport.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files (x86)\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakerphone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "adfs" "Adobe Drive File System Driver" "Adobe Systems, Inc." "c:\windows\system32\drivers\adfs.sys"
+ "aswMBR" "" "" "File not found: C:\Users\kissaboo\AppData\Local\Temp\aswMBR.sys"
+ "avgntflt" "Avira mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira Security Enhancement Driver" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "avkmgr" "Avira Manager Driver" "Avira GmbH" "c:\windows\system32\drivers\avkmgr.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "CAXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\caxhwbs2.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032e.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g6032e.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_dpv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "mdmxsdk" "Diagnostic Interface x64 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb_amd64.sys"
+ "RTL8169" "Realtek 8136/8168/8169 NDIS6 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rtlh64.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "tljkva" "" "" "File not found: C:\Windows\System32\Drivers\tljkva.sys"
+ "usbbus" "" "" "File not found: system32\DRIVERS\lgx64bus.sys"
+ "UsbDiag" "LGE CDMA USB Serial Port" "" "File not found: system32\DRIVERS\lgx64diag.sys"
+ "USBModem" "LGE CDMA Modem Support" "" "File not found: system32\DRIVERS\lgx64modem.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\cax_cnxt.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudspa.ax"
+ "CyberLink Audio Wizard" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files (x86)\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor iP2700 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlma4.dll"
+ "KODAK EASYSHARE All-in-One Printer" "Language Monitor for KODAK AiO Printer (64-Bit AMD Athlon™/Opteron™ Build)" "Eastman Kodak Company" "c:\windows\system32\ekij5000mon.dll"
"C:\Users\kissaboo\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml"

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:27 AM

Posted 02 July 2012 - 09:07 PM

Do you still get redirected?

Uninstall Ask toolbar from add or remove programs

#14 BellaLeonessa

BellaLeonessa
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:01:27 AM

Posted 04 July 2012 - 07:01 PM

It happens very randomly. Is there a scanner I can use to make sure I'm not infected with anything?

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:27 AM

Posted 04 July 2012 - 07:22 PM

Read the guide here on preparing logs

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users