Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Stubborn Nginx virus


  • Please log in to reply
15 replies to this topic

#1 Tikoxi

Tikoxi

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 10 July 2012 - 04:58 PM

From what I have found so far, the typical fix for a Nginx redirect problem is to locate and shut down X, Y and Z processess and find and deleted yada yada yada files I'm sure you know more about it than I do. My problem comes from the fact that after following all instructions, these named processes and files don't actually exist on this computer. I can't find them by search or by hand, and every fix I've found so far involves their removal. Just where am I supposed go from here?

ANYTHING is appreciated at this point. This is a brand new computer, infected within the hour. I really can't afford to have this happen right now ;-;

Running Windows 7 for an OS.

Addendum: This prblem seems to be exclusive to IE. I downloaded firefox and I can access google.com without any trouble at all. But I still get the redirect in Explorer. Every time, all the time, to the same 'Welcome to Nginx' page. If this is significant or not, I don't know.

Edited by Tikoxi, 10 July 2012 - 06:46 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:36 PM

Posted 10 July 2012 - 07:36 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Tikoxi

Tikoxi
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 10 July 2012 - 08:26 PM

Holy crap it took a long time, but here's the logs.

19:40:55.0462 6476 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
19:40:55.0782 6476 ============================================================
19:40:55.0782 6476 Current date / time: 2012/07/10 19:40:55.0782
19:40:55.0782 6476 SystemInfo:
19:40:55.0782 6476
19:40:55.0782 6476 OS Version: 6.1.7601 ServicePack: 1.0
19:40:55.0782 6476 Product type: Workstation
19:40:55.0782 6476 ComputerName: TIKO-PC
19:40:55.0782 6476 UserName: Tiko
19:40:55.0782 6476 Windows directory: C:\Windows
19:40:55.0782 6476 System windows directory: C:\Windows
19:40:55.0782 6476 Running under WOW64
19:40:55.0782 6476 Processor architecture: Intel x64
19:40:55.0782 6476 Number of processors: 4
19:40:55.0782 6476 Page size: 0x1000
19:40:55.0782 6476 Boot type: Normal boot
19:40:55.0782 6476 ============================================================
19:40:56.0502 6476 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:40:56.0502 6476 ============================================================
19:40:56.0512 6476 \Device\Harddisk0\DR0:
19:40:56.0512 6476 MBR partitions:
19:40:56.0512 6476 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1465000
19:40:56.0512 6476 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1479000, BlocksNum 0x38F0C800
19:40:56.0512 6476 ============================================================
19:40:56.0532 6476 C: <-> \Device\Harddisk0\DR0\Partition1
19:40:56.0532 6476 ============================================================
19:40:56.0532 6476 Initialize success
19:40:56.0532 6476 ============================================================
19:41:16.0590 6452 ============================================================
19:41:16.0590 6452 Scan started
19:41:16.0590 6452 Mode: Manual; TDLFS;
19:41:16.0590 6452 ============================================================
19:41:16.0902 6452 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:41:16.0917 6452 1394ohci - ok
19:41:16.0949 6452 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:41:16.0964 6452 ACPI - ok
19:41:16.0964 6452 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:41:16.0964 6452 AcpiPmi - ok
19:41:17.0073 6452 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:41:17.0073 6452 AdobeFlashPlayerUpdateSvc - ok
19:41:17.0120 6452 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:41:17.0136 6452 adp94xx - ok
19:41:17.0183 6452 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:41:17.0183 6452 adpahci - ok
19:41:17.0198 6452 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:41:17.0198 6452 adpu320 - ok
19:41:17.0245 6452 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:41:17.0245 6452 AeLookupSvc - ok
19:41:17.0307 6452 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:41:17.0307 6452 AFD - ok
19:41:17.0339 6452 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:41:17.0339 6452 agp440 - ok
19:41:17.0370 6452 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:41:17.0370 6452 ALG - ok
19:41:17.0417 6452 AlienFusionService (c9e3d784ea59842541860cb2cbe45364) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
19:41:17.0417 6452 AlienFusionService - ok
19:41:17.0417 6452 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:41:17.0417 6452 aliide - ok
19:41:17.0417 6452 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:41:17.0417 6452 amdide - ok
19:41:17.0432 6452 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:41:17.0432 6452 AmdK8 - ok
19:41:17.0432 6452 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:41:17.0432 6452 AmdPPM - ok
19:41:17.0463 6452 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:41:17.0463 6452 amdsata - ok
19:41:17.0479 6452 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:41:17.0479 6452 amdsbs - ok
19:41:17.0495 6452 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:41:17.0495 6452 amdxata - ok
19:41:17.0557 6452 AMPPAL (157b1c973637919dcd0d0464167c86ba) C:\Windows\system32\DRIVERS\AMPPAL.sys
19:41:17.0557 6452 AMPPAL - ok
19:41:17.0557 6452 AMPPALP (157b1c973637919dcd0d0464167c86ba) C:\Windows\system32\DRIVERS\amppal.sys
19:41:17.0573 6452 AMPPALP - ok
19:41:17.0666 6452 AMPPALR3 (fb70f8c1283c8cc6bfaa6f9971107e68) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:41:17.0666 6452 AMPPALR3 - ok
19:41:17.0682 6452 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:41:17.0682 6452 AppID - ok
19:41:17.0713 6452 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:41:17.0713 6452 AppIDSvc - ok
19:41:17.0729 6452 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:41:17.0729 6452 Appinfo - ok
19:41:17.0729 6452 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:41:17.0729 6452 arc - ok
19:41:17.0760 6452 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:41:17.0807 6452 arcsas - ok
19:41:17.0900 6452 aspnet_state - ok
19:41:17.0931 6452 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:41:17.0931 6452 AsyncMac - ok
19:41:17.0963 6452 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:41:17.0963 6452 atapi - ok
19:41:18.0009 6452 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:41:18.0025 6452 AudioEndpointBuilder - ok
19:41:18.0041 6452 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:41:18.0041 6452 AudioSrv - ok
19:41:18.0087 6452 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:41:18.0103 6452 AxInstSV - ok
19:41:18.0134 6452 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:41:18.0150 6452 b06bdrv - ok
19:41:18.0212 6452 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:41:18.0212 6452 b57nd60a - ok
19:41:18.0275 6452 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:41:18.0275 6452 BDESVC - ok
19:41:18.0321 6452 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:41:18.0321 6452 Beep - ok
19:41:18.0399 6452 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:41:18.0446 6452 BFE - ok
19:41:18.0509 6452 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:41:18.0524 6452 BITS - ok
19:41:18.0555 6452 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:41:18.0555 6452 blbdrive - ok
19:41:18.0680 6452 Bluetooth Device Monitor (a52ea1d8c2900055323c93ddb252a3da) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:41:18.0696 6452 Bluetooth Device Monitor - ok
19:41:18.0758 6452 Bluetooth Media Service (091210450ca7ced08f360d9d7fec5d11) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
19:41:18.0774 6452 Bluetooth Media Service - ok
19:41:18.0852 6452 Bluetooth OBEX Service (392450754e17ff778cbc5b9d20583ad1) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:41:18.0852 6452 Bluetooth OBEX Service - ok
19:41:18.0961 6452 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:41:18.0961 6452 bowser - ok
19:41:18.0992 6452 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:41:18.0992 6452 BrFiltLo - ok
19:41:18.0992 6452 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:41:18.0992 6452 BrFiltUp - ok
19:41:19.0023 6452 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:41:19.0023 6452 Browser - ok
19:41:19.0039 6452 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:41:19.0055 6452 Brserid - ok
19:41:19.0055 6452 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:41:19.0055 6452 BrSerWdm - ok
19:41:19.0070 6452 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:41:19.0070 6452 BrUsbMdm - ok
19:41:19.0070 6452 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:41:19.0070 6452 BrUsbSer - ok
19:41:19.0117 6452 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
19:41:19.0117 6452 BthEnum - ok
19:41:19.0148 6452 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:41:19.0148 6452 BTHMODEM - ok
19:41:19.0164 6452 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:41:19.0164 6452 BthPan - ok
19:41:19.0226 6452 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
19:41:19.0226 6452 BTHPORT - ok
19:41:19.0242 6452 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:41:19.0257 6452 bthserv - ok
19:41:19.0335 6452 BTHSSecurityMgr (fa2d081709a764f6bee16b7ffe03e36c) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:41:19.0335 6452 BTHSSecurityMgr - ok
19:41:19.0351 6452 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
19:41:19.0351 6452 BTHUSB - ok
19:41:19.0398 6452 btmaux (988cc6cc49303665d3b2435c51505c3f) C:\Windows\system32\DRIVERS\btmaux.sys
19:41:19.0398 6452 btmaux - ok
19:41:19.0445 6452 btmhsf (2b4b508afac2a563931af1fe875a5b16) C:\Windows\system32\DRIVERS\btmhsf.sys
19:41:19.0460 6452 btmhsf - ok
19:41:19.0476 6452 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:41:19.0476 6452 cdfs - ok
19:41:19.0523 6452 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:41:19.0523 6452 cdrom - ok
19:41:19.0554 6452 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:41:19.0569 6452 CertPropSvc - ok
19:41:19.0585 6452 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:41:19.0585 6452 circlass - ok
19:41:19.0616 6452 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:41:19.0632 6452 CLFS - ok
19:41:19.0704 6452 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:41:19.0714 6452 clr_optimization_v2.0.50727_32 - ok
19:41:19.0794 6452 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:41:19.0794 6452 clr_optimization_v2.0.50727_64 - ok
19:41:19.0854 6452 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:41:19.0864 6452 clr_optimization_v4.0.30319_32 - ok
19:41:19.0884 6452 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:41:19.0884 6452 clr_optimization_v4.0.30319_64 - ok
19:41:19.0894 6452 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:41:19.0904 6452 CmBatt - ok
19:41:19.0904 6452 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:41:19.0904 6452 cmdide - ok
19:41:19.0954 6452 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:41:19.0964 6452 CNG - ok
19:41:19.0994 6452 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:41:19.0994 6452 Compbatt - ok
19:41:20.0034 6452 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:41:20.0034 6452 CompositeBus - ok
19:41:20.0034 6452 COMSysApp - ok
19:41:20.0114 6452 cphs (8dc7a9384634a98897838c7e7e1f1a09) C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:41:20.0124 6452 cphs - ok
19:41:20.0174 6452 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:41:20.0174 6452 crcdisk - ok
19:41:20.0244 6452 Creative ALchemy AL6 Licensing Service (c8bd651e13895b93ed9ec5b4f1df42bc) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
19:41:20.0244 6452 Creative ALchemy AL6 Licensing Service - ok
19:41:20.0284 6452 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
19:41:20.0294 6452 Creative Audio Engine Licensing Service - ok
19:41:20.0344 6452 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:41:20.0344 6452 CryptSvc - ok
19:41:20.0414 6452 CTAudSvcService (edba1382e5d7d1e71442b43e170cf8d4) c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
19:41:20.0424 6452 CTAudSvcService - ok
19:41:20.0504 6452 CtClsFlt (bc3d4f90978cd7c8eabd1baf3bf7873a) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:41:20.0514 6452 CtClsFlt - ok
19:41:20.0604 6452 cthda (210486a236b236b0c5b159c6bc414776) C:\Windows\system32\drivers\cthda.sys
19:41:20.0644 6452 cthda - ok
19:41:20.0684 6452 CtHdaSvc (d494394738c8f44eb4e5765b797cc75b) C:\Windows\sysWow64\CtHdaSvc.exe
19:41:20.0694 6452 CtHdaSvc - ok
19:41:20.0784 6452 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:41:20.0814 6452 DcomLaunch - ok
19:41:20.0894 6452 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:41:20.0924 6452 defragsvc - ok
19:41:20.0954 6452 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:41:20.0954 6452 DfsC - ok
19:41:20.0994 6452 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:41:20.0994 6452 Dhcp - ok
19:41:21.0024 6452 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:41:21.0024 6452 discache - ok
19:41:21.0074 6452 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:41:21.0084 6452 Disk - ok
19:41:21.0114 6452 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:41:21.0124 6452 Dnscache - ok
19:41:21.0144 6452 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:41:21.0164 6452 dot3svc - ok
19:41:21.0184 6452 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:41:21.0184 6452 DPS - ok
19:41:21.0214 6452 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:41:21.0214 6452 drmkaud - ok
19:41:21.0284 6452 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:41:21.0294 6452 DXGKrnl - ok
19:41:21.0314 6452 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:41:21.0314 6452 EapHost - ok
19:41:21.0474 6452 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:41:21.0534 6452 ebdrv - ok
19:41:21.0614 6452 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:41:21.0614 6452 EFS - ok
19:41:21.0684 6452 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:41:21.0694 6452 ehRecvr - ok
19:41:21.0724 6452 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:41:21.0724 6452 ehSched - ok
19:41:21.0784 6452 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:41:21.0794 6452 elxstor - ok
19:41:21.0824 6452 EMSC (e47d9d7e6e53892fc97282482f4ae307) C:\Windows\system32\DRIVERS\EMSC.SYS
19:41:21.0824 6452 EMSC - ok
19:41:21.0824 6452 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:41:21.0824 6452 ErrDev - ok
19:41:21.0914 6452 esgiguard - ok
19:41:21.0964 6452 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:41:21.0974 6452 EventSystem - ok
19:41:22.0084 6452 EvtEng (23d401a43daded10a153b9f3a7e66c91) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:41:22.0094 6452 EvtEng - ok
19:41:22.0114 6452 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:41:22.0124 6452 exfat - ok
19:41:22.0154 6452 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:41:22.0164 6452 fastfat - ok
19:41:22.0234 6452 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:41:22.0244 6452 Fax - ok
19:41:22.0254 6452 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:41:22.0254 6452 fdc - ok
19:41:22.0274 6452 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:41:22.0274 6452 fdPHost - ok
19:41:22.0284 6452 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:41:22.0284 6452 FDResPub - ok
19:41:22.0304 6452 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:41:22.0304 6452 FileInfo - ok
19:41:22.0304 6452 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:41:22.0304 6452 Filetrace - ok
19:41:22.0304 6452 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:41:22.0304 6452 flpydisk - ok
19:41:22.0334 6452 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:41:22.0344 6452 FltMgr - ok
19:41:22.0414 6452 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:41:22.0424 6452 FontCache - ok
19:41:22.0494 6452 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:41:22.0494 6452 FontCache3.0.0.0 - ok
19:41:22.0524 6452 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:41:22.0524 6452 FsDepends - ok
19:41:22.0554 6452 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:41:22.0554 6452 Fs_Rec - ok
19:41:22.0594 6452 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:41:22.0594 6452 fvevol - ok
19:41:22.0614 6452 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:41:22.0614 6452 gagp30kx - ok
19:41:22.0684 6452 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:41:22.0694 6452 gpsvc - ok
19:41:22.0714 6452 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:41:22.0714 6452 hcw85cir - ok
19:41:22.0764 6452 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:41:22.0774 6452 HdAudAddService - ok
19:41:22.0814 6452 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:41:22.0814 6452 HDAudBus - ok
19:41:22.0814 6452 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:41:22.0814 6452 HidBatt - ok
19:41:22.0824 6452 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:41:22.0824 6452 HidBth - ok
19:41:22.0834 6452 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:41:22.0834 6452 HidIr - ok
19:41:22.0844 6452 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:41:22.0844 6452 hidserv - ok
19:41:22.0894 6452 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:41:22.0894 6452 HidUsb - ok
19:41:22.0924 6452 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:41:22.0934 6452 hkmsvc - ok
19:41:22.0964 6452 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:41:22.0974 6452 HomeGroupListener - ok
19:41:23.0004 6452 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:41:23.0014 6452 HomeGroupProvider - ok
19:41:23.0044 6452 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:41:23.0044 6452 HpSAMD - ok
19:41:23.0104 6452 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:41:23.0114 6452 HTTP - ok
19:41:23.0134 6452 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:41:23.0134 6452 hwpolicy - ok
19:41:23.0194 6452 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:41:23.0194 6452 i8042prt - ok
19:41:23.0234 6452 iaStor (c224331a54571c8c9162f7714400bbbd) C:\Windows\system32\drivers\iaStor.sys
19:41:23.0234 6452 iaStor - ok
19:41:23.0314 6452 IAStorDataMgrSvc (7d4b9a48430ed57aca6373b71d5904ca) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:41:23.0314 6452 IAStorDataMgrSvc - ok
19:41:23.0354 6452 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:41:23.0384 6452 iaStorV - ok
19:41:23.0424 6452 ibtfltcoex (60cc7ae9aedb4d1e7923bd053b176d97) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:41:23.0424 6452 ibtfltcoex - ok
19:41:23.0474 6452 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:41:23.0474 6452 IDriverT - ok
19:41:23.0584 6452 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:41:23.0604 6452 idsvc - ok
19:41:24.0234 6452 igfx (276ee9cdab16c50e1df0e4cefa882f5f) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:41:24.0424 6452 igfx - ok
19:41:24.0524 6452 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:41:24.0524 6452 iirsp - ok
19:41:24.0594 6452 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:41:24.0604 6452 IKEEXT - ok
19:41:24.0654 6452 intaud_WaveExtensible (caddf0927dac63edae48f5c35a61d87d) C:\Windows\system32\drivers\intelaud.sys
19:41:24.0654 6452 intaud_WaveExtensible - ok
19:41:24.0714 6452 IntcDAud (6c9fffeca9fed31347d211c5d1ffbd2d) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:41:24.0724 6452 IntcDAud - ok
19:41:24.0824 6452 Intel® Capability Licensing Service Interface (7c76466f4e0f76ce259c6005d161e9e8) c:\Program Files\Intel\iCLS Client\HeciServer.exe
19:41:24.0834 6452 Intel® Capability Licensing Service Interface - ok
19:41:24.0884 6452 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:41:24.0884 6452 intelide - ok
19:41:24.0914 6452 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:41:24.0914 6452 intelppm - ok
19:41:24.0944 6452 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:41:24.0944 6452 IPBusEnum - ok
19:41:24.0954 6452 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:41:24.0954 6452 IpFilterDriver - ok
19:41:25.0024 6452 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:41:25.0034 6452 iphlpsvc - ok
19:41:25.0044 6452 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:41:25.0044 6452 IPMIDRV - ok
19:41:25.0054 6452 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:41:25.0064 6452 IPNAT - ok
19:41:25.0074 6452 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:41:25.0074 6452 IRENUM - ok
19:41:25.0084 6452 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:41:25.0084 6452 isapnp - ok
19:41:25.0114 6452 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:41:25.0134 6452 iScsiPrt - ok
19:41:25.0144 6452 iusb3hcs (6bcef45131c8b8e1c558be540b190b3c) C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:41:25.0154 6452 iusb3hcs - ok
19:41:25.0184 6452 iusb3hub (f080eada8715f811b58bd35bb774f2f9) C:\Windows\system32\DRIVERS\iusb3hub.sys
19:41:25.0194 6452 iusb3hub - ok
19:41:25.0234 6452 iusb3xhc (0f1756d9396740f053221fa6260fce66) C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:41:25.0244 6452 iusb3xhc - ok
19:41:25.0294 6452 iwdbus (716f66336f10885d935b08174dc54242) C:\Windows\system32\DRIVERS\iwdbus.sys
19:41:25.0294 6452 iwdbus - ok
19:41:25.0364 6452 jhi_service (d22982c269775bcbdda8a0f82a9ade9e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:41:25.0364 6452 jhi_service - ok
19:41:25.0404 6452 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:41:25.0404 6452 kbdclass - ok
19:41:25.0414 6452 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:41:25.0414 6452 kbdhid - ok
19:41:25.0444 6452 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:25.0444 6452 KeyIso - ok
19:41:25.0454 6452 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:41:25.0454 6452 KSecDD - ok
19:41:25.0474 6452 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:41:25.0484 6452 KSecPkg - ok
19:41:25.0494 6452 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:41:25.0494 6452 ksthunk - ok
19:41:25.0534 6452 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:41:25.0544 6452 KtmRm - ok
19:41:25.0584 6452 L1C (fc010c7814ddac17389a7d87ea2ebb39) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:41:25.0594 6452 L1C - ok
19:41:25.0624 6452 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:41:25.0644 6452 LanmanServer - ok
19:41:25.0654 6452 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:41:25.0664 6452 LanmanWorkstation - ok
19:41:25.0714 6452 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:41:25.0714 6452 lltdio - ok
19:41:25.0754 6452 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:41:25.0764 6452 lltdsvc - ok
19:41:25.0774 6452 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:41:25.0774 6452 lmhosts - ok
19:41:25.0874 6452 LMS (5c08357c65f658e29b5ddc2ef18d575c) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:41:25.0894 6452 LMS - ok
19:41:25.0934 6452 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:41:25.0934 6452 LSI_FC - ok
19:41:25.0944 6452 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:41:25.0944 6452 LSI_SAS - ok
19:41:25.0944 6452 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:41:25.0944 6452 LSI_SAS2 - ok
19:41:25.0954 6452 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:41:25.0954 6452 LSI_SCSI - ok
19:41:25.0974 6452 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:41:25.0974 6452 luafv - ok
19:41:26.0004 6452 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:41:26.0004 6452 Mcx2Svc - ok
19:41:26.0004 6452 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:41:26.0004 6452 megasas - ok
19:41:26.0034 6452 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:41:26.0044 6452 MegaSR - ok
19:41:26.0104 6452 MEIx64 (6b01b7414a105b9e51652089a03027cf) C:\Windows\system32\DRIVERS\HECIx64.sys
19:41:26.0104 6452 MEIx64 - ok
19:41:26.0154 6452 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:41:26.0154 6452 MMCSS - ok
19:41:26.0174 6452 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:41:26.0174 6452 Modem - ok
19:41:26.0224 6452 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:41:26.0224 6452 monitor - ok
19:41:26.0254 6452 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:41:26.0254 6452 mouclass - ok
19:41:26.0264 6452 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:41:26.0264 6452 mouhid - ok
19:41:26.0294 6452 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:41:26.0294 6452 mountmgr - ok
19:41:26.0384 6452 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:41:26.0394 6452 MozillaMaintenance - ok
19:41:26.0414 6452 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:41:26.0414 6452 MpFilter - ok
19:41:26.0424 6452 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:41:26.0424 6452 mpio - ok
19:41:26.0454 6452 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:41:26.0454 6452 mpsdrv - ok
19:41:26.0504 6452 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:41:26.0514 6452 MpsSvc - ok
19:41:26.0524 6452 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:41:26.0534 6452 MRxDAV - ok
19:41:26.0554 6452 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:41:26.0554 6452 mrxsmb - ok
19:41:26.0574 6452 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:41:26.0584 6452 mrxsmb10 - ok
19:41:26.0604 6452 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:41:26.0604 6452 mrxsmb20 - ok
19:41:26.0624 6452 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:41:26.0624 6452 msahci - ok
19:41:26.0634 6452 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:41:26.0634 6452 msdsm - ok
19:41:26.0664 6452 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:41:26.0664 6452 MSDTC - ok
19:41:26.0674 6452 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:41:26.0674 6452 Msfs - ok
19:41:26.0694 6452 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:41:26.0694 6452 mshidkmdf - ok
19:41:26.0704 6452 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:41:26.0704 6452 msisadrv - ok
19:41:26.0734 6452 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:41:26.0734 6452 MSiSCSI - ok
19:41:26.0734 6452 msiserver - ok
19:41:26.0764 6452 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:41:26.0764 6452 MSKSSRV - ok
19:41:26.0884 6452 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:41:26.0884 6452 MsMpSvc - ok
19:41:26.0904 6452 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:41:26.0904 6452 MSPCLOCK - ok
19:41:26.0934 6452 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:41:26.0934 6452 MSPQM - ok
19:41:26.0974 6452 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:41:27.0004 6452 MsRPC - ok
19:41:27.0054 6452 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:41:27.0054 6452 mssmbios - ok
19:41:27.0064 6452 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:41:27.0064 6452 MSTEE - ok
19:41:27.0064 6452 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:41:27.0074 6452 MTConfig - ok
19:41:27.0154 6452 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:41:27.0154 6452 Mup - ok
19:41:27.0244 6452 MyWiFiDHCPDNS (48c9ba25eda90e3db07adac8cd32f5f3) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:41:27.0244 6452 MyWiFiDHCPDNS - ok
19:41:27.0324 6452 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:41:27.0334 6452 napagent - ok
19:41:27.0394 6452 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:41:27.0404 6452 NativeWifiP - ok
19:41:27.0464 6452 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
19:41:27.0474 6452 NDIS - ok
19:41:27.0494 6452 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:41:27.0494 6452 NdisCap - ok
19:41:27.0524 6452 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:41:27.0524 6452 NdisTapi - ok
19:41:27.0534 6452 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:41:27.0534 6452 Ndisuio - ok
19:41:27.0554 6452 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:41:27.0554 6452 NdisWan - ok
19:41:27.0564 6452 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:41:27.0564 6452 NDProxy - ok
19:41:27.0604 6452 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:41:27.0604 6452 NetBIOS - ok
19:41:27.0634 6452 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:41:27.0634 6452 NetBT - ok
19:41:27.0644 6452 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:27.0654 6452 Netlogon - ok
19:41:27.0744 6452 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:41:27.0754 6452 Netman - ok
19:41:27.0834 6452 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:27.0834 6452 NetMsmqActivator - ok
19:41:27.0844 6452 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:27.0844 6452 NetPipeActivator - ok
19:41:27.0874 6452 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:41:27.0874 6452 netprofm - ok
19:41:27.0874 6452 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:27.0884 6452 NetTcpActivator - ok
19:41:27.0884 6452 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:41:27.0884 6452 NetTcpPortSharing - ok
19:41:28.0374 6452 NETwNs64 (fad6c5610d020534401966cd72a1c306) C:\Windows\system32\DRIVERS\Netwsw00.sys
19:41:28.0564 6452 NETwNs64 - ok
19:41:28.0684 6452 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:41:28.0684 6452 nfrd960 - ok
19:41:28.0734 6452 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:41:28.0734 6452 NisDrv - ok
19:41:28.0874 6452 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:41:28.0904 6452 NisSrv - ok
19:41:28.0974 6452 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:41:28.0994 6452 NlaSvc - ok
19:41:29.0064 6452 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:41:29.0064 6452 Npfs - ok
19:41:29.0074 6452 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:41:29.0084 6452 nsi - ok
19:41:29.0094 6452 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:41:29.0094 6452 nsiproxy - ok
19:41:29.0214 6452 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:41:29.0234 6452 Ntfs - ok
19:41:29.0284 6452 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:41:29.0284 6452 Null - ok
19:41:29.0324 6452 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
19:41:29.0324 6452 NVHDA - ok
19:41:29.0404 6452 nvkflt (095d0eeeda49a1d00f43ec1f05615e5f) C:\Windows\system32\DRIVERS\nvkflt.sys
19:41:29.0414 6452 nvkflt - ok
19:41:30.0044 6452 nvlddmkm (01502a328ae7cf595698a3fd954d18f0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:41:30.0264 6452 nvlddmkm - ok
19:41:30.0324 6452 nvpciflt (1a72b8424c98b6922bfa58ea6f70a445) C:\Windows\system32\DRIVERS\nvpciflt.sys
19:41:30.0324 6452 nvpciflt - ok
19:41:30.0364 6452 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:41:30.0364 6452 nvraid - ok
19:41:30.0404 6452 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:41:30.0404 6452 nvstor - ok
19:41:30.0494 6452 NvStUSB (fcb83807e4954e13924f1dc31eb4ab11) C:\Windows\system32\drivers\nvstusb.sys
19:41:30.0544 6452 NvStUSB - ok
19:41:30.0614 6452 nvsvc (9196496e4edc48ba7c7162d29698bcaa) C:\Windows\system32\nvvsvc.exe
19:41:30.0624 6452 nvsvc - ok
19:41:30.0784 6452 nvUpdatusService (ab56c9bf8b0b830833c2cb6a63947d2f) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:41:30.0864 6452 nvUpdatusService - ok
19:41:30.0934 6452 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:41:30.0934 6452 nv_agp - ok
19:41:30.0944 6452 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:41:30.0944 6452 ohci1394 - ok
19:41:30.0984 6452 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:41:30.0994 6452 p2pimsvc - ok
19:41:31.0054 6452 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:41:31.0104 6452 p2psvc - ok
19:41:31.0124 6452 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:41:31.0124 6452 Parport - ok
19:41:31.0174 6452 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:41:31.0174 6452 partmgr - ok
19:41:31.0204 6452 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:41:31.0214 6452 PcaSvc - ok
19:41:31.0244 6452 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:41:31.0244 6452 pci - ok
19:41:31.0284 6452 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:41:31.0284 6452 pciide - ok
19:41:31.0324 6452 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:41:31.0324 6452 pcmcia - ok
19:41:31.0354 6452 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:41:31.0354 6452 pcw - ok
19:41:31.0394 6452 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:41:31.0404 6452 PEAUTH - ok
19:41:31.0474 6452 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:41:31.0484 6452 PerfHost - ok
19:41:31.0574 6452 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:41:31.0604 6452 pla - ok
19:41:31.0664 6452 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:41:31.0674 6452 PlugPlay - ok
19:41:31.0674 6452 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:41:31.0684 6452 PNRPAutoReg - ok
19:41:31.0724 6452 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:41:31.0724 6452 PNRPsvc - ok
19:41:31.0774 6452 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:41:31.0784 6452 PolicyAgent - ok
19:41:31.0814 6452 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\Windows\system32\umpo.dll
19:41:31.0824 6452 Power - ok
19:41:31.0874 6452 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:41:31.0874 6452 PptpMiniport - ok
19:41:31.0884 6452 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:41:31.0884 6452 Processor - ok
19:41:31.0924 6452 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:41:31.0934 6452 ProfSvc - ok
19:41:31.0954 6452 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:31.0954 6452 ProtectedStorage - ok
19:41:31.0984 6452 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:41:31.0984 6452 Psched - ok
19:41:32.0044 6452 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:41:32.0074 6452 ql2300 - ok
19:41:32.0154 6452 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:41:32.0164 6452 ql40xx - ok
19:41:32.0184 6452 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:41:32.0194 6452 QWAVE - ok
19:41:32.0194 6452 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:41:32.0204 6452 QWAVEdrv - ok
19:41:32.0204 6452 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:41:32.0214 6452 RasAcd - ok
19:41:32.0264 6452 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:41:32.0264 6452 RasAgileVpn - ok
19:41:32.0284 6452 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:41:32.0284 6452 RasAuto - ok
19:41:32.0304 6452 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:41:32.0314 6452 Rasl2tp - ok
19:41:32.0344 6452 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:41:32.0354 6452 RasMan - ok
19:41:32.0384 6452 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:41:32.0394 6452 RasPppoe - ok
19:41:32.0434 6452 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:41:32.0434 6452 RasSstp - ok
19:41:32.0454 6452 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:41:32.0464 6452 rdbss - ok
19:41:32.0474 6452 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:41:32.0484 6452 rdpbus - ok
19:41:32.0494 6452 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:41:32.0494 6452 RDPCDD - ok
19:41:32.0524 6452 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:41:32.0524 6452 RDPENCDD - ok
19:41:32.0534 6452 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:41:32.0534 6452 RDPREFMP - ok
19:41:32.0574 6452 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
19:41:32.0584 6452 RDPWD - ok
19:41:32.0614 6452 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:41:32.0614 6452 rdyboost - ok
19:41:32.0714 6452 RegSrvc (0c2b4c3b10d183be116a38353e937f62) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:41:32.0714 6452 RegSrvc - ok
19:41:32.0734 6452 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:41:32.0734 6452 RemoteAccess - ok
19:41:32.0754 6452 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:41:32.0764 6452 RemoteRegistry - ok
19:41:32.0804 6452 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:41:32.0814 6452 RFCOMM - ok
19:41:32.0854 6452 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:41:32.0854 6452 RpcEptMapper - ok
19:41:32.0874 6452 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:41:32.0884 6452 RpcLocator - ok
19:41:32.0914 6452 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:41:32.0924 6452 RpcSs - ok
19:41:32.0974 6452 RSPCIESTOR (1ea2eda2d6cd253ce3ec3387feaa40ac) C:\Windows\system32\DRIVERS\RtsPStor.sys
19:41:32.0984 6452 RSPCIESTOR - ok
19:41:33.0024 6452 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:41:33.0024 6452 rspndr - ok
19:41:33.0044 6452 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:33.0054 6452 SamSs - ok
19:41:33.0064 6452 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:41:33.0064 6452 sbp2port - ok
19:41:33.0084 6452 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:41:33.0094 6452 SCardSvr - ok
19:41:33.0094 6452 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:41:33.0104 6452 scfilter - ok
19:41:33.0174 6452 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:41:33.0204 6452 Schedule - ok
19:41:33.0264 6452 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:41:33.0264 6452 SCPolicySvc - ok
19:41:33.0284 6452 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:41:33.0294 6452 SDRSVC - ok
19:41:33.0314 6452 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:41:33.0314 6452 secdrv - ok
19:41:33.0334 6452 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:41:33.0334 6452 seclogon - ok
19:41:33.0354 6452 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:41:33.0354 6452 SENS - ok
19:41:33.0394 6452 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:41:33.0404 6452 SensrSvc - ok
19:41:33.0404 6452 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:41:33.0404 6452 Serenum - ok
19:41:33.0434 6452 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:41:33.0434 6452 Serial - ok
19:41:33.0434 6452 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:41:33.0444 6452 sermouse - ok
19:41:33.0454 6452 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:41:33.0464 6452 SessionEnv - ok
19:41:33.0464 6452 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:41:33.0464 6452 sffdisk - ok
19:41:33.0464 6452 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:41:33.0464 6452 sffp_mmc - ok
19:41:33.0474 6452 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:41:33.0474 6452 sffp_sd - ok
19:41:33.0484 6452 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:41:33.0484 6452 sfloppy - ok
19:41:33.0644 6452 SftService (4215c271d6e6898c3f4dabab4f387dc9) C:\Program Files (x86)\AlienRespawn\sftservice.EXE
19:41:33.0664 6452 SftService - ok
19:41:33.0754 6452 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:41:33.0764 6452 SharedAccess - ok
19:41:33.0804 6452 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:41:33.0814 6452 ShellHWDetection - ok
19:41:33.0834 6452 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:41:33.0834 6452 SiSRaid2 - ok
19:41:33.0844 6452 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:41:33.0854 6452 SiSRaid4 - ok
19:41:33.0874 6452 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:41:33.0874 6452 Smb - ok
19:41:33.0904 6452 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:41:33.0904 6452 SNMPTRAP - ok
19:41:33.0914 6452 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:41:33.0914 6452 spldr - ok
19:41:33.0944 6452 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:41:33.0954 6452 Spooler - ok
19:41:34.0114 6452 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:41:34.0174 6452 sppsvc - ok
19:41:34.0224 6452 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:41:34.0224 6452 sppuinotify - ok
19:41:34.0274 6452 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:41:34.0284 6452 srv - ok
19:41:34.0324 6452 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:41:34.0334 6452 srv2 - ok
19:41:34.0354 6452 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:41:34.0364 6452 srvnet - ok
19:41:34.0414 6452 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:41:34.0424 6452 SSDPSRV - ok
19:41:34.0444 6452 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:41:34.0444 6452 SstpSvc - ok
19:41:34.0464 6452 stdcfltn (e4ea2412fb1b8aee33667a9cc6d456a4) C:\Windows\system32\DRIVERS\stdcfltn.sys
19:41:34.0464 6452 stdcfltn - ok
19:41:34.0534 6452 Steam Client Service - ok
19:41:34.0594 6452 Stereo Service (3d3816d395e92f7a3663c76a93157564) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:41:34.0604 6452 Stereo Service - ok
19:41:34.0644 6452 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:41:34.0644 6452 stexstor - ok
19:41:34.0714 6452 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:41:34.0724 6452 stisvc - ok
19:41:34.0744 6452 ST_ACCEL (10d69c83513b50f34032f7f96e40019d) C:\Windows\system32\DRIVERS\ST_ACCEL.sys
19:41:34.0744 6452 ST_ACCEL - ok
19:41:34.0764 6452 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:41:34.0764 6452 swenum - ok
19:41:34.0804 6452 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:41:34.0834 6452 swprv - ok
19:41:34.0904 6452 SynTP (662d9b75d7769c810f76b0c116333607) C:\Windows\system32\DRIVERS\SynTP.sys
19:41:34.0904 6452 SynTP - ok
19:41:35.0004 6452 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:41:35.0044 6452 SysMain - ok
19:41:35.0134 6452 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:41:35.0134 6452 TabletInputService - ok
19:41:35.0174 6452 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:41:35.0184 6452 TapiSrv - ok
19:41:35.0194 6452 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:41:35.0204 6452 TBS - ok
19:41:35.0334 6452 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:41:35.0364 6452 Tcpip - ok
19:41:35.0544 6452 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:41:35.0554 6452 TCPIP6 - ok
19:41:35.0614 6452 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:41:35.0614 6452 tcpipreg - ok
19:41:35.0614 6452 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:41:35.0614 6452 TDPIPE - ok
19:41:35.0644 6452 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:41:35.0644 6452 TDTCP - ok
19:41:35.0674 6452 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:41:35.0674 6452 tdx - ok
19:41:35.0694 6452 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:41:35.0694 6452 TermDD - ok
19:41:35.0734 6452 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:41:35.0744 6452 TermService - ok
19:41:35.0754 6452 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:41:35.0754 6452 Themes - ok
19:41:35.0784 6452 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:41:35.0784 6452 THREADORDER - ok
19:41:35.0794 6452 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:41:35.0794 6452 TrkWks - ok
19:41:35.0844 6452 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:41:35.0844 6452 TrustedInstaller - ok
19:41:35.0864 6452 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:41:35.0864 6452 tssecsrv - ok
19:41:35.0884 6452 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:41:35.0884 6452 TsUsbFlt - ok
19:41:35.0884 6452 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:41:35.0894 6452 TsUsbGD - ok
19:41:35.0924 6452 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:41:35.0924 6452 tunnel - ok
19:41:35.0934 6452 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:41:35.0934 6452 uagp35 - ok
19:41:35.0964 6452 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:41:35.0964 6452 udfs - ok
19:41:35.0984 6452 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:41:35.0994 6452 UI0Detect - ok
19:41:36.0004 6452 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:41:36.0004 6452 uliagpkx - ok
19:41:36.0034 6452 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:41:36.0034 6452 umbus - ok
19:41:36.0054 6452 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:41:36.0054 6452 UmPass - ok
19:41:36.0164 6452 UNS (0dfc9713d117b349e41a2a477448107a) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:41:36.0174 6452 UNS - ok
19:41:36.0204 6452 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:41:36.0214 6452 upnphost - ok
19:41:36.0244 6452 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
19:41:36.0244 6452 usbccgp - ok
19:41:36.0254 6452 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:41:36.0254 6452 usbcir - ok
19:41:36.0274 6452 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:41:36.0274 6452 usbehci - ok
19:41:36.0314 6452 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:41:36.0324 6452 usbhub - ok
19:41:36.0344 6452 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:41:36.0344 6452 usbohci - ok
19:41:36.0364 6452 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
19:41:36.0364 6452 usbprint - ok
19:41:36.0384 6452 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
19:41:36.0384 6452 USBSTOR - ok
19:41:36.0424 6452 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:41:36.0424 6452 usbuhci - ok
19:41:36.0474 6452 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:41:36.0484 6452 usbvideo - ok
19:41:36.0504 6452 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:41:36.0504 6452 UxSms - ok
19:41:36.0524 6452 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:41:36.0524 6452 VaultSvc - ok
19:41:36.0534 6452 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:41:36.0534 6452 vdrvroot - ok
19:41:36.0584 6452 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:41:36.0604 6452 vds - ok
19:41:36.0624 6452 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:41:36.0624 6452 vga - ok
19:41:36.0644 6452 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:41:36.0644 6452 VgaSave - ok
19:41:36.0684 6452 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:41:36.0724 6452 vhdmp - ok
19:41:36.0734 6452 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:41:36.0734 6452 viaide - ok
19:41:36.0744 6452 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:41:36.0754 6452 volmgr - ok
19:41:36.0774 6452 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:41:36.0784 6452 volmgrx - ok
19:41:36.0824 6452 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:41:36.0834 6452 volsnap - ok
19:41:36.0864 6452 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:41:36.0864 6452 vsmraid - ok
19:41:36.0964 6452 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:41:36.0984 6452 VSS - ok
19:41:37.0074 6452 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:41:37.0074 6452 vwifibus - ok
19:41:37.0114 6452 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:41:37.0114 6452 vwififlt - ok
19:41:37.0154 6452 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:41:37.0154 6452 vwifimp - ok
19:41:37.0184 6452 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:41:37.0184 6452 W32Time - ok
19:41:37.0194 6452 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:41:37.0194 6452 WacomPen - ok
19:41:37.0244 6452 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:37.0244 6452 WANARP - ok
19:41:37.0244 6452 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:41:37.0244 6452 Wanarpv6 - ok
19:41:37.0344 6452 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:41:37.0404 6452 WatAdminSvc - ok
19:41:37.0504 6452 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:41:37.0524 6452 wbengine - ok
19:41:37.0634 6452 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:41:37.0654 6452 WbioSrvc - ok
19:41:37.0684 6452 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:41:37.0694 6452 wcncsvc - ok
19:41:37.0714 6452 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:41:37.0724 6452 WcsPlugInService - ok
19:41:37.0744 6452 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:41:37.0744 6452 Wd - ok
19:41:37.0784 6452 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:41:37.0794 6452 Wdf01000 - ok
19:41:37.0824 6452 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:41:37.0824 6452 WdiServiceHost - ok
19:41:37.0834 6452 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:41:37.0834 6452 WdiSystemHost - ok
19:41:37.0864 6452 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:41:37.0874 6452 WebClient - ok
19:41:37.0894 6452 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:41:37.0914 6452 Wecsvc - ok
19:41:37.0924 6452 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:41:37.0924 6452 wercplsupport - ok
19:41:37.0974 6452 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:41:37.0974 6452 WerSvc - ok
19:41:38.0024 6452 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:41:38.0024 6452 WfpLwf - ok
19:41:38.0084 6452 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
19:41:38.0094 6452 WimFltr - ok
19:41:38.0094 6452 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:41:38.0104 6452 WIMMount - ok
19:41:38.0124 6452 WinDefend - ok
19:41:38.0134 6452 WinHttpAutoProxySvc - ok
19:41:38.0194 6452 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:41:38.0194 6452 Winmgmt - ok
19:41:38.0304 6452 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:41:38.0344 6452 WinRM - ok
19:41:38.0474 6452 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:41:38.0494 6452 Wlansvc - ok
19:41:38.0664 6452 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:41:38.0684 6452 wlidsvc - ok
19:41:38.0794 6452 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:41:38.0794 6452 WmiAcpi - ok
19:41:38.0834 6452 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:41:38.0834 6452 wmiApSrv - ok
19:41:38.0884 6452 WMPNetworkSvc - ok
19:41:38.0904 6452 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:41:38.0904 6452 WPCSvc - ok
19:41:38.0924 6452 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:41:38.0944 6452 WPDBusEnum - ok
19:41:38.0984 6452 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:41:38.0984 6452 ws2ifsl - ok
19:41:39.0004 6452 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:41:39.0004 6452 wscsvc - ok
19:41:39.0014 6452 WSearch - ok
19:41:39.0134 6452 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
19:41:39.0184 6452 wuauserv - ok
19:41:39.0214 6452 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:41:39.0224 6452 WudfPf - ok
19:41:39.0244 6452 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:41:39.0244 6452 wudfsvc - ok
19:41:39.0274 6452 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:41:39.0284 6452 WwanSvc - ok
19:41:39.0444 6452 ZeroConfigService (d2fe4103450e52cb248d842501f84b90) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:41:39.0494 6452 ZeroConfigService - ok
19:41:39.0544 6452 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
19:41:39.0854 6452 \Device\Harddisk0\DR0 - ok
19:41:39.0854 6452 Boot (0x1200) (d15deb8074fd6cffa5ba71159c82d628) \Device\Harddisk0\DR0\Partition0
19:41:39.0864 6452 \Device\Harddisk0\DR0\Partition0 - ok
19:41:39.0894 6452 Boot (0x1200) (f0bb7e5614d2b68bc43725466b408206) \Device\Harddisk0\DR0\Partition1
19:41:39.0894 6452 \Device\Harddisk0\DR0\Partition1 - ok
19:41:39.0894 6452 ============================================================
19:41:39.0894 6452 Scan finished
19:41:39.0894 6452 ============================================================
19:41:39.0904 6936 Detected object count: 0
19:41:39.0904 6936 Actual detected object count: 0


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-10 19:43:15
-----------------------------
19:43:15.402 OS Version: Windows x64 6.1.7601 Service Pack 1
19:43:15.402 Number of processors: 4 586 0x3A09
19:43:15.402 ComputerName: TIKO-PC UserName: Tiko
19:43:16.342 Initialize success
19:55:56.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:55:56.906 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 8
19:55:56.922 Disk 0 MBR read successfully
19:55:56.922 Disk 0 MBR scan
19:55:56.922 Disk 0 Windows VISTA default MBR code
19:55:56.922 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
19:55:56.937 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10442 MB offset 81920
19:55:56.953 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 466457 MB offset 21467136
19:55:56.968 Disk 0 scanning C:\Windows\system32\drivers
19:56:00.757 Service scanning
19:56:11.396 Modules scanning
19:56:11.396 Disk 0 trace - called modules:
19:56:11.412 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
19:56:11.428 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008dd5060]
19:56:11.814 3 CLASSPNP.SYS[fffff88001dbc43f] -> nt!IofCallDriver -> [0xfffffa80069d6c50]
19:56:11.814 5 stdcfltn.sys[fffff88001cf2d12] -> nt!IofCallDriver -> [0xfffffa8006631550]
19:56:11.824 7 ACPI.sys[fffff88000f5b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006633050]
19:56:11.834 Scan finished successfully
19:56:27.425 Disk 0 MBR has been saved successfully to "C:\Users\Tiko\Documents\MBR.dat"
19:56:27.440 The log file has been saved successfully to "C:\Users\Tiko\Documents\log.txt"


C:\Program Files (x86)\Vid-Saver\Vid-Saver.dll Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\Users\Tiko\AppData\Local\Temp\airD980.exe Win32/Toolbar.CrossRider application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:36 PM

Posted 10 July 2012 - 08:47 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


What version of internet explorer do you use?

#5 Tikoxi

Tikoxi
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 10 July 2012 - 08:51 PM

Attempting to access the first downloader, I was interrupted by a redirect to something called 'panda cloud antivirus safe search protector'. I've seen this once before earlier this afternoon, and took it for relatively harmless spam and backtracked. Is it actually significant?

And it's IE 9 I think, if I'm interprating it correctly.

Edited by Tikoxi, 10 July 2012 - 08:54 PM.


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:36 PM

Posted 10 July 2012 - 09:01 PM

Ignore it

#7 Tikoxi

Tikoxi
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 10 July 2012 - 11:21 PM

MBAM scan shows clean. Here's the toolbox log, and then I need to get some sleep. I'll pick it up in the morning.

MiniToolBox by Farbar Version: 25-06-2012
Ran by Tiko (administrator) on 10-07-2012 at 23:17:20
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Disconnected)
Intel® Centrino® Wireless-N 2230 = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tiko-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : domain.invalid

Wireless LAN adapter Wireless Network Connection 3:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
Physical Address. . . . . . . . . : 68-5D-43-7B-CE-FC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : domain.invalid
Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 2230
Physical Address. . . . . . . . . : 68-5D-43-7B-CE-FB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2997:8fc4:1611:e7a3%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.253(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, July 10, 2012 9:13:00 PM
Lease Expires . . . . . . . . . . : Wednesday, July 11, 2012 9:13:00 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 375938371
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-7D-EE-23-D4-BE-D9-41-FA-D1
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 68-5D-43-7B-CE-FF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain.invalid
Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : D4-BE-D9-41-FA-D1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.domain.invalid:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : domain.invalid
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1484:1301:52a9:6c39(Preferred)
Link-local IPv6 Address . . . . . : fe80::1484:1301:52a9:6c39%19(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2607:f8b0:4004:800::1009
74.125.228.1
74.125.228.2
74.125.228.3
74.125.228.4
74.125.228.5
74.125.228.6
74.125.228.7
74.125.228.8
74.125.228.9
74.125.228.14
74.125.228.0


Pinging google.com [74.125.228.14] with 32 bytes of data:
Reply from 74.125.228.14: bytes=32 time=40ms TTL=53
Reply from 74.125.228.14: bytes=32 time=41ms TTL=53

Ping statistics for 74.125.228.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 40ms, Maximum = 41ms, Average = 40ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=44ms TTL=51
Reply from 209.191.122.70: bytes=32 time=48ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 44ms, Maximum = 48ms, Average = 46ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 2ms, Average = 2ms
===========================================================================
Interface List
18...68 5d 43 7b ce fc ......Microsoft Virtual WiFi Miniport Adapter #2
16...68 5d 43 7b ce fb ......Intel® Centrino® Wireless-N 2230
15...68 5d 43 7b ce ff ......Bluetooth Device (Personal Area Network)
11...d4 be d9 41 fa d1 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.253 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.253 281
192.168.0.253 255.255.255.255 On-link 192.168.0.253 281
192.168.0.255 255.255.255.255 On-link 192.168.0.253 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.253 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.253 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
19 58 ::/0 On-link
1 306 ::1/128 On-link
19 58 2001::/32 On-link
19 306 2001:0:4137:9e76:1484:1301:52a9:6c39/128
On-link
16 281 fe80::/64 On-link
19 306 fe80::/64 On-link
19 306 fe80::1484:1301:52a9:6c39/128
On-link
16 281 fe80::2997:8fc4:1611:e7a3/128
On-link
1 306 ff00::/8 On-link
19 306 ff00::/8 On-link
16 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/10/2012 09:55:18 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 09:12:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 07:45:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 07:45:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/10/2012 06:30:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: gimp-2.8.exe, version: 2.8.0.0, time stamp: 0x4fa52a0b
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x00000000000532d0
Faulting process id: 0x154c
Faulting application start time: 0xgimp-2.8.exe0
Faulting application path: gimp-2.8.exe1
Faulting module path: gimp-2.8.exe2
Report Id: gimp-2.8.exe3

Error: (07/10/2012 04:43:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 04:35:57 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1054

Start Time: 01cd5ee3e52a890a

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id:

Error: (07/10/2012 04:34:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 04:27:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 03:16:23 PM) (Source: MsiInstaller) (User: Tiko-PC)Tiko-PC
Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.


System errors:
=============
Error: (07/10/2012 05:57:23 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (07/10/2012 03:17:02 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (07/10/2012 02:46:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/10/2012 02:46:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/10/2012 02:46:02 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/10/2012 02:45:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/10/2012 02:45:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/10/2012 02:45:40 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/10/2012 02:44:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/10/2012 02:44:00 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/10/2012 09:55:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (07/10/2012 09:12:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 07:45:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tiko\Downloads\esetsmartinstaller_enu.exe

Error: (07/10/2012 07:45:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Tiko\Downloads\esetsmartinstaller_enu.exe

Error: (07/10/2012 06:30:05 PM) (Source: Application Error)(User: )
Description: gimp-2.8.exe2.8.0.04fa52a0bntdll.dll6.1.7601.177254ec4aa8ec000000500000000000532d0154c01cd5eeae0ab1c31C:\Program Files\GIMP 2\bin\gimp-2.8.exeC:\Windows\SYSTEM32\ntdll.dll2d2815b5-cae7-11e1-aecc-685d437bceff

Error: (07/10/2012 04:43:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 04:35:57 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421105401cd5ee3e52a890a0C:\Program Files (x86)\Internet Explorer\iexplore.exe

Error: (07/10/2012 04:34:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 04:27:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2012 03:16:23 PM) (Source: MsiInstaller)(User: Tiko-PC)Tiko-PC
Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.(NULL)(NULL)(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.228)
Adobe Reader X MUI (Version: 10.0.0)
Advanced Audio FX Engine (Version: 1.12.05)
AlienAutopsy (Version: 3.1.5907.39)
AlienRespawn - Support Software (Version: 9.4.67)
AlienRespawn (Version: 9.4.67)
Alienware Command Center (Version: 2.7.28.0)
Alienware On-Screen Display (Version: 0.32.1.1)
Anti-phishing Domain Advisor (Version: 1.1.0.1)
D3DX10 (Version: 15.4.2368.0902)
Dungeons & Dragons Online®
EMSC (Version: 0.0.0.22C)
ESET Online Scanner v3
GIMP 2.8.0 (Version: 2.8.0)
Integrated Webcam Live! Central (Version: 2.00.44)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® Processor Graphics (Version: 8.15.10.2653)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.1.0.0096)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 2.1.0.0140)
Intel® Rapid Storage Technology (Version: 11.0.0.1032)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.3.214)
Intel® WiDi (Version: 3.0.12.0)
Intel® Wireless Display
Intel® PROSet/Wireless WiFi Software (Version: 15.01.0000.0830)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
League of Legends (Version: 1.3)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
NVIDIA 3D Vision Driver 296.16 (Version: 296.16)
NVIDIA Control Panel 296.16 (Version: 296.16)
NVIDIA Graphics Driver 296.16 (Version: 296.16)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA Optimus 1.7.12 (Version: 1.7.12)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9616)
NVIDIA Update 1.7.12 (Version: 1.7.12)
NVIDIA Update Components (Version: 1.7.12)
Pando Media Booster (Version: 2.6.0.8)
Portal
QualxServ Service Agreement (Version: 2.0.0)
Skype™ 5.5 (Version: 5.5.119)
Sound Blaster Recon3Di (Version: 1.00.08)
Sound Blaster Recon3Di Extras (Version: 1.0)
ST Microelectronics 3 Axis Digital Accelerometer Solution (Version: 4.12.0018)
Steam (Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 16.0.4.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Vid-Saver (Version: 1.18.149.149)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)

========================= Memory info: ===================================

Percentage of memory in use: 39%
Total physical RAM: 6046.31 MB
Available physical RAM: 3684.23 MB
Total Pagefile: 12090.81 MB
Available Pagefile: 9185.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3965.06 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:455.52 GB) (Free:395.46 GB) NTFS

========================= Users: ========================================

User accounts for \\TIKO-PC

Administrator ASPNET Guest
Tiko UpdatusUser


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:36 PM

Posted 11 July 2012 - 08:12 AM

Use this guide to uninstall IE 9

http://windows.microsoft.com/en-US/windows7/how-do-i-install-or-uninstall-internet-explorer-9

Let me know if you still have nginx problem

#9 Tikoxi

Tikoxi
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 11 July 2012 - 08:20 AM

IE 9 has been uninstalled, internet explorer is no longer redirecting google.com and firefox is still clear of the issue. If this is success, I will bid you many thanks and a good day :D

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:36 PM

Posted 11 July 2012 - 08:23 AM

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 Tikoxi

Tikoxi
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 11 July 2012 - 08:35 AM

All but the flash update has been completed at this point. Thank you for your assistance. :D

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:36 PM

Posted 11 July 2012 - 08:39 AM

You're welcome :)

#13 Tikoxi

Tikoxi
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 15 July 2012 - 11:22 AM

The bloody thing came back!!
Same symptoms, only facebook this time. And it attacked firefox instead of IE.
I really don't know where it's coming from. My old laptop which I just replaced never had this problem, and I'm not doing anything new. D:
I'm running Malware bytes right now and I'm trying to find the other programs which I still have - but I don't know what to do when. :/

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:36 PM

Posted 15 July 2012 - 11:29 AM

We need advanced tools

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#15 Tikoxi

Tikoxi
  • Topic Starter

  • Members
  • 53 posts
  • OFFLINE
  •  
  • Local time:12:36 PM

Posted 15 July 2012 - 11:31 AM

Alright, thanks for your help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users