Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MyStart by IncridiBar showed up on my computer.


  • Please log in to reply
23 replies to this topic

#1 jonsidneyb

jonsidneyb

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 12 July 2012 - 05:10 AM

I am running a Latitude 6410 running windows 7. I think it is 32bit.

I read a couple of instructions on how to remove this but it scared me a bit. I could use some hand holding on this.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:27 PM

Posted 12 July 2012 - 07:32 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 15 July 2012 - 11:56 AM

Thanks,

I will get to work on that in about an hour.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:27 PM

Posted 15 July 2012 - 12:02 PM

:thumbup2:

#5 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 15 July 2012 - 01:51 PM

13:49:34.0895 3144 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
13:49:35.0469 3144 ============================================================
13:49:35.0469 3144 Current date / time: 2012/07/15 13:49:35.0469
13:49:35.0469 3144 SystemInfo:
13:49:35.0469 3144
13:49:35.0469 3144 OS Version: 6.1.7601 ServicePack: 1.0
13:49:35.0469 3144 Product type: Workstation
13:49:35.0470 3144 ComputerName: JON-PC
13:49:35.0470 3144 UserName: Jon
13:49:35.0470 3144 Windows directory: C:\Windows
13:49:35.0470 3144 System windows directory: C:\Windows
13:49:35.0470 3144 Processor architecture: Intel x86
13:49:35.0470 3144 Number of processors: 4
13:49:35.0470 3144 Page size: 0x1000
13:49:35.0470 3144 Boot type: Normal boot
13:49:35.0470 3144 ============================================================
13:49:36.0196 3144 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:49:36.0198 3144 ============================================================
13:49:36.0198 3144 \Device\Harddisk0\DR0:
13:49:36.0199 3144 MBR partitions:
13:49:36.0199 3144 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
13:49:36.0199 3144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0x1248E000
13:49:36.0229 3144 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1261A800, BlocksNum 0x3FD800
13:49:36.0229 3144 ============================================================
13:49:36.0258 3144 C: <-> \Device\Harddisk0\DR0\Partition1
13:49:36.0302 3144 D: <-> \Device\Harddisk0\DR0\Partition2
13:49:36.0303 3144 ============================================================
13:49:36.0303 3144 Initialize success
13:49:36.0303 3144 ============================================================
13:49:38.0082 5404 ============================================================
13:49:38.0082 5404 Scan started
13:49:38.0082 5404 Mode: Manual;
13:49:38.0082 5404 ============================================================
13:49:38.0322 5404 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
13:49:38.0325 5404 !SASCORE - ok
13:49:38.0514 5404 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:49:38.0517 5404 1394ohci - ok
13:49:38.0571 5404 Acceler (3e58933198689f24cfa6ed4b93a80deb) C:\Windows\system32\DRIVERS\Accelern.sys
13:49:38.0572 5404 Acceler - ok
13:49:38.0620 5404 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:49:38.0623 5404 ACPI - ok
13:49:38.0663 5404 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:49:38.0664 5404 AcpiPmi - ok
13:49:38.0746 5404 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:49:38.0748 5404 AdobeARMservice - ok
13:49:38.0874 5404 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:49:38.0879 5404 AdobeFlashPlayerUpdateSvc - ok
13:49:38.0958 5404 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:49:38.0968 5404 adp94xx - ok
13:49:38.0992 5404 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:49:38.0997 5404 adpahci - ok
13:49:39.0009 5404 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:49:39.0011 5404 adpu320 - ok
13:49:39.0052 5404 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
13:49:39.0054 5404 AeLookupSvc - ok
13:49:39.0106 5404 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Program Files\IDT\WDM\aestsrv.exe
13:49:39.0108 5404 AESTFilters - ok
13:49:39.0174 5404 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:49:39.0180 5404 AFD - ok
13:49:39.0215 5404 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:49:39.0216 5404 agp440 - ok
13:49:39.0268 5404 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:49:39.0270 5404 aic78xx - ok
13:49:39.0325 5404 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
13:49:39.0327 5404 ALG - ok
13:49:39.0378 5404 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:49:39.0380 5404 aliide - ok
13:49:39.0411 5404 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:49:39.0412 5404 amdagp - ok
13:49:39.0444 5404 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:49:39.0445 5404 amdide - ok
13:49:39.0492 5404 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:49:39.0493 5404 AmdK8 - ok
13:49:39.0506 5404 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:49:39.0507 5404 AmdPPM - ok
13:49:39.0561 5404 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
13:49:39.0564 5404 amdsata - ok
13:49:39.0605 5404 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:49:39.0609 5404 amdsbs - ok
13:49:39.0627 5404 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
13:49:39.0628 5404 amdxata - ok
13:49:39.0687 5404 ApfiltrService (9910a9c7d307a9e156d951248601c33e) C:\Windows\system32\DRIVERS\Apfiltr.sys
13:49:39.0692 5404 ApfiltrService - ok
13:49:39.0732 5404 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:49:39.0734 5404 AppID - ok
13:49:39.0770 5404 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
13:49:39.0771 5404 AppIDSvc - ok
13:49:39.0809 5404 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
13:49:39.0810 5404 Appinfo - ok
13:49:39.0863 5404 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
13:49:39.0866 5404 AppMgmt - ok
13:49:39.0915 5404 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:49:39.0918 5404 arc - ok
13:49:39.0928 5404 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:49:39.0931 5404 arcsas - ok
13:49:39.0958 5404 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:49:39.0959 5404 AsyncMac - ok
13:49:40.0001 5404 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:49:40.0002 5404 atapi - ok
13:49:40.0065 5404 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
13:49:40.0071 5404 AudioEndpointBuilder - ok
13:49:40.0080 5404 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
13:49:40.0085 5404 Audiosrv - ok
13:49:40.0128 5404 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
13:49:40.0129 5404 AxInstSV - ok
13:49:40.0193 5404 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:49:40.0199 5404 b06bdrv - ok
13:49:40.0236 5404 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:49:40.0240 5404 b57nd60x - ok
13:49:40.0275 5404 BCM42RLY (94f2dc372163d520d7b1dad78ae40b5e) C:\Windows\system32\drivers\BCM42RLY.sys
13:49:40.0276 5404 BCM42RLY - ok
13:49:40.0461 5404 BCM43XX (f689c5965cefad780a2948546703bd5d) C:\Windows\system32\DRIVERS\bcmwl6.sys
13:49:40.0490 5404 BCM43XX - ok
13:49:40.0628 5404 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
13:49:40.0630 5404 BDESVC - ok
13:49:40.0701 5404 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:49:40.0702 5404 Beep - ok
13:49:40.0771 5404 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
13:49:40.0774 5404 BFE - ok
13:49:41.0825 5404 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
13:49:41.0831 5404 BITS - ok
13:49:41.0863 5404 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:49:41.0864 5404 blbdrive - ok
13:49:41.0898 5404 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:49:41.0899 5404 bowser - ok
13:49:41.0926 5404 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:49:41.0929 5404 BrFiltLo - ok
13:49:41.0935 5404 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:49:41.0935 5404 BrFiltUp - ok
13:49:41.0967 5404 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
13:49:41.0968 5404 Browser - ok
13:49:42.0000 5404 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
13:49:42.0014 5404 Brserid - ok
13:49:42.0022 5404 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:49:42.0025 5404 BrSerWdm - ok
13:49:42.0031 5404 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:49:42.0033 5404 BrUsbMdm - ok
13:49:42.0039 5404 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
13:49:42.0040 5404 BrUsbSer - ok
13:49:42.0078 5404 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
13:49:42.0079 5404 BthEnum - ok
13:49:42.0087 5404 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:49:42.0089 5404 BTHMODEM - ok
13:49:42.0115 5404 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
13:49:42.0117 5404 BthPan - ok
13:49:42.0180 5404 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
13:49:42.0185 5404 BTHPORT - ok
13:49:42.0228 5404 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
13:49:42.0229 5404 bthserv - ok
13:49:42.0250 5404 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
13:49:42.0251 5404 BTHUSB - ok
13:49:42.0287 5404 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:49:42.0288 5404 cdfs - ok
13:49:42.0344 5404 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
13:49:42.0347 5404 cdrom - ok
13:49:42.0385 5404 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
13:49:42.0387 5404 CertPropSvc - ok
13:49:42.0412 5404 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:49:42.0415 5404 circlass - ok
13:49:42.0460 5404 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:49:42.0463 5404 CLFS - ok
13:49:42.0553 5404 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:49:42.0556 5404 clr_optimization_v2.0.50727_32 - ok
13:49:42.0626 5404 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:49:42.0631 5404 clr_optimization_v4.0.30319_32 - ok
13:49:42.0655 5404 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:49:42.0656 5404 CmBatt - ok
13:49:42.0689 5404 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:49:42.0691 5404 cmdide - ok
13:49:42.0737 5404 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
13:49:42.0743 5404 CNG - ok
13:49:42.0771 5404 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:49:42.0772 5404 Compbatt - ok
13:49:42.0821 5404 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:49:42.0823 5404 CompositeBus - ok
13:49:42.0843 5404 COMSysApp - ok
13:49:42.0859 5404 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:49:42.0859 5404 crcdisk - ok
13:49:43.0012 5404 Credential Vault Host Control Service (3dcb48ebdd33e4d0e1e07f1751d7f767) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
13:49:43.0024 5404 Credential Vault Host Control Service - ok
13:49:43.0040 5404 Credential Vault Host Storage (13bb0029f5e24a63f2fb256e04dcf2d0) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
13:49:43.0041 5404 Credential Vault Host Storage - ok
13:49:43.0123 5404 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
13:49:43.0125 5404 CryptSvc - ok
13:49:43.0191 5404 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
13:49:43.0196 5404 CSC - ok
13:49:43.0240 5404 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
13:49:43.0243 5404 CscService - ok
13:49:43.0277 5404 cvusbdrv (d1697063e2cdb6575aa46d668ffee825) C:\Windows\system32\Drivers\cvusbdrv.sys
13:49:43.0278 5404 cvusbdrv - ok
13:49:43.0318 5404 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
13:49:43.0319 5404 dc3d - ok
13:49:43.0405 5404 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
13:49:43.0412 5404 DcomLaunch - ok
13:49:43.0516 5404 dcpsysmgrsvc (658894a9500b789512e7f16c6f3a707d) c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
13:49:43.0520 5404 dcpsysmgrsvc - ok
13:49:43.0559 5404 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
13:49:43.0561 5404 defragsvc - ok
13:49:43.0599 5404 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:49:43.0601 5404 DfsC - ok
13:49:43.0671 5404 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
13:49:43.0673 5404 Dhcp - ok
13:49:43.0725 5404 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:49:43.0726 5404 discache - ok
13:49:43.0773 5404 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:49:43.0774 5404 Disk - ok
13:49:43.0813 5404 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
13:49:43.0814 5404 Dnscache - ok
13:49:43.0873 5404 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
13:49:43.0875 5404 dot3svc - ok
13:49:43.0909 5404 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
13:49:43.0910 5404 DPS - ok
13:49:43.0942 5404 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:49:43.0942 5404 drmkaud - ok
13:49:44.0015 5404 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:49:44.0027 5404 DXGKrnl - ok
13:49:44.0066 5404 e1kexpress (19e30c3c80d8ce29944b3f30ff9c8b76) C:\Windows\system32\DRIVERS\e1k6232.sys
13:49:44.0070 5404 e1kexpress - ok
13:49:44.0116 5404 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
13:49:44.0119 5404 EapHost - ok
13:49:44.0374 5404 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:49:44.0400 5404 ebdrv - ok
13:49:44.0499 5404 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
13:49:44.0500 5404 EFS - ok
13:49:44.0576 5404 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
13:49:44.0583 5404 ehRecvr - ok
13:49:44.0609 5404 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
13:49:44.0611 5404 ehSched - ok
13:49:44.0681 5404 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:49:44.0686 5404 elxstor - ok
13:49:44.0720 5404 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:49:44.0721 5404 ErrDev - ok
13:49:44.0778 5404 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
13:49:44.0780 5404 EventSystem - ok
13:49:44.0813 5404 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:49:44.0816 5404 exfat - ok
13:49:44.0833 5404 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:49:44.0834 5404 fastfat - ok
13:49:44.0899 5404 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
13:49:44.0903 5404 Fax - ok
13:49:44.0932 5404 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:49:44.0933 5404 fdc - ok
13:49:44.0970 5404 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
13:49:44.0971 5404 fdPHost - ok
13:49:44.0982 5404 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
13:49:44.0983 5404 FDResPub - ok
13:49:44.0998 5404 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:49:44.0999 5404 FileInfo - ok
13:49:45.0033 5404 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:49:45.0033 5404 Filetrace - ok
13:49:45.0049 5404 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:49:45.0050 5404 flpydisk - ok
13:49:45.0089 5404 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:49:45.0091 5404 FltMgr - ok
13:49:45.0181 5404 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
13:49:45.0193 5404 FontCache - ok
13:49:45.0270 5404 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:49:45.0272 5404 FontCache3.0.0.0 - ok
13:49:45.0287 5404 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:49:45.0288 5404 FsDepends - ok
13:49:45.0315 5404 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
13:49:45.0316 5404 Fs_Rec - ok
13:49:45.0350 5404 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:49:45.0352 5404 fvevol - ok
13:49:45.0388 5404 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:49:45.0389 5404 gagp30kx - ok
13:49:45.0449 5404 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
13:49:45.0453 5404 gpsvc - ok
13:49:45.0528 5404 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:49:45.0530 5404 gupdate - ok
13:49:45.0536 5404 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:49:45.0537 5404 gupdatem - ok
13:49:45.0563 5404 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:49:45.0564 5404 hcw85cir - ok
13:49:45.0608 5404 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:49:45.0609 5404 HDAudBus - ok
13:49:45.0623 5404 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:49:45.0624 5404 HidBatt - ok
13:49:45.0637 5404 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:49:45.0640 5404 HidBth - ok
13:49:45.0672 5404 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:49:45.0673 5404 HidIr - ok
13:49:45.0707 5404 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
13:49:45.0710 5404 hidserv - ok
13:49:45.0752 5404 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys
13:49:45.0753 5404 HidUsb - ok
13:49:45.0786 5404 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
13:49:45.0789 5404 hkmsvc - ok
13:49:45.0818 5404 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
13:49:45.0820 5404 HomeGroupListener - ok
13:49:45.0863 5404 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
13:49:45.0865 5404 HomeGroupProvider - ok
13:49:45.0898 5404 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:49:45.0900 5404 HpSAMD - ok
13:49:45.0974 5404 HsfXAudioService (210388fd8225b02bd83d77628aae64a9) C:\Windows\system32\XAudio32.dll
13:49:45.0983 5404 HsfXAudioService - ok
13:49:46.0060 5404 HSF_DPV (227c3ba25012752bb7450235392c719f) C:\Windows\system32\DRIVERS\HSX_DPV.sys
13:49:46.0074 5404 HSF_DPV - ok
13:49:46.0104 5404 HSXHWAZL (4df5c76302dc2f8f3465966c8426a292) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
13:49:46.0107 5404 HSXHWAZL - ok
13:49:46.0191 5404 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:49:46.0200 5404 HTTP - ok
13:49:46.0218 5404 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:49:46.0219 5404 hwpolicy - ok
13:49:46.0269 5404 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:49:46.0272 5404 i8042prt - ok
13:49:46.0334 5404 iaStor (26541a068572f650a2fa490726fe81be) C:\Windows\system32\DRIVERS\iaStor.sys
13:49:46.0339 5404 iaStor - ok
13:49:46.0424 5404 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:49:46.0426 5404 IAStorDataMgrSvc - ok
13:49:46.0479 5404 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
13:49:46.0484 5404 iaStorV - ok
13:49:46.0620 5404 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:49:46.0635 5404 idsvc - ok
13:49:47.0244 5404 igfx (0202fbccd44a92e3a8205123b2d4e8d8) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:49:47.0438 5404 igfx - ok
13:49:47.0571 5404 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:49:47.0573 5404 iirsp - ok
13:49:47.0651 5404 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
13:49:47.0658 5404 IKEEXT - ok
13:49:47.0690 5404 Impcd (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\Windows\system32\DRIVERS\Impcd.sys
13:49:47.0693 5404 Impcd - ok
13:49:47.0750 5404 IntcDAud (58ad25d624af3a05da5be3e5739f01bf) C:\Windows\system32\DRIVERS\IntcDAud.sys
13:49:47.0754 5404 IntcDAud - ok
13:49:47.0789 5404 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:49:47.0790 5404 intelide - ok
13:49:47.0812 5404 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:49:47.0813 5404 intelppm - ok
13:49:47.0846 5404 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
13:49:47.0849 5404 IPBusEnum - ok
13:49:47.0871 5404 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:49:47.0872 5404 IpFilterDriver - ok
13:49:47.0947 5404 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
13:49:47.0954 5404 iphlpsvc - ok
13:49:47.0987 5404 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:49:47.0989 5404 IPMIDRV - ok
13:49:48.0010 5404 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:49:48.0013 5404 IPNAT - ok
13:49:48.0046 5404 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:49:48.0048 5404 IRENUM - ok
13:49:48.0090 5404 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:49:48.0091 5404 isapnp - ok
13:49:48.0130 5404 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:49:48.0135 5404 iScsiPrt - ok
13:49:48.0167 5404 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
13:49:48.0168 5404 kbdclass - ok
13:49:48.0185 5404 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
13:49:48.0186 5404 kbdhid - ok
13:49:48.0222 5404 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
13:49:48.0225 5404 KeyIso - ok
13:49:48.0259 5404 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
13:49:48.0261 5404 KSecDD - ok
13:49:48.0301 5404 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
13:49:48.0304 5404 KSecPkg - ok
13:49:48.0352 5404 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
13:49:48.0356 5404 KtmRm - ok
13:49:48.0405 5404 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
13:49:48.0408 5404 LanmanServer - ok
13:49:48.0462 5404 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
13:49:48.0467 5404 LanmanWorkstation - ok
13:49:48.0504 5404 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:49:48.0505 5404 lltdio - ok
13:49:48.0552 5404 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
13:49:48.0555 5404 lltdsvc - ok
13:49:48.0565 5404 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
13:49:48.0566 5404 lmhosts - ok
13:49:48.0604 5404 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:49:48.0606 5404 LSI_FC - ok
13:49:48.0632 5404 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:49:48.0634 5404 LSI_SAS - ok
13:49:48.0660 5404 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:49:48.0661 5404 LSI_SAS2 - ok
13:49:48.0685 5404 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:49:48.0687 5404 LSI_SCSI - ok
13:49:48.0709 5404 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:49:48.0711 5404 luafv - ok
13:49:48.0740 5404 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
13:49:48.0743 5404 Mcx2Svc - ok
13:49:48.0768 5404 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
13:49:48.0769 5404 mdmxsdk - ok
13:49:48.0791 5404 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:49:48.0792 5404 megasas - ok
13:49:48.0824 5404 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:49:48.0829 5404 MegaSR - ok
13:49:48.0868 5404 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
13:49:48.0871 5404 MMCSS - ok
13:49:48.0880 5404 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:49:48.0881 5404 Modem - ok
13:49:48.0909 5404 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:49:48.0910 5404 monitor - ok
13:49:48.0956 5404 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
13:49:48.0957 5404 mouclass - ok
13:49:48.0993 5404 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:49:48.0995 5404 mouhid - ok
13:49:49.0033 5404 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:49:49.0034 5404 mountmgr - ok
13:49:49.0113 5404 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:49:49.0115 5404 MozillaMaintenance - ok
13:49:49.0171 5404 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
13:49:49.0174 5404 MpFilter - ok
13:49:49.0220 5404 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:49:49.0224 5404 mpio - ok
13:49:49.0401 5404 MpKsl38264f4e (a69630d039c38018689190234f866d77) c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3D4B829-D1FB-402E-8476-B75DBB10B890}\MpKsl38264f4e.sys
13:49:49.0402 5404 MpKsl38264f4e - ok
13:49:49.0441 5404 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:49:49.0442 5404 mpsdrv - ok
13:49:49.0505 5404 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
13:49:49.0514 5404 MpsSvc - ok
13:49:49.0552 5404 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:49:49.0555 5404 MRxDAV - ok
13:49:49.0592 5404 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:49:49.0594 5404 mrxsmb - ok
13:49:49.0629 5404 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:49:49.0632 5404 mrxsmb10 - ok
13:49:49.0653 5404 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:49:49.0654 5404 mrxsmb20 - ok
13:49:49.0687 5404 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:49:49.0689 5404 msahci - ok
13:49:49.0729 5404 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:49:49.0732 5404 msdsm - ok
13:49:49.0777 5404 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
13:49:49.0780 5404 MSDTC - ok
13:49:49.0816 5404 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:49:49.0817 5404 Msfs - ok
13:49:49.0829 5404 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:49:49.0830 5404 mshidkmdf - ok
13:49:49.0841 5404 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:49:49.0842 5404 msisadrv - ok
13:49:49.0879 5404 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
13:49:49.0883 5404 MSiSCSI - ok
13:49:49.0888 5404 msiserver - ok
13:49:49.0929 5404 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:49:49.0931 5404 MSKSSRV - ok
13:49:50.0000 5404 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:49:50.0001 5404 MsMpSvc - ok
13:49:50.0035 5404 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:49:50.0036 5404 MSPCLOCK - ok
13:49:50.0054 5404 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:49:50.0054 5404 MSPQM - ok
13:49:50.0077 5404 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:49:50.0080 5404 MsRPC - ok
13:49:50.0106 5404 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:49:50.0107 5404 mssmbios - ok
13:49:50.0126 5404 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:49:50.0126 5404 MSTEE - ok
13:49:50.0141 5404 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:49:50.0142 5404 MTConfig - ok
13:49:50.0176 5404 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:49:50.0177 5404 Mup - ok
13:49:50.0229 5404 NAL (428c611928df3e96538a482117e659f7) C:\Windows\system32\Drivers\iqvw32.sys
13:49:50.0230 5404 NAL - ok
13:49:50.0285 5404 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
13:49:50.0291 5404 napagent - ok
13:49:50.0347 5404 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:49:50.0350 5404 NativeWifiP - ok
13:49:50.0435 5404 NDIS (3723262737d90f58059ceda7373b0387) C:\Windows\system32\drivers\ndis.sys
13:49:50.0446 5404 NDIS - ok
13:49:50.0479 5404 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:49:50.0481 5404 NdisCap - ok
13:49:50.0502 5404 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:49:50.0502 5404 NdisTapi - ok
13:49:50.0551 5404 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:49:50.0552 5404 Ndisuio - ok
13:49:50.0593 5404 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:49:50.0597 5404 NdisWan - ok
13:49:50.0628 5404 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:49:50.0629 5404 NDProxy - ok
13:49:50.0662 5404 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:49:50.0663 5404 NetBIOS - ok
13:49:50.0697 5404 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:49:50.0701 5404 NetBT - ok
13:49:50.0733 5404 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
13:49:50.0736 5404 Netlogon - ok
13:49:50.0798 5404 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
13:49:50.0804 5404 Netman - ok
13:49:50.0831 5404 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
13:49:50.0837 5404 netprofm - ok
13:49:50.0924 5404 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:49:50.0927 5404 NetTcpPortSharing - ok
13:49:50.0981 5404 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:49:50.0982 5404 nfrd960 - ok
13:49:51.0017 5404 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:49:51.0020 5404 NisDrv - ok
13:49:51.0103 5404 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
13:49:51.0107 5404 NisSrv - ok
13:49:51.0141 5404 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
13:49:51.0144 5404 NlaSvc - ok
13:49:51.0167 5404 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:49:51.0168 5404 Npfs - ok
13:49:51.0187 5404 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
13:49:51.0190 5404 nsi - ok
13:49:51.0200 5404 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:49:51.0201 5404 nsiproxy - ok
13:49:51.0313 5404 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
13:49:51.0326 5404 Ntfs - ok
13:49:51.0359 5404 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:49:51.0360 5404 Null - ok
13:49:51.0403 5404 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
13:49:51.0405 5404 nvraid - ok
13:49:51.0433 5404 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
13:49:51.0436 5404 nvstor - ok
13:49:51.0460 5404 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:49:51.0463 5404 nv_agp - ok
13:49:51.0586 5404 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:49:51.0595 5404 odserv - ok
13:49:51.0630 5404 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:49:51.0634 5404 ohci1394 - ok
13:49:51.0667 5404 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:49:51.0669 5404 ose - ok
13:49:51.0702 5404 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
13:49:51.0705 5404 p2pimsvc - ok
13:49:52.0691 5404 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
13:49:52.0695 5404 p2psvc - ok
13:49:52.0754 5404 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:49:52.0756 5404 Parport - ok
13:49:52.0788 5404 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
13:49:52.0789 5404 partmgr - ok
13:49:52.0806 5404 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:49:52.0807 5404 Parvdm - ok
13:49:52.0836 5404 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys
13:49:52.0837 5404 PBADRV - ok
13:49:52.0868 5404 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
13:49:52.0871 5404 PcaSvc - ok
13:49:52.0901 5404 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:49:52.0903 5404 pci - ok
13:49:52.0917 5404 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:49:52.0918 5404 pciide - ok
13:49:52.0957 5404 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:49:52.0959 5404 pcmcia - ok
13:49:52.0972 5404 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:49:52.0973 5404 pcw - ok
13:49:53.0046 5404 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:49:53.0052 5404 PEAUTH - ok
13:49:53.0125 5404 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
13:49:53.0136 5404 PeerDistSvc - ok
13:49:53.0236 5404 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
13:49:53.0251 5404 pla - ok
13:49:53.0400 5404 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
13:49:53.0403 5404 PlugPlay - ok
13:49:53.0428 5404 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
13:49:53.0431 5404 PNRPAutoReg - ok
13:49:53.0461 5404 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
13:49:53.0465 5404 PNRPsvc - ok
13:49:53.0503 5404 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
13:49:53.0505 5404 PolicyAgent - ok
13:49:53.0539 5404 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
13:49:53.0541 5404 Power - ok
13:49:53.0593 5404 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:49:53.0594 5404 PptpMiniport - ok
13:49:53.0616 5404 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:49:53.0617 5404 Processor - ok
13:49:53.0665 5404 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
13:49:53.0668 5404 ProfSvc - ok
13:49:53.0688 5404 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
13:49:53.0690 5404 ProtectedStorage - ok
13:49:53.0729 5404 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:49:53.0731 5404 Psched - ok
13:49:53.0809 5404 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:49:53.0824 5404 ql2300 - ok
13:49:53.0941 5404 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:49:53.0943 5404 ql40xx - ok
13:49:53.0982 5404 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
13:49:53.0985 5404 QWAVE - ok
13:49:54.0006 5404 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:49:54.0007 5404 QWAVEdrv - ok
13:49:54.0018 5404 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:49:54.0019 5404 RasAcd - ok
13:49:54.0050 5404 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:49:54.0051 5404 RasAgileVpn - ok
13:49:54.0070 5404 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
13:49:54.0072 5404 RasAuto - ok
13:49:54.0092 5404 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:49:54.0093 5404 Rasl2tp - ok
13:49:54.0131 5404 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
13:49:54.0134 5404 RasMan - ok
13:49:54.0148 5404 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:49:54.0149 5404 RasPppoe - ok
13:49:54.0259 5404 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:49:54.0261 5404 RasSstp - ok
13:49:54.0292 5404 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:49:54.0294 5404 rdbss - ok
13:49:54.0306 5404 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:49:54.0307 5404 rdpbus - ok
13:49:54.0333 5404 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:49:54.0333 5404 RDPCDD - ok
13:49:54.0369 5404 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
13:49:54.0372 5404 RDPDR - ok
13:49:54.0403 5404 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:49:54.0404 5404 RDPENCDD - ok
13:49:54.0417 5404 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:49:54.0418 5404 RDPREFMP - ok
13:49:54.0445 5404 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
13:49:54.0448 5404 RDPWD - ok
13:49:54.0489 5404 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:49:54.0491 5404 rdyboost - ok
13:49:54.0518 5404 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
13:49:54.0520 5404 RemoteAccess - ok
13:49:54.0548 5404 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
13:49:54.0551 5404 RemoteRegistry - ok
13:49:54.0631 5404 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
13:49:54.0634 5404 RFCOMM - ok
13:49:54.0662 5404 rimspci (e891f07815af88075705ef6a248711f6) C:\Windows\system32\DRIVERS\rimspe86.sys
13:49:54.0665 5404 rimspci - ok
13:49:54.0685 5404 risdpcie (5312f15dbeb47d906dca2e334dc4c97d) C:\Windows\system32\DRIVERS\risdpe86.sys
13:49:54.0687 5404 risdpcie - ok
13:49:54.0704 5404 rixdpcie (cf2de2365fd99e5b8e38c9f3467dcdb8) C:\Windows\system32\DRIVERS\rixdpe86.sys
13:49:54.0705 5404 rixdpcie - ok
13:49:54.0740 5404 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
13:49:54.0742 5404 RpcEptMapper - ok
13:49:54.0773 5404 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
13:49:54.0775 5404 RpcLocator - ok
13:49:54.0815 5404 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
13:49:54.0819 5404 RpcSs - ok
13:49:54.0867 5404 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:49:54.0869 5404 rspndr - ok
13:49:54.0891 5404 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
13:49:54.0891 5404 s3cap - ok
13:49:54.0922 5404 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
13:49:54.0923 5404 SamSs - ok
13:49:55.0020 5404 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
13:49:55.0021 5404 SASDIFSV - ok
13:49:55.0058 5404 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
13:49:55.0059 5404 SASKUTIL - ok
13:49:55.0104 5404 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:49:55.0105 5404 sbp2port - ok
13:49:55.0221 5404 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
13:49:55.0228 5404 SBSDWSCService - ok
13:49:55.0250 5404 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
13:49:55.0252 5404 SCardSvr - ok
13:49:55.0305 5404 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:49:55.0306 5404 scfilter - ok
13:49:55.0374 5404 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
13:49:55.0381 5404 Schedule - ok
13:49:55.0406 5404 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
13:49:55.0407 5404 SCPolicySvc - ok
13:49:55.0436 5404 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
13:49:55.0438 5404 SDRSVC - ok
13:49:55.0474 5404 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:49:55.0475 5404 secdrv - ok
13:49:55.0509 5404 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
13:49:55.0511 5404 seclogon - ok
13:49:55.0716 5404 SecureStorageService (6abf8e8ae3800ccf84d9ae6865a641e5) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
13:49:55.0985 5404 SecureStorageService - ok
13:49:56.0101 5404 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
13:49:56.0103 5404 SENS - ok
13:49:56.0137 5404 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
13:49:56.0139 5404 SensrSvc - ok
13:49:56.0173 5404 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:49:56.0174 5404 Serenum - ok
13:49:56.0199 5404 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:49:56.0201 5404 Serial - ok
13:49:56.0244 5404 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:49:56.0244 5404 sermouse - ok
13:49:56.0277 5404 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
13:49:56.0280 5404 SessionEnv - ok
13:49:56.0305 5404 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:49:56.0306 5404 sffdisk - ok
13:49:56.0314 5404 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:49:56.0315 5404 sffp_mmc - ok
13:49:56.0324 5404 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
13:49:56.0325 5404 sffp_sd - ok
13:49:56.0376 5404 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:49:56.0378 5404 sfloppy - ok
13:49:56.0417 5404 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
13:49:56.0419 5404 SharedAccess - ok
13:49:56.0462 5404 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
13:49:56.0467 5404 ShellHWDetection - ok
13:49:56.0494 5404 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:49:56.0496 5404 sisagp - ok
13:49:56.0536 5404 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:49:56.0537 5404 SiSRaid2 - ok
13:49:56.0563 5404 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:49:56.0565 5404 SiSRaid4 - ok
13:49:56.0585 5404 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:49:56.0586 5404 Smb - ok
13:49:56.0630 5404 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
13:49:56.0632 5404 SNMPTRAP - ok
13:49:56.0654 5404 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:49:56.0655 5404 spldr - ok
13:49:56.0700 5404 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
13:49:56.0704 5404 Spooler - ok
13:49:56.0888 5404 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
13:49:56.0914 5404 sppsvc - ok
13:49:57.0030 5404 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
13:49:57.0032 5404 sppuinotify - ok
13:49:57.0088 5404 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:49:57.0091 5404 srv - ok
13:49:57.0120 5404 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:49:57.0123 5404 srv2 - ok
13:49:57.0147 5404 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:49:57.0148 5404 srvnet - ok
13:49:57.0180 5404 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
13:49:57.0183 5404 SSDPSRV - ok
13:49:57.0196 5404 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
13:49:57.0199 5404 SstpSvc - ok
13:49:57.0273 5404 STacSV (7ffb500cde13b0706f8aa109961af22d) C:\Program Files\IDT\WDM\STacSV.exe
13:49:57.0276 5404 STacSV - ok
13:49:57.0309 5404 stdcfltn (1e72739a30a0d3e3fc95ebb07f83912d) C:\Windows\system32\DRIVERS\stdcfltn.sys
13:49:57.0310 5404 stdcfltn - ok
13:49:57.0332 5404 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:49:57.0333 5404 stexstor - ok
13:49:57.0377 5404 STHDA (698e186ac2df982b2d26428428155de1) C:\Windows\system32\DRIVERS\stwrt.sys
13:49:57.0382 5404 STHDA - ok
13:49:57.0441 5404 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
13:49:57.0445 5404 StiSvc - ok
13:49:57.0469 5404 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
13:49:57.0470 5404 storflt - ok
13:49:57.0499 5404 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
13:49:57.0501 5404 StorSvc - ok
13:49:57.0515 5404 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
13:49:57.0516 5404 storvsc - ok
13:49:57.0533 5404 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:49:57.0534 5404 swenum - ok
13:49:57.0576 5404 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
13:49:57.0579 5404 swprv - ok
13:49:57.0649 5404 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
13:49:57.0659 5404 SysMain - ok
13:49:57.0693 5404 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
13:49:57.0695 5404 TabletInputService - ok
13:49:57.0740 5404 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
13:49:57.0743 5404 TapiSrv - ok
13:49:57.0765 5404 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
13:49:57.0768 5404 TBS - ok
13:49:57.0894 5404 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
13:49:57.0906 5404 Tcpip - ok
13:49:57.0923 5404 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
13:49:57.0931 5404 TCPIP6 - ok
13:49:57.0962 5404 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:49:57.0963 5404 tcpipreg - ok
13:49:58.0097 5404 tcsd_win32.exe (e42d560e2163480e7b586b14abeb3386) C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
13:49:58.0277 5404 tcsd_win32.exe - ok
13:49:58.0479 5404 TdmService (b434294eaa2ae4fb9bd63e25eb89b86f) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
13:49:58.0504 5404 TdmService - ok
13:49:58.0622 5404 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:49:58.0623 5404 TDPIPE - ok
13:49:58.0632 5404 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
13:49:58.0633 5404 TDTCP - ok
13:49:58.0658 5404 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:49:58.0660 5404 tdx - ok
13:49:58.0682 5404 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:49:58.0683 5404 TermDD - ok
13:49:58.0733 5404 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
13:49:58.0738 5404 TermService - ok
13:49:58.0764 5404 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
13:49:58.0766 5404 Themes - ok
13:49:58.0798 5404 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
13:49:58.0800 5404 THREADORDER - ok
13:49:58.0834 5404 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
13:49:58.0837 5404 TrkWks - ok
13:49:58.0896 5404 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
13:49:58.0899 5404 TrustedInstaller - ok
13:49:58.0923 5404 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:49:58.0924 5404 tssecsrv - ok
13:49:58.0955 5404 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:49:58.0956 5404 TsUsbFlt - ok
13:49:59.0014 5404 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:49:59.0016 5404 tunnel - ok
13:49:59.0036 5404 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:49:59.0037 5404 uagp35 - ok
13:49:59.0085 5404 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:49:59.0089 5404 udfs - ok
13:49:59.0122 5404 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
13:49:59.0125 5404 UI0Detect - ok
13:49:59.0161 5404 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:49:59.0162 5404 uliagpkx - ok
13:49:59.0195 5404 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
13:49:59.0196 5404 umbus - ok
13:49:59.0229 5404 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:49:59.0230 5404 UmPass - ok
13:49:59.0257 5404 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
13:49:59.0260 5404 UmRdpService - ok
13:49:59.0306 5404 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
13:49:59.0309 5404 upnphost - ok
13:49:59.0337 5404 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
13:49:59.0338 5404 usbccgp - ok
13:49:59.0373 5404 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:49:59.0375 5404 usbcir - ok
13:49:59.0401 5404 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\drivers\usbehci.sys
13:49:59.0402 5404 usbehci - ok
13:49:59.0439 5404 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
13:49:59.0442 5404 usbhub - ok
13:49:59.0462 5404 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
13:49:59.0462 5404 usbohci - ok
13:49:59.0489 5404 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:49:59.0489 5404 usbprint - ok
13:49:59.0515 5404 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:49:59.0517 5404 USBSTOR - ok
13:49:59.0537 5404 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
13:49:59.0538 5404 usbuhci - ok
13:49:59.0587 5404 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
13:49:59.0589 5404 usbvideo - ok
13:49:59.0615 5404 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
13:49:59.0617 5404 UxSms - ok
13:49:59.0644 5404 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
13:49:59.0646 5404 VaultSvc - ok
13:49:59.0664 5404 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:49:59.0665 5404 vdrvroot - ok
13:49:59.0711 5404 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
13:49:59.0717 5404 vds - ok
13:49:59.0750 5404 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:49:59.0751 5404 vga - ok
13:49:59.0767 5404 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:49:59.0768 5404 VgaSave - ok
13:49:59.0800 5404 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:49:59.0803 5404 vhdmp - ok
13:49:59.0853 5404 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:49:59.0854 5404 viaagp - ok
13:49:59.0899 5404 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:49:59.0900 5404 ViaC7 - ok
13:49:59.0918 5404 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:49:59.0920 5404 viaide - ok
13:49:59.0957 5404 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
13:49:59.0959 5404 vmbus - ok
13:49:59.0980 5404 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
13:49:59.0981 5404 VMBusHID - ok
13:49:59.0998 5404 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:49:59.0999 5404 volmgr - ok
13:50:00.0041 5404 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:50:00.0044 5404 volmgrx - ok
13:50:00.0067 5404 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:50:00.0069 5404 volsnap - ok
13:50:00.0109 5404 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:50:00.0111 5404 vsmraid - ok
13:50:00.0212 5404 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
13:50:00.0220 5404 VSS - ok
13:50:00.0235 5404 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:50:00.0235 5404 vwifibus - ok
13:50:00.0270 5404 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:50:00.0271 5404 vwififlt - ok
13:50:00.0323 5404 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
13:50:00.0327 5404 W32Time - ok
13:50:00.0354 5404 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:50:00.0355 5404 WacomPen - ok
13:50:00.0403 5404 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:50:00.0403 5404 WANARP - ok
13:50:00.0406 5404 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:50:00.0407 5404 Wanarpv6 - ok
13:50:00.0553 5404 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
13:50:00.0563 5404 WatAdminSvc - ok
13:50:00.0663 5404 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
13:50:00.0673 5404 wbengine - ok
13:50:00.0708 5404 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
13:50:00.0710 5404 WbioSrvc - ok
13:50:00.0743 5404 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
13:50:00.0747 5404 wcncsvc - ok
13:50:00.0767 5404 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
13:50:00.0770 5404 WcsPlugInService - ok
13:50:00.0812 5404 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:50:00.0813 5404 Wd - ok
13:50:00.0851 5404 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:50:00.0856 5404 Wdf01000 - ok
13:50:00.0870 5404 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
13:50:00.0872 5404 WdiServiceHost - ok
13:50:00.0875 5404 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
13:50:00.0878 5404 WdiSystemHost - ok
13:50:00.0967 5404 Web Assistant Updater (efb3074bdbabe0a137d89d8e58f02392) C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
13:50:00.0968 5404 Web Assistant Updater - ok
13:50:01.0017 5404 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
13:50:01.0020 5404 WebClient - ok
13:50:01.0055 5404 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
13:50:01.0058 5404 Wecsvc - ok
13:50:01.0073 5404 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
13:50:01.0076 5404 wercplsupport - ok
13:50:01.0110 5404 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
13:50:01.0113 5404 WerSvc - ok
13:50:01.0128 5404 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:50:01.0130 5404 WfpLwf - ok
13:50:01.0161 5404 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:50:01.0162 5404 WIMMount - ok
13:50:01.0216 5404 winachsf (8b976d4ca270110111df4f313da0e6e8) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
13:50:01.0223 5404 winachsf - ok
13:50:01.0337 5404 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
13:50:01.0344 5404 WinDefend - ok
13:50:01.0348 5404 WinHttpAutoProxySvc - ok
13:50:01.0521 5404 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
13:50:01.0523 5404 Winmgmt - ok
13:50:01.0607 5404 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
13:50:01.0619 5404 WinRM - ok
13:50:01.0680 5404 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\drivers\WinUSB.sys
13:50:01.0681 5404 WinUsb - ok
13:50:01.0753 5404 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
13:50:01.0765 5404 Wlansvc - ok
13:50:01.0847 5404 wltrysvc (7fff34ae69dfb80f7b190aba31e00610) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
13:50:01.0867 5404 wltrysvc - ok
13:50:01.0909 5404 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:50:01.0910 5404 WmiAcpi - ok
13:50:01.0986 5404 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
13:50:01.0987 5404 wmiApSrv - ok
13:50:02.0125 5404 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:50:02.0133 5404 WMPNetworkSvc - ok
13:50:02.0153 5404 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
13:50:02.0156 5404 WPCSvc - ok
13:50:02.0192 5404 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
13:50:02.0195 5404 WPDBusEnum - ok
13:50:02.0259 5404 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:50:02.0261 5404 ws2ifsl - ok
13:50:02.0299 5404 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
13:50:02.0304 5404 wscsvc - ok
13:50:02.0312 5404 WSearch - ok
13:50:02.0449 5404 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
13:50:02.0468 5404 wuauserv - ok
13:50:02.0590 5404 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:50:02.0591 5404 WudfPf - ok
13:50:02.0613 5404 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:50:02.0615 5404 WUDFRd - ok
13:50:03.0465 5404 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
13:50:03.0468 5404 wudfsvc - ok
13:50:03.0504 5404 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
13:50:03.0507 5404 WwanSvc - ok
13:50:03.0536 5404 XAudio (894f963be999ba9db5aac3aed55b115d) C:\Windows\system32\DRIVERS\XAudio32.sys
13:50:03.0536 5404 XAudio - ok
13:50:03.0639 5404 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
13:50:03.0647 5404 YahooAUService - ok
13:50:03.0699 5404 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:50:03.0959 5404 \Device\Harddisk0\DR0 - ok
13:50:03.0962 5404 Boot (0x1200) (eef28a59018ce62f9d2fa2191a8af65a) \Device\Harddisk0\DR0\Partition0
13:50:03.0967 5404 \Device\Harddisk0\DR0\Partition0 - ok
13:50:03.0996 5404 Boot (0x1200) (49ebc141568cc05cce6eb8bbf80dd97e) \Device\Harddisk0\DR0\Partition1
13:50:03.0998 5404 \Device\Harddisk0\DR0\Partition1 - ok
13:50:04.0032 5404 Boot (0x1200) (fe75a5578542d32430ffaaf1c86f5ebe) \Device\Harddisk0\DR0\Partition2
13:50:04.0034 5404 \Device\Harddisk0\DR0\Partition2 - ok
13:50:04.0034 5404 ============================================================
13:50:04.0034 5404 Scan finished
13:50:04.0034 5404 ============================================================
13:50:04.0044 1608 Detected object count: 0
13:50:04.0044 1608 Actual detected object count: 0
13:50:14.0660 5384 Deinitialize success

#6 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 15 July 2012 - 02:45 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-15 13:52:18
-----------------------------
13:52:18.631 OS Version: Windows 6.1.7601 Service Pack 1
13:52:18.632 Number of processors: 4 586 0x2505
13:52:18.633 ComputerName: JON-PC UserName: Jon
13:52:19.836 Initialize success
13:53:18.406 AVAST engine defs: 12071500
13:56:05.149 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:56:05.152 Disk 0 Vendor: TOSHIBA_ GS00 Size: 152627MB BusType: 3
13:56:05.163 Disk 0 MBR read successfully
13:56:05.167 Disk 0 MBR scan
13:56:05.174 Disk 0 Windows VISTA default MBR code
13:56:05.177 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
13:56:05.198 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 752 MB offset 81920
13:56:05.238 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 149788 MB offset 1622016
13:56:05.269 Disk 0 Partition - 00 0F Extended LBA 2044 MB offset 308387840
13:56:05.308 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 2043 MB offset 308389888
13:56:05.402 Disk 0 scanning sectors +312573952
13:56:05.515 Disk 0 scanning C:\Windows\system32\drivers
13:56:24.929 Service scanning
13:56:46.582 Service MpKsl38264f4e c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3D4B829-D1FB-402E-8476-B75DBB10B890}\MpKsl38264f4e.sys **LOCKED** 32
13:57:17.268 Modules scanning
13:57:33.109 Disk 0 trace - called modules:
13:57:33.134 ntkrnlpa.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys halmacpi.dll iaStor.sys
13:57:33.145 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8816d5a8]
13:57:33.154 3 CLASSPNP.SYS[8c7c059e] -> nt!IofCallDriver -> [0x8816db00]
13:57:33.165 5 stdcfltn.sys[8c801896] -> nt!IofCallDriver -> [0x865f3890]
13:57:33.176 7 ACPI.sys[8c0a63d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x861e2028]
13:57:35.204 AVAST engine scan C:\Windows
13:57:37.360 AVAST engine scan C:\Windows\system32
14:01:58.821 AVAST engine scan C:\Windows\system32\drivers
14:02:20.264 AVAST engine scan C:\Users\Jon
14:02:28.302 File: C:\Users\Jon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CPQOJPDV\4ffe92461ad94[1].exe **INFECTED** Win32:BHO-AFC [Adw]
14:06:11.231 AVAST engine scan C:\ProgramData
14:06:31.967 Scan finished successfully
14:44:42.428 Disk 0 MBR has been saved successfully to "C:\Users\Jon\Desktop\MBR.dat"
14:44:42.435 The log file has been saved successfully to "C:\Users\Jon\Desktop\aswMBR.txt"

#7 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 15 July 2012 - 04:22 PM

ESET showed not threats. I don't see how to get it to produce a log.

This is all odd to me.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:27 PM

Posted 15 July 2012 - 07:03 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

adware cleaner

Launch it click on search

post the generated log

#9 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 16 July 2012 - 05:23 PM

Malwarebytes running now.

I have noticed some things going on. On my own forum I keep seeing links but when I refresh the links vanish. I started to check other places and I see links but when I refresh the links are gone.

I think my computer got infected when checking in new members. I manually approve them after checking up on them. Checking on new members exposes me once in awhile.

#10 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 16 July 2012 - 07:01 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.12.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jon :: JON-PC [administrator]

7/16/2012 5:17:34 PM
mbam-log-2012-07-16 (18-36-43).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 279500
Time elapsed: 1 hour(s), 12 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\ProgramData\DownloadnSave (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\data (PUP.DownloadnSave) -> No action taken.

Files Detected: 6
C:\ProgramData\DownloadnSave\content.js (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\background.html (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\dmkfbkihghbilchidapmmbdpnpfnhoic.crx (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\settings.ini (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\data\content.js (PUP.DownloadnSave) -> No action taken.
C:\ProgramData\DownloadnSave\data\jsondb.js (PUP.DownloadnSave) -> No action taken.

(end)

I had it fix the problems

rebooted and running again.

Edited by jonsidneyb, 16 July 2012 - 07:01 PM.


#11 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 16 July 2012 - 11:40 PM

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.12.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Jon :: JON-PC [administrator]

7/16/2012 10:08:45 PM
mbam-log-2012-07-16 (22-08-45).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 279225
Time elapsed: 1 hour(s), 15 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

#12 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 17 July 2012 - 12:16 AM

MiniToolBox by Farbar Version: 15-07-2012
Ran by Jon (administrator) on 16-07-2012 at 23:48:41
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82577LM Gigabit Network Connection = Local Area Connection (Connected)
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Jon-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ARRIS

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : C0-CB-38-CD-FB-EB
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 5C-AC-4C-53-05-F1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : ARRIS
Description . . . . . . . . . . . : Intel® 82577LM Gigabit Network Connection
Physical Address. . . . . . . . . : 5C-26-0A-0B-D6-AD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::e0b0:13f4:ad2d:4814%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 16, 2012 10:02:36 PM
Lease Expires . . . . . . . . . . : Tuesday, July 17, 2012 6:30:39 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 240920074
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-51-A5-B7-5C-26-0A-0B-D6-AD
DNS Servers . . . . . . . . . . . : 24.116.2.50
24.116.2.34
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.ARRIS:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : ARRIS
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C5BE6D32-0F9B-4772-A9F8-0318EBA226D3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{4E9B1004-169B-4C8B-8453-5C04C306C6C3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:18ce:394:3f57:fdfd(Preferred)
Link-local IPv6 Address . . . . . : fe80::18ce:394:3f57:fdfd%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 24.116.2.50

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging google.com [74.125.227.137] with 32 bytes of data:
Reply from 74.125.227.137: bytes=32 time=32ms TTL=54
Reply from 74.125.227.137: bytes=32 time=28ms TTL=54

Ping statistics for 74.125.227.137:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 28ms, Maximum = 32ms, Average = 30ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 24.116.2.50

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=65ms TTL=47
Reply from 72.30.38.140: bytes=32 time=62ms TTL=47

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 62ms, Maximum = 65ms, Average = 63ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 24.116.2.50

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...c0 cb 38 cd fb eb ......Bluetooth Device (Personal Area Network)
11...5c ac 4c 53 05 f1 ......DW1501 Wireless-N WLAN Half-Mini Card
10...5c 26 0a 0b d6 ad ......Intel® 82577LM Gigabit Network Connection
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.2 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.2 276
192.168.2.2 255.255.255.255 On-link 192.168.2.2 276
192.168.2.255 255.255.255.255 On-link 192.168.2.2 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.2 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.2 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:5ef5:79fd:18ce:394:3f57:fdfd/128
On-link
10 276 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::18ce:394:3f57:fdfd/128
On-link
10 276 fe80::e0b0:13f4:ad2d:4814/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/16/2012 01:06:02 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/15/2012 07:12:30 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_265.exe, version: 11.3.300.265, time stamp: 0x4febd5ac
Faulting module name: NPSWF32_11_3_300_265.dll, version: 11.3.300.265, time stamp: 0x4febd798
Exception code: 0xc0000005
Fault offset: 0x0016b5c4
Faulting process id: 0xed0
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_265.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_265.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_265.exe2
Report Id: FlashPlayerPlugin_11_3_300_265.exe3

Error: (07/15/2012 05:44:43 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/13/2012 03:24:03 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/12/2012 01:48:10 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (07/12/2012 07:20:50 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 13.0.1.4548 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d30

Start Time: 01cd6027706e7c33

Termination Time: 182

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: fd835ffe-cc1b-11e1-ac52-c0cb38cdfbeb

Error: (07/12/2012 06:20:02 AM) (Source: Application Error) (User: )
Description: Faulting application name: mbam.exe, version: 1.62.0.87, time stamp: 0x4fc6d5ba
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x00052d24
Faulting process id: 0xbb8
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3

Error: (07/04/2012 01:06:46 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16446 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7128

Start Time: 01cd5a0fc2cd809f

Termination Time: 8

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id:

Error: (06/27/2012 08:04:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_3_300_262.exe, version: 11.3.300.262, time stamp: 0x4fe20fae
Faulting module name: NPSWF32_11_3_300_262.dll, version: 11.3.300.262, time stamp: 0x4fe21212
Exception code: 0xc0000005
Fault offset: 0x00490fb1
Faulting process id: 0x11c0
Faulting application start time: 0xFlashPlayerPlugin_11_3_300_262.exe0
Faulting application path: FlashPlayerPlugin_11_3_300_262.exe1
Faulting module path: FlashPlayerPlugin_11_3_300_262.exe2
Report Id: FlashPlayerPlugin_11_3_300_262.exe3

Error: (06/27/2012 03:08:14 AM) (Source: CNET TechTracker) (User: Jon-PC)Jon-PC
Description: result: Scan Failed - General scan failure
computer: Jon-PC
scanned on: 6/27/2012 1:49 AM


System errors:
=============
Error: (07/16/2012 10:02:39 PM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (07/16/2012 08:43:24 PM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (07/16/2012 06:39:43 PM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (07/15/2012 10:48:38 PM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (07/15/2012 11:38:25 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (07/15/2012 05:11:55 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (07/14/2012 02:29:23 PM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (07/14/2012 02:29:17 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:27:57 PM on ?7/?14/?2012 was unexpected.

Error: (07/14/2012 02:27:16 AM) (Source: Service Control Manager) (User: )
Description: The Server service terminated with the following error:
%%14

Error: (07/14/2012 02:27:10 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
AccelerometerP11 (Version: 2.00.10.22)
Actual Multiple Monitors 4.0 (Version: 4.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
BioAPI Framework (Version: 1.0.2)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CNET TechTracker (Version: 2.1.0)
Conexant HDA D330 MDC V.92 Modem (Version: 7.80.4.0)
Custom (Version: 12.34.56.789)
Dell ControlVault Host Components Installer (Version: 2.0.20.159)
Dell Data Protection | Access (Version: 01.00.00.154)
Dell Data Protection | Access (Version: 2.0.00000.154)
Dell Data Protection | Access | Drivers (Version: 1.00.011)
Dell Data Protection | Access | Middleware (Version: 1.00.005)
Dell Edoc Viewer (Version: 1.0.0)
Dell System Manager (Version: 1.6.00000)
Dell Touchpad (Version: 7.1207.101.220)
DellAccess (Version: 01.00.00.078)
Digital Line Detect (Version: 1.21)
DW WLAN Card Utility (Version: 5.60.48.35)
EMBASSY Security Center (Version: 04.02.00.072)
ESET Online Scanner v3
Gemalto (Version: 01.01.01.0000)
Google Chrome (Version: 20.0.1132.57)
Google Update Helper (Version: 1.3.21.115)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2281)
Intel® Network Connections 15.2.89.0 (Version: 15.2.89.0)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Netwaiting (Version: 2.5.59)
NTRU TCG Software Stack (Version: 2.1.34)
PC-CCID (Version: 2.0.0)
Preboot Manager (Version: 03.02.00.066)
Private Information Manager (Version: 07.00.00.026)
RunAlyzer (Version: 1.6.1.24)
SPBA 5.9 (Version: 5.9.4.6686)
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware (Version: 5.1.1002)
Trusted Drive Manager (Version: 4.0.0.512)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
Wave Infrastructure Installer (Version: 07.02.40.0008)
Wave Support Software Installer (Version: 05.12.00.012)
Web Assistant 2.0.0.439
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
Yahoo! Messenger
Yahoo! Software Update

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 3505.85 MB
Available physical RAM: 2069.96 MB
Total Pagefile: 7009.99 MB
Available Pagefile: 5195.43 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.68 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:146.28 GB) (Free:112.34 GB) NTFS
2 Drive d: (READER) (Fixed) (Total:2 GB) (Free:1.96 GB) NTFS

========================= Users: ========================================

User accounts for \\JON-PC

Administrator Guest Jon


**** End of log ****

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:27 PM

Posted 17 July 2012 - 12:48 AM

Download

adware cleaner

Launch it click on search

post the generated log

What are you current issues?

#14 jonsidneyb

jonsidneyb
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 17 July 2012 - 01:06 AM

# AdwCleaner v1.702 - Logfile created 07/17/2012 at 01:04:17
# Updated 13/07/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : Jon - JON-PC
# Running from : C:\Users\Jon\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : Web Assistant Updater

***** [Files / Folders] *****

Folder Found : C:\Users\Jon\AppData\LocalLow\DownloadnSave
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\Program Files\Web Assistant
File Found : C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\g4kqtk5s.default\searchplugins\MyStart Search.xml

***** [Registry] *****

Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKLM\SOFTWARE\Web Assistant
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Users\Jon\AppData\Roaming\Mozilla\Firefox\Profiles\g4kqtk5s.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "MyStart Search");
Found : user_pref("extensions.4ffe9245e6c99.scode", "(function(){try{if('mystart.incredibar.com,premiumrepor[...]
Found : user_pref("extensions.incredibar.admin", false);
Found : user_pref("extensions.incredibar.aflt", "orgnl");
Found : user_pref("extensions.incredibar.cntry", "US");
Found : user_pref("extensions.incredibar.dfltLng", "");
Found : user_pref("extensions.incredibar.dfltSrch", false);
Found : user_pref("extensions.incredibar.did", "10650");
Found : user_pref("extensions.incredibar.excTlbr", false);
Found : user_pref("extensions.incredibar.hdrMd5", "A5C10A28B913960F07CDBCA6E95B5DC2");
Found : user_pref("extensions.incredibar.hmpg", false);
Found : user_pref("extensions.incredibar.id", "4a640808000000000000c0cb38cdfbeb");
Found : user_pref("extensions.incredibar.installerproductid", "26");
Found : user_pref("extensions.incredibar.instlDay", "15533");
Found : user_pref("extensions.incredibar.instlRef", "");
Found : user_pref("extensions.incredibar.isDcmntCmplt", true);
Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.144:02:08");
Found : user_pref("extensions.incredibar.newTab", false);
Found : user_pref("extensions.incredibar.noFFXTlbr", false);
Found : user_pref("extensions.incredibar.ppd", "34%5F6");
Found : user_pref("extensions.incredibar.prdct", "incredibar");
Found : user_pref("extensions.incredibar.productid", "26");
Found : user_pref("extensions.incredibar.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar.sg", "none");
Found : user_pref("extensions.incredibar.smplGrp", "none");
Found : user_pref("extensions.incredibar.tlbrId", "base");
Found : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8yKxSQMQ&loc=IB_T[...]
Found : user_pref("extensions.incredibar.upn2", "6R8yKxSQMQ");
Found : user_pref("extensions.incredibar.upn2n", "92824691641242308");
Found : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.144:02:08");
Found : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.aflt", "orgnl");
Found : user_pref("extensions.incredibar_i.dfltLng", "");
Found : user_pref("extensions.incredibar_i.did", "10650");
Found : user_pref("extensions.incredibar_i.excTlbr", false);
Found : user_pref("extensions.incredibar_i.id", "4a640808000000000000c0cb38cdfbeb");
Found : user_pref("extensions.incredibar_i.installerproductid", "26");
Found : user_pref("extensions.incredibar_i.instlDay", "15533");
Found : user_pref("extensions.incredibar_i.instlRef", "");
Found : user_pref("extensions.incredibar_i.ms_url_id", "");
Found : user_pref("extensions.incredibar_i.newTab", false);
Found : user_pref("extensions.incredibar_i.ppd", "34%5F6");
Found : user_pref("extensions.incredibar_i.prdct", "incredibar");
Found : user_pref("extensions.incredibar_i.productid", "26");
Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Found : user_pref("extensions.incredibar_i.smplGrp", "none");
Found : user_pref("extensions.incredibar_i.tlbrId", "base");
Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8yKxSQMQ&loc=IB[...]
Found : user_pref("extensions.incredibar_i.upn2", "6R8yKxSQMQ");
Found : user_pref("extensions.incredibar_i.upn2n", "92824691641242308");
Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.144:02:08");
Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\Jon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

I have been getting links appearing that should not be there. I don't know if it has stopped yet or not after running these items.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:27 PM

Posted 17 July 2012 - 01:11 AM

Restart the PC and let me know if you still have issues




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users