Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware and Redirect Help


  • This topic is locked This topic is locked
3 replies to this topic

#1 Bamr1

Bamr1

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 13 July 2012 - 01:00 PM

I have some form of malware that is constantly popping up ads in the lower right corner of the screen while browsing the internet in either Firefox or IE. I also get random re-directs.

I found " http://www.bleepingcomputer.com/forums/topic454045.html " and it described my problem to a tee. Even the screen shots. I don't know enough about computers to know if that fix would be the same as mine so I followed the first page requests of running TDSSKiller, aswmbr, and mini toolbox. The results are below. Please let me know what to do to get rid of this. I also had facebook tell me it froze my account because someone in Brazil tried to log on. I recently found another email account had been hacked as well. I need these people out of my computer.

12:04:25.0536 3804 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
12:04:26.0069 3804 ============================================================
12:04:26.0070 3804 Current date / time: 2012/07/13 12:04:26.0069
12:04:26.0070 3804 SystemInfo:
12:04:26.0070 3804
12:04:26.0070 3804 OS Version: 6.1.7601 ServicePack: 1.0
12:04:26.0070 3804 Product type: Workstation
12:04:26.0070 3804 ComputerName: OFFICE
12:04:26.0070 3804 UserName: Tim
12:04:26.0070 3804 Windows directory: C:\Windows
12:04:26.0070 3804 System windows directory: C:\Windows
12:04:26.0071 3804 Running under WOW64
12:04:26.0071 3804 Processor architecture: Intel x64
12:04:26.0071 3804 Number of processors: 1
12:04:26.0071 3804 Page size: 0x1000
12:04:26.0071 3804 Boot type: Normal boot
12:04:26.0071 3804 ============================================================
12:04:29.0309 3804 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
12:04:29.0355 3804 ============================================================
12:04:29.0356 3804 \Device\Harddisk0\DR0:
12:04:29.0356 3804 MBR partitions:
12:04:29.0357 3804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:04:29.0357 3804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38E09800
12:04:29.0357 3804 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38E3C000, BlocksNum 0x1549800
12:04:29.0357 3804 ============================================================
12:04:29.0414 3804 C: <-> \Device\Harddisk0\DR0\Partition1
12:04:29.0449 3804 D: <-> \Device\Harddisk0\DR0\Partition2
12:04:29.0520 3804 ============================================================
12:04:29.0520 3804 Initialize success
12:04:29.0520 3804 ============================================================
12:04:39.0531 15748 ============================================================
12:04:39.0531 15748 Scan started
12:04:39.0531 15748 Mode: Manual;
12:04:39.0531 15748 ============================================================
12:04:41.0275 15748 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
12:04:41.0280 15748 1394ohci - ok
12:04:41.0310 15748 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
12:04:41.0316 15748 ACPI - ok
12:04:41.0337 15748 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
12:04:41.0359 15748 AcpiPmi - ok
12:04:41.0512 15748 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:04:41.0545 15748 AdobeARMservice - ok
12:04:41.0876 15748 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:04:41.0881 15748 AdobeFlashPlayerUpdateSvc - ok
12:04:41.0965 15748 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
12:04:41.0974 15748 adp94xx - ok
12:04:42.0014 15748 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
12:04:42.0020 15748 adpahci - ok
12:04:42.0043 15748 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
12:04:42.0047 15748 adpu320 - ok
12:04:42.0120 15748 AE1000 (e005682ae8f8ec4eb05f2a70a16ea1c5) C:\Windows\system32\DRIVERS\ae1000w7.sys
12:04:42.0139 15748 AE1000 - ok
12:04:42.0169 15748 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
12:04:42.0170 15748 AeLookupSvc - ok
12:04:42.0226 15748 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
12:04:42.0234 15748 AFD - ok
12:04:42.0282 15748 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
12:04:42.0285 15748 agp440 - ok
12:04:42.0302 15748 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
12:04:42.0305 15748 ALG - ok
12:04:42.0330 15748 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
12:04:42.0333 15748 aliide - ok
12:04:42.0347 15748 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
12:04:42.0349 15748 amdide - ok
12:04:42.0392 15748 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
12:04:42.0401 15748 AmdK8 - ok
12:04:42.0421 15748 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
12:04:42.0423 15748 AmdPPM - ok
12:04:42.0455 15748 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
12:04:42.0458 15748 amdsata - ok
12:04:42.0489 15748 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
12:04:42.0492 15748 amdsbs - ok
12:04:42.0511 15748 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
12:04:42.0514 15748 amdxata - ok
12:04:42.0551 15748 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
12:04:42.0554 15748 AppID - ok
12:04:42.0583 15748 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
12:04:42.0585 15748 AppIDSvc - ok
12:04:42.0616 15748 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
12:04:42.0618 15748 Appinfo - ok
12:04:42.0652 15748 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
12:04:42.0654 15748 arc - ok
12:04:42.0676 15748 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
12:04:42.0679 15748 arcsas - ok
12:04:42.0707 15748 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
12:04:42.0732 15748 AsyncMac - ok
12:04:42.0772 15748 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
12:04:42.0775 15748 atapi - ok
12:04:42.0827 15748 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:04:42.0835 15748 AudioEndpointBuilder - ok
12:04:42.0848 15748 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
12:04:42.0855 15748 AudioSrv - ok
12:04:43.0134 15748 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
12:04:43.0217 15748 AVGIDSAgent - ok
12:04:43.0319 15748 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:04:43.0322 15748 AVGIDSDriver - ok
12:04:43.0348 15748 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
12:04:43.0350 15748 AVGIDSFilter - ok
12:04:43.0369 15748 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
12:04:43.0370 15748 AVGIDSHA - ok
12:04:43.0427 15748 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
12:04:43.0432 15748 Avgldx64 - ok
12:04:43.0452 15748 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
12:04:43.0454 15748 Avgmfx64 - ok
12:04:43.0475 15748 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
12:04:43.0477 15748 Avgrkx64 - ok
12:04:43.0510 15748 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
12:04:43.0515 15748 Avgtdia - ok
12:04:43.0661 15748 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
12:04:43.0668 15748 avgwd - ok
12:04:43.0724 15748 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
12:04:43.0728 15748 AxInstSV - ok
12:04:43.0768 15748 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
12:04:43.0774 15748 b06bdrv - ok
12:04:43.0810 15748 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
12:04:43.0814 15748 b57nd60a - ok
12:04:43.0899 15748 BBSvc (01a24b415926bb5f772dbe12459d97de) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
12:04:43.0913 15748 BBSvc - ok
12:04:43.0966 15748 BBUpdate (785de7abda13309d6065305542829e76) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
12:04:43.0980 15748 BBUpdate - ok
12:04:44.0011 15748 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
12:04:44.0014 15748 BDESVC - ok
12:04:44.0045 15748 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
12:04:44.0046 15748 Beep - ok
12:04:44.0113 15748 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
12:04:44.0122 15748 BFE - ok
12:04:44.0290 15748 BHDrvx64 (0163c18a9ebc4a76542790cec49f5120) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110225.002\BHDrvx64.sys
12:04:44.0322 15748 BHDrvx64 - ok
12:04:44.0448 15748 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
12:04:44.0477 15748 BITS - ok
12:04:44.0527 15748 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
12:04:44.0529 15748 blbdrive - ok
12:04:44.0566 15748 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
12:04:44.0576 15748 bowser - ok
12:04:44.0608 15748 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:04:44.0611 15748 BrFiltLo - ok
12:04:44.0627 15748 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:04:44.0629 15748 BrFiltUp - ok
12:04:44.0663 15748 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
12:04:44.0666 15748 Browser - ok
12:04:44.0693 15748 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
12:04:44.0698 15748 Brserid - ok
12:04:44.0718 15748 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
12:04:44.0720 15748 BrSerWdm - ok
12:04:44.0734 15748 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:04:44.0736 15748 BrUsbMdm - ok
12:04:44.0768 15748 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
12:04:44.0778 15748 BrUsbSer - ok
12:04:44.0801 15748 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
12:04:44.0805 15748 BTHMODEM - ok
12:04:44.0843 15748 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
12:04:44.0846 15748 bthserv - ok
12:04:44.0872 15748 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
12:04:44.0876 15748 cdfs - ok
12:04:44.0923 15748 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
12:04:44.0927 15748 cdrom - ok
12:04:44.0959 15748 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:04:44.0962 15748 CertPropSvc - ok
12:04:44.0995 15748 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
12:04:44.0997 15748 circlass - ok
12:04:45.0037 15748 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
12:04:45.0042 15748 CLFS - ok
12:04:45.0100 15748 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:04:45.0106 15748 clr_optimization_v2.0.50727_32 - ok
12:04:45.0143 15748 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:04:45.0148 15748 clr_optimization_v2.0.50727_64 - ok
12:04:45.0197 15748 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:04:45.0206 15748 clr_optimization_v4.0.30319_32 - ok
12:04:45.0232 15748 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:04:45.0236 15748 clr_optimization_v4.0.30319_64 - ok
12:04:45.0270 15748 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
12:04:45.0273 15748 CmBatt - ok
12:04:45.0316 15748 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
12:04:45.0318 15748 cmdide - ok
12:04:45.0375 15748 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
12:04:45.0421 15748 CNG - ok
12:04:45.0453 15748 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
12:04:45.0455 15748 Compbatt - ok
12:04:45.0493 15748 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
12:04:45.0495 15748 CompositeBus - ok
12:04:45.0508 15748 COMSysApp - ok
12:04:45.0530 15748 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
12:04:45.0532 15748 crcdisk - ok
12:04:45.0578 15748 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
12:04:45.0582 15748 CryptSvc - ok
12:04:45.0691 15748 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
12:04:45.0709 15748 cvhsvc - ok
12:04:45.0771 15748 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:04:45.0778 15748 DcomLaunch - ok
12:04:45.0806 15748 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
12:04:45.0812 15748 defragsvc - ok
12:04:45.0854 15748 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
12:04:45.0856 15748 DfsC - ok
12:04:45.0903 15748 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
12:04:45.0908 15748 Dhcp - ok
12:04:45.0933 15748 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
12:04:45.0936 15748 discache - ok
12:04:45.0975 15748 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
12:04:45.0978 15748 Disk - ok
12:04:46.0017 15748 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
12:04:46.0020 15748 Dnscache - ok
12:04:46.0052 15748 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
12:04:46.0057 15748 dot3svc - ok
12:04:46.0110 15748 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
12:04:46.0113 15748 Dot4 - ok
12:04:46.0237 15748 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
12:04:46.0243 15748 Dot4Print - ok
12:04:46.0282 15748 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
12:04:46.0284 15748 dot4usb - ok
12:04:46.0317 15748 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
12:04:46.0320 15748 DPS - ok
12:04:46.0360 15748 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
12:04:46.0362 15748 drmkaud - ok
12:04:46.0476 15748 dump_wmimmc - ok
12:04:46.0607 15748 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
12:04:46.0664 15748 DXGKrnl - ok
12:04:46.0754 15748 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
12:04:46.0816 15748 EapHost - ok
12:04:47.0019 15748 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
12:04:47.0080 15748 ebdrv - ok
12:04:47.0167 15748 eeCtrl (066108ae4c35835081598827a1a7d08d) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
12:04:47.0175 15748 eeCtrl - ok
12:04:47.0239 15748 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
12:04:47.0253 15748 EFS - ok
12:04:47.0323 15748 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
12:04:47.0333 15748 ehRecvr - ok
12:04:47.0366 15748 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
12:04:47.0370 15748 ehSched - ok
12:04:47.0422 15748 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
12:04:47.0450 15748 elxstor - ok
12:04:47.0644 15748 EraserUtilRebootDrv (12866876e3851f1e5d462b2a83e25578) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:04:47.0649 15748 EraserUtilRebootDrv - ok
12:04:47.0698 15748 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
12:04:47.0704 15748 ErrDev - ok
12:04:47.0755 15748 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
12:04:47.0761 15748 EventSystem - ok
12:04:47.0796 15748 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
12:04:47.0800 15748 exfat - ok
12:04:47.0823 15748 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
12:04:47.0827 15748 fastfat - ok
12:04:47.0878 15748 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
12:04:47.0888 15748 Fax - ok
12:04:47.0912 15748 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
12:04:47.0914 15748 fdc - ok
12:04:47.0980 15748 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
12:04:47.0985 15748 fdPHost - ok
12:04:48.0019 15748 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
12:04:48.0030 15748 FDResPub - ok
12:04:48.0067 15748 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
12:04:48.0076 15748 FileInfo - ok
12:04:48.0120 15748 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
12:04:48.0123 15748 Filetrace - ok
12:04:48.0738 15748 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:04:48.0816 15748 FLEXnet Licensing Service - ok
12:04:48.0855 15748 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
12:04:48.0859 15748 flpydisk - ok
12:04:48.0982 15748 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
12:04:48.0992 15748 FltMgr - ok
12:04:49.0282 15748 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
12:04:49.0313 15748 FontCache - ok
12:04:49.0377 15748 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:04:49.0380 15748 FontCache3.0.0.0 - ok
12:04:49.0416 15748 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
12:04:49.0419 15748 FsDepends - ok
12:04:49.0448 15748 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
12:04:49.0449 15748 Fs_Rec - ok
12:04:49.0491 15748 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
12:04:49.0494 15748 fvevol - ok
12:04:49.0528 15748 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:04:49.0530 15748 gagp30kx - ok
12:04:49.0591 15748 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
12:04:49.0597 15748 GameConsoleService - ok
12:04:49.0638 15748 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
12:04:49.0648 15748 gpsvc - ok
12:04:49.0710 15748 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:04:49.0714 15748 gupdate - ok
12:04:49.0746 15748 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:04:49.0748 15748 gupdatem - ok
12:04:49.0774 15748 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
12:04:49.0776 15748 hcw85cir - ok
12:04:49.0816 15748 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
12:04:49.0825 15748 HDAudBus - ok
12:04:49.0855 15748 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
12:04:49.0859 15748 HidBatt - ok
12:04:49.0888 15748 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
12:04:49.0891 15748 HidBth - ok
12:04:49.0920 15748 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
12:04:49.0922 15748 HidIr - ok
12:04:49.0965 15748 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
12:04:49.0968 15748 hidserv - ok
12:04:50.0024 15748 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
12:04:50.0026 15748 HidUsb - ok
12:04:50.0064 15748 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
12:04:50.0067 15748 hkmsvc - ok
12:04:50.0102 15748 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
12:04:50.0115 15748 HomeGroupListener - ok
12:04:50.0144 15748 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
12:04:50.0148 15748 HomeGroupProvider - ok
12:04:50.0228 15748 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:04:50.0245 15748 HP Support Assistant Service - ok
12:04:50.0307 15748 HPDrvMntSvc.exe (bcc4a8b2e2e902f52e7f2e7d8e125765) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:04:50.0334 15748 HPDrvMntSvc.exe - ok
12:04:50.0422 15748 hpqcxs08 (08457d8f8149757c70cea59c71ec5d27) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:04:50.0428 15748 hpqcxs08 - ok
12:04:50.0457 15748 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:04:50.0531 15748 hpqddsvc - ok
12:04:50.0584 15748 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:04:50.0597 15748 hpqwmiex - ok
12:04:50.0691 15748 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
12:04:50.0694 15748 HpSAMD - ok
12:04:50.0749 15748 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:04:50.0762 15748 HPSLPSVC - ok
12:04:50.0808 15748 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
12:04:50.0818 15748 HTTP - ok
12:04:50.0852 15748 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
12:04:50.0854 15748 hwpolicy - ok
12:04:50.0885 15748 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
12:04:50.0892 15748 i8042prt - ok
12:04:50.0931 15748 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
12:04:50.0937 15748 iaStorV - ok
12:04:51.0005 15748 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:04:51.0017 15748 idsvc - ok
12:04:51.0132 15748 IDSVia64 (6f9b281bc4afff5fe784d7da699d347f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110308.003\IDSvia64.sys
12:04:51.0153 15748 IDSVia64 - ok
12:04:51.0218 15748 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
12:04:51.0220 15748 iirsp - ok
12:04:51.0775 15748 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
12:04:51.0825 15748 IKEEXT - ok
12:04:52.0170 15748 IntcAzAudAddService (ef75c94792187a143871fbb87611b0b7) C:\Windows\system32\drivers\RTKVHD64.sys
12:04:52.0237 15748 IntcAzAudAddService - ok
12:04:52.0336 15748 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
12:04:52.0343 15748 intelide - ok
12:04:52.0381 15748 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
12:04:52.0384 15748 intelppm - ok
12:04:52.0411 15748 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
12:04:52.0414 15748 IPBusEnum - ok
12:04:52.0447 15748 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:04:52.0449 15748 IpFilterDriver - ok
12:04:52.0481 15748 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
12:04:52.0489 15748 iphlpsvc - ok
12:04:52.0511 15748 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
12:04:52.0513 15748 IPMIDRV - ok
12:04:52.0541 15748 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
12:04:52.0544 15748 IPNAT - ok
12:04:52.0570 15748 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
12:04:52.0574 15748 IRENUM - ok
12:04:52.0593 15748 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
12:04:52.0596 15748 isapnp - ok
12:04:52.0623 15748 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
12:04:52.0628 15748 iScsiPrt - ok
12:04:52.0657 15748 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
12:04:52.0659 15748 kbdclass - ok
12:04:52.0689 15748 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
12:04:52.0693 15748 kbdhid - ok
12:04:52.0724 15748 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:04:52.0727 15748 KeyIso - ok
12:04:52.0764 15748 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
12:04:52.0767 15748 KSecDD - ok
12:04:52.0799 15748 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
12:04:52.0802 15748 KSecPkg - ok
12:04:52.0845 15748 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
12:04:52.0847 15748 ksthunk - ok
12:04:52.0888 15748 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
12:04:52.0895 15748 KtmRm - ok
12:04:52.0942 15748 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
12:04:52.0947 15748 LanmanServer - ok
12:04:52.0983 15748 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
12:04:52.0987 15748 LanmanWorkstation - ok
12:04:53.0061 15748 LightScribeService (b1e1c8bb1392537e4d415fcdcb93b1d3) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:04:53.0129 15748 LightScribeService - ok
12:04:53.0166 15748 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
12:04:53.0168 15748 lltdio - ok
12:04:53.0206 15748 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
12:04:53.0212 15748 lltdsvc - ok
12:04:53.0229 15748 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
12:04:53.0233 15748 lmhosts - ok
12:04:53.0271 15748 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:04:53.0274 15748 LSI_FC - ok
12:04:53.0296 15748 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:04:53.0301 15748 LSI_SAS - ok
12:04:53.0320 15748 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:04:53.0322 15748 LSI_SAS2 - ok
12:04:53.0363 15748 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:04:53.0366 15748 LSI_SCSI - ok
12:04:53.0397 15748 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
12:04:53.0400 15748 luafv - ok
12:04:53.0462 15748 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
12:04:53.0466 15748 McComponentHostService - ok
12:04:53.0501 15748 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
12:04:53.0505 15748 Mcx2Svc - ok
12:04:53.0523 15748 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
12:04:53.0525 15748 megasas - ok
12:04:53.0555 15748 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
12:04:53.0560 15748 MegaSR - ok
12:04:53.0601 15748 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:04:53.0603 15748 MMCSS - ok
12:04:53.0686 15748 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
12:04:53.0708 15748 Modem - ok
12:04:53.0788 15748 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
12:04:53.0791 15748 monitor - ok
12:04:53.0859 15748 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
12:04:53.0863 15748 mouclass - ok
12:04:53.0907 15748 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
12:04:53.0911 15748 mouhid - ok
12:04:53.0957 15748 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
12:04:53.0960 15748 mountmgr - ok
12:04:54.0039 15748 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:04:54.0043 15748 MozillaMaintenance - ok
12:04:54.0076 15748 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
12:04:54.0080 15748 mpio - ok
12:04:54.0109 15748 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
12:04:54.0112 15748 mpsdrv - ok
12:04:54.0164 15748 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
12:04:54.0176 15748 MpsSvc - ok
12:04:54.0213 15748 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
12:04:54.0216 15748 MRxDAV - ok
12:04:54.0267 15748 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:04:54.0276 15748 mrxsmb - ok
12:04:54.0323 15748 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:04:54.0329 15748 mrxsmb10 - ok
12:04:54.0355 15748 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:04:54.0358 15748 mrxsmb20 - ok
12:04:54.0392 15748 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
12:04:54.0394 15748 msahci - ok
12:04:54.0414 15748 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
12:04:54.0417 15748 msdsm - ok
12:04:54.0443 15748 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
12:04:54.0447 15748 MSDTC - ok
12:04:54.0486 15748 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
12:04:54.0488 15748 Msfs - ok
12:04:54.0513 15748 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
12:04:54.0514 15748 mshidkmdf - ok
12:04:54.0553 15748 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
12:04:54.0556 15748 msisadrv - ok
12:04:54.0598 15748 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
12:04:54.0602 15748 MSiSCSI - ok
12:04:54.0613 15748 msiserver - ok
12:04:54.0660 15748 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
12:04:54.0662 15748 MSKSSRV - ok
12:04:54.0683 15748 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
12:04:54.0684 15748 MSPCLOCK - ok
12:04:54.0705 15748 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
12:04:54.0707 15748 MSPQM - ok
12:04:54.0741 15748 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
12:04:54.0746 15748 MsRPC - ok
12:04:54.0793 15748 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
12:04:54.0795 15748 mssmbios - ok
12:04:54.0813 15748 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
12:04:54.0814 15748 MSTEE - ok
12:04:54.0835 15748 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
12:04:54.0836 15748 MTConfig - ok
12:04:54.0855 15748 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
12:04:54.0859 15748 Mup - ok
12:04:54.0891 15748 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
12:04:54.0899 15748 napagent - ok
12:04:54.0964 15748 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
12:04:54.0979 15748 NativeWifiP - ok
12:04:55.0087 15748 NAVENG (7be93dbb02b66e72872ff76d8a92e662) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110309.039\ENG64.SYS
12:04:55.0092 15748 NAVENG - ok
12:04:55.0165 15748 NAVEX15 (be99edbba322ca59b3f2fe17b9bf987a) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110309.039\EX64.SYS
12:04:55.0197 15748 NAVEX15 - ok
12:04:55.0331 15748 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
12:04:55.0346 15748 NDIS - ok
12:04:55.0382 15748 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
12:04:55.0384 15748 NdisCap - ok
12:04:55.0401 15748 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
12:04:55.0402 15748 NdisTapi - ok
12:04:55.0440 15748 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
12:04:55.0442 15748 Ndisuio - ok
12:04:55.0500 15748 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
12:04:55.0503 15748 NdisWan - ok
12:04:55.0534 15748 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
12:04:55.0536 15748 NDProxy - ok
12:04:55.0578 15748 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
12:04:55.0617 15748 Net Driver HPZ12 - ok
12:04:55.0646 15748 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
12:04:55.0648 15748 NetBIOS - ok
12:04:55.0681 15748 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
12:04:55.0686 15748 NetBT - ok
12:04:55.0713 15748 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:04:55.0714 15748 Netlogon - ok
12:04:55.0758 15748 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
12:04:55.0765 15748 Netman - ok
12:04:55.0801 15748 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
12:04:55.0808 15748 netprofm - ok
12:04:55.0856 15748 netr7364 (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
12:04:55.0866 15748 netr7364 - ok
12:04:55.0919 15748 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:04:55.0922 15748 NetTcpPortSharing - ok
12:04:55.0952 15748 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
12:04:55.0957 15748 nfrd960 - ok
12:04:56.0050 15748 NIS (e78a365cc3e0fbfc018a33dce01909f8) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
12:04:56.0055 15748 NIS - ok
12:04:56.0114 15748 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
12:04:56.0120 15748 NlaSvc - ok
12:04:56.0148 15748 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
12:04:56.0150 15748 Npfs - ok
12:04:56.0173 15748 npggsvc - ok
12:04:56.0190 15748 NPPTNT2 - ok
12:04:56.0218 15748 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
12:04:56.0221 15748 nsi - ok
12:04:56.0239 15748 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
12:04:56.0241 15748 nsiproxy - ok
12:04:56.0325 15748 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
12:04:56.0395 15748 Ntfs - ok
12:04:56.0477 15748 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
12:04:56.0507 15748 Null - ok
12:04:57.0168 15748 nvlddmkm (181b6e6f49f9f3ad05589b48e29ba167) C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:04:57.0368 15748 nvlddmkm - ok
12:04:57.0439 15748 NVNET (909eedcbd365bb81027d8e742e6b3416) C:\Windows\system32\DRIVERS\nvmf6264.sys
12:04:57.0453 15748 NVNET - ok
12:04:57.0547 15748 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
12:04:57.0553 15748 nvraid - ok
12:04:57.0590 15748 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
12:04:57.0593 15748 nvstor - ok
12:04:57.0621 15748 nvstor64 (1e45f96342429d63dc30e0d9117da3d8) C:\Windows\system32\DRIVERS\nvstor64.sys
12:04:57.0623 15748 nvstor64 - ok
12:04:57.0675 15748 nvsvc (b5b5da18380f625c34b88b93d09d7d40) C:\Windows\system32\nvvsvc.exe
12:04:57.0681 15748 nvsvc - ok
12:04:57.0715 15748 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
12:04:57.0718 15748 nv_agp - ok
12:04:57.0823 15748 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:04:57.0834 15748 odserv - ok
12:04:57.0861 15748 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
12:04:57.0864 15748 ohci1394 - ok
12:04:57.0904 15748 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:04:57.0908 15748 ose - ok
12:04:58.0069 15748 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:04:58.0158 15748 osppsvc - ok
12:04:58.0239 15748 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:04:58.0246 15748 p2pimsvc - ok
12:04:58.0274 15748 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
12:04:58.0281 15748 p2psvc - ok
12:04:58.0304 15748 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
12:04:58.0308 15748 Parport - ok
12:04:58.0345 15748 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
12:04:58.0347 15748 partmgr - ok
12:04:58.0373 15748 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
12:04:58.0377 15748 PcaSvc - ok
12:04:58.0422 15748 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
12:04:58.0426 15748 pci - ok
12:04:58.0449 15748 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
12:04:58.0451 15748 pciide - ok
12:04:58.0506 15748 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
12:04:58.0513 15748 pcmcia - ok
12:04:58.0544 15748 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
12:04:58.0546 15748 pcw - ok
12:04:58.0581 15748 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
12:04:58.0589 15748 PEAUTH - ok
12:04:58.0643 15748 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
12:04:58.0645 15748 PerfHost - ok
12:04:58.0730 15748 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
12:04:58.0760 15748 pla - ok
12:04:58.0800 15748 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
12:04:58.0808 15748 PlugPlay - ok
12:04:58.0913 15748 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
12:04:58.0976 15748 Pml Driver HPZ12 - ok
12:04:59.0003 15748 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
12:04:59.0006 15748 PNRPAutoReg - ok
12:04:59.0032 15748 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
12:04:59.0036 15748 PNRPsvc - ok
12:04:59.0082 15748 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
12:04:59.0089 15748 PolicyAgent - ok
12:04:59.0122 15748 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
12:04:59.0126 15748 Power - ok
12:04:59.0192 15748 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
12:04:59.0195 15748 PptpMiniport - ok
12:04:59.0247 15748 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
12:04:59.0251 15748 Processor - ok
12:04:59.0308 15748 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
12:04:59.0322 15748 ProfSvc - ok
12:04:59.0344 15748 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:04:59.0345 15748 ProtectedStorage - ok
12:04:59.0404 15748 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
12:04:59.0407 15748 Psched - ok
12:04:59.0476 15748 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
12:04:59.0505 15748 ql2300 - ok
12:04:59.0604 15748 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
12:04:59.0608 15748 ql40xx - ok
12:04:59.0650 15748 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
12:04:59.0655 15748 QWAVE - ok
12:04:59.0687 15748 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
12:04:59.0689 15748 QWAVEdrv - ok
12:04:59.0710 15748 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
12:04:59.0712 15748 RasAcd - ok
12:04:59.0752 15748 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:04:59.0755 15748 RasAgileVpn - ok
12:04:59.0776 15748 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
12:04:59.0780 15748 RasAuto - ok
12:04:59.0816 15748 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:04:59.0818 15748 Rasl2tp - ok
12:04:59.0854 15748 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
12:04:59.0861 15748 RasMan - ok
12:04:59.0895 15748 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
12:04:59.0898 15748 RasPppoe - ok
12:04:59.0915 15748 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
12:04:59.0917 15748 RasSstp - ok
12:04:59.0943 15748 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
12:04:59.0947 15748 rdbss - ok
12:04:59.0981 15748 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
12:04:59.0983 15748 rdpbus - ok
12:05:00.0003 15748 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:00.0017 15748 RDPCDD - ok
12:05:00.0050 15748 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
12:05:00.0059 15748 RDPENCDD - ok
12:05:00.0079 15748 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
12:05:00.0115 15748 RDPREFMP - ok
12:05:00.0147 15748 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
12:05:00.0214 15748 RDPWD - ok
12:05:00.0259 15748 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
12:05:00.0268 15748 rdyboost - ok
12:05:00.0297 15748 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
12:05:00.0319 15748 RemoteAccess - ok
12:05:00.0339 15748 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
12:05:00.0465 15748 RemoteRegistry - ok
12:05:00.0529 15748 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:05:00.0556 15748 RimUsb - ok
12:05:00.0909 15748 RosettaStoneDaemon (e7062dbd907e0c5ceeb5abdaf07e6b32) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
12:05:01.0091 15748 RosettaStoneDaemon - ok
12:05:01.0345 15748 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
12:05:01.0382 15748 RpcEptMapper - ok
12:05:01.0506 15748 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
12:05:01.0519 15748 RpcLocator - ok
12:05:01.0603 15748 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
12:05:01.0608 15748 RpcSs - ok
12:05:01.0692 15748 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
12:05:01.0758 15748 rspndr - ok
12:05:01.0970 15748 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:05:01.0971 15748 SamSs - ok
12:05:02.0182 15748 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
12:05:02.0215 15748 sbp2port - ok
12:05:02.0517 15748 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
12:05:02.0592 15748 SCardSvr - ok
12:05:02.0664 15748 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
12:05:02.0666 15748 scfilter - ok
12:05:02.0963 15748 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
12:05:02.0994 15748 Schedule - ok
12:05:03.0036 15748 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
12:05:03.0038 15748 SCPolicySvc - ok
12:05:03.0120 15748 SDHookDriver (16080b87c1992415be20a83fe8da1b14) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys
12:05:03.0123 15748 SDHookDriver - ok
12:05:03.0142 15748 SDHookService (5c31070d5a528d637322562e2a30e0e5) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe
12:05:03.0146 15748 SDHookService - ok
12:05:03.0189 15748 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
12:05:03.0201 15748 SDRSVC - ok
12:05:03.0254 15748 SDScannerService (d466f51e3ad125621c13abdaf0c5b2ed) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:05:03.0269 15748 SDScannerService - ok
12:05:03.0332 15748 SDUpdateService (2dc25b4940bbdd9aeee516adcaebd3c9) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:05:03.0345 15748 SDUpdateService - ok
12:05:03.0373 15748 SDWSCService (c73b8c61891e1674d3f810cabf75ffe8) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:05:03.0375 15748 SDWSCService - ok
12:05:03.0478 15748 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
12:05:03.0480 15748 secdrv - ok
12:05:03.0507 15748 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
12:05:03.0511 15748 seclogon - ok
12:05:03.0559 15748 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
12:05:03.0562 15748 SENS - ok
12:05:03.0579 15748 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
12:05:03.0583 15748 SensrSvc - ok
12:05:03.0610 15748 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
12:05:03.0612 15748 Serenum - ok
12:05:03.0636 15748 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
12:05:03.0639 15748 Serial - ok
12:05:03.0664 15748 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
12:05:03.0667 15748 sermouse - ok
12:05:03.0721 15748 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
12:05:03.0724 15748 SessionEnv - ok
12:05:03.0752 15748 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
12:05:03.0755 15748 sffdisk - ok
12:05:03.0778 15748 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
12:05:03.0780 15748 sffp_mmc - ok
12:05:03.0794 15748 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
12:05:03.0796 15748 sffp_sd - ok
12:05:03.0822 15748 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
12:05:03.0824 15748 sfloppy - ok
12:05:03.0877 15748 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
12:05:03.0893 15748 Sftfs - ok
12:05:04.0006 15748 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
12:05:04.0026 15748 sftlist - ok
12:05:04.0063 15748 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
12:05:04.0068 15748 Sftplay - ok
12:05:04.0089 15748 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
12:05:04.0091 15748 Sftredir - ok
12:05:04.0122 15748 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
12:05:04.0126 15748 Sftvol - ok
12:05:04.0144 15748 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
12:05:04.0149 15748 sftvsa - ok
12:05:04.0182 15748 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
12:05:04.0188 15748 SharedAccess - ok
12:05:04.0235 15748 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
12:05:04.0241 15748 ShellHWDetection - ok
12:05:04.0266 15748 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:05:04.0268 15748 SiSRaid2 - ok
12:05:04.0289 15748 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
12:05:04.0293 15748 SiSRaid4 - ok
12:05:04.0328 15748 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
12:05:04.0331 15748 Smb - ok
12:05:04.0377 15748 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
12:05:04.0381 15748 SNMPTRAP - ok
12:05:04.0397 15748 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
12:05:04.0399 15748 spldr - ok
12:05:04.0443 15748 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
12:05:04.0452 15748 Spooler - ok
12:05:04.0562 15748 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
12:05:04.0628 15748 sppsvc - ok
12:05:04.0720 15748 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
12:05:04.0726 15748 sppuinotify - ok
12:05:04.0833 15748 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS
12:05:04.0846 15748 SRTSP - ok
12:05:04.0876 15748 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS
12:05:04.0879 15748 SRTSPX - ok
12:05:04.0921 15748 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
12:05:04.0928 15748 srv - ok
12:05:04.0961 15748 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
12:05:04.0967 15748 srv2 - ok
12:05:04.0999 15748 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
12:05:05.0015 15748 srvnet - ok
12:05:05.0143 15748 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
12:05:05.0153 15748 SSDPSRV - ok
12:05:05.0188 15748 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
12:05:05.0191 15748 SstpSvc - ok
12:05:05.0221 15748 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
12:05:05.0222 15748 stexstor - ok
12:05:05.0278 15748 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
12:05:05.0288 15748 stisvc - ok
12:05:05.0323 15748 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
12:05:05.0334 15748 swenum - ok
12:05:05.0376 15748 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
12:05:05.0385 15748 swprv - ok
12:05:05.0458 15748 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS
12:05:05.0467 15748 SymDS - ok
12:05:05.0518 15748 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS
12:05:05.0536 15748 SymEFA - ok
12:05:05.0598 15748 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
12:05:05.0602 15748 SymEvent - ok
12:05:05.0622 15748 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS
12:05:05.0626 15748 SymIRON - ok
12:05:05.0693 15748 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS
12:05:05.0701 15748 SymNetS - ok
12:05:05.0791 15748 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
12:05:05.0827 15748 SysMain - ok
12:05:05.0926 15748 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
12:05:05.0934 15748 TabletInputService - ok
12:05:05.0971 15748 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
12:05:05.0977 15748 TapiSrv - ok
12:05:06.0003 15748 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
12:05:06.0009 15748 TBS - ok
12:05:06.0097 15748 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
12:05:06.0139 15748 Tcpip - ok
12:05:06.0311 15748 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
12:05:06.0326 15748 TCPIP6 - ok
12:05:06.0397 15748 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
12:05:06.0399 15748 tcpipreg - ok
12:05:06.0449 15748 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
12:05:06.0459 15748 TDPIPE - ok
12:05:06.0501 15748 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
12:05:06.0503 15748 TDTCP - ok
12:05:06.0590 15748 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
12:05:06.0611 15748 tdx - ok
12:05:06.0929 15748 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
12:05:06.0934 15748 TermDD - ok
12:05:07.0056 15748 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
12:05:07.0092 15748 TermService - ok
12:05:07.0151 15748 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
12:05:07.0155 15748 Themes - ok
12:05:07.0220 15748 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
12:05:07.0223 15748 THREADORDER - ok
12:05:07.0250 15748 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
12:05:07.0255 15748 TrkWks - ok
12:05:07.0308 15748 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
12:05:07.0311 15748 TrustedInstaller - ok
12:05:07.0343 15748 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:05:07.0345 15748 tssecsrv - ok
12:05:07.0387 15748 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
12:05:07.0396 15748 TsUsbFlt - ok
12:05:07.0428 15748 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
12:05:07.0452 15748 tunnel - ok
12:05:07.0548 15748 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
12:05:07.0554 15748 uagp35 - ok
12:05:07.0650 15748 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
12:05:07.0660 15748 udfs - ok
12:05:07.0703 15748 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
12:05:07.0707 15748 UI0Detect - ok
12:05:07.0744 15748 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
12:05:07.0746 15748 uliagpkx - ok
12:05:07.0778 15748 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
12:05:07.0781 15748 umbus - ok
12:05:07.0803 15748 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
12:05:07.0804 15748 UmPass - ok
12:05:07.0833 15748 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
12:05:07.0839 15748 upnphost - ok
12:05:07.0875 15748 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
12:05:07.0878 15748 usbaudio - ok
12:05:07.0898 15748 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
12:05:07.0901 15748 usbccgp - ok
12:05:07.0920 15748 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
12:05:07.0923 15748 usbcir - ok
12:05:07.0938 15748 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
12:05:07.0940 15748 usbehci - ok
12:05:07.0977 15748 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
12:05:07.0983 15748 usbhub - ok
12:05:08.0001 15748 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
12:05:08.0003 15748 usbohci - ok
12:05:08.0051 15748 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
12:05:08.0055 15748 usbprint - ok
12:05:08.0075 15748 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:05:08.0078 15748 USBSTOR - ok
12:05:08.0099 15748 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
12:05:08.0101 15748 usbuhci - ok
12:05:08.0130 15748 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
12:05:08.0134 15748 UxSms - ok
12:05:08.0167 15748 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
12:05:08.0168 15748 VaultSvc - ok
12:05:08.0199 15748 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
12:05:08.0200 15748 vdrvroot - ok
12:05:08.0247 15748 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
12:05:08.0256 15748 vds - ok
12:05:08.0279 15748 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
12:05:08.0281 15748 vga - ok
12:05:08.0305 15748 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
12:05:08.0307 15748 VgaSave - ok
12:05:08.0334 15748 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
12:05:08.0337 15748 vhdmp - ok
12:05:08.0357 15748 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
12:05:08.0361 15748 viaide - ok
12:05:08.0385 15748 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
12:05:08.0389 15748 volmgr - ok
12:05:08.0427 15748 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
12:05:08.0436 15748 volmgrx - ok
12:05:08.0461 15748 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
12:05:08.0465 15748 volsnap - ok
12:05:08.0493 15748 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
12:05:08.0497 15748 vsmraid - ok
12:05:08.0569 15748 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
12:05:08.0601 15748 VSS - ok
12:05:08.0701 15748 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
12:05:08.0713 15748 vToolbarUpdater11.2.0 - ok
12:05:08.0816 15748 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
12:05:08.0821 15748 vwifibus - ok
12:05:08.0849 15748 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
12:05:08.0852 15748 vwififlt - ok
12:05:08.0879 15748 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
12:05:08.0881 15748 vwifimp - ok
12:05:08.0918 15748 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
12:05:08.0925 15748 W32Time - ok
12:05:08.0952 15748 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
12:05:08.0955 15748 WacomPen - ok
12:05:08.0998 15748 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:05:09.0000 15748 WANARP - ok
12:05:09.0012 15748 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
12:05:09.0013 15748 Wanarpv6 - ok
12:05:09.0083 15748 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
12:05:09.0109 15748 WatAdminSvc - ok
12:05:09.0171 15748 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
12:05:09.0231 15748 wbengine - ok
12:05:09.0316 15748 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
12:05:09.0326 15748 WbioSrvc - ok
12:05:09.0365 15748 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
12:05:09.0373 15748 wcncsvc - ok
12:05:09.0402 15748 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
12:05:09.0406 15748 WcsPlugInService - ok
12:05:09.0449 15748 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
12:05:09.0451 15748 Wd - ok
12:05:09.0498 15748 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
12:05:09.0507 15748 Wdf01000 - ok
12:05:09.0524 15748 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:05:09.0530 15748 WdiServiceHost - ok
12:05:09.0541 15748 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
12:05:09.0544 15748 WdiSystemHost - ok
12:05:09.0585 15748 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
12:05:09.0591 15748 WebClient - ok
12:05:09.0625 15748 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
12:05:09.0633 15748 Wecsvc - ok
12:05:09.0669 15748 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
12:05:09.0673 15748 wercplsupport - ok
12:05:09.0703 15748 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
12:05:09.0707 15748 WerSvc - ok
12:05:09.0750 15748 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
12:05:09.0752 15748 WfpLwf - ok
12:05:09.0775 15748 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
12:05:09.0777 15748 WIMMount - ok
12:05:09.0813 15748 WinDefend - ok
12:05:09.0830 15748 WinHttpAutoProxySvc - ok
12:05:09.0879 15748 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
12:05:09.0903 15748 Winmgmt - ok
12:05:10.0000 15748 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
12:05:10.0042 15748 WinRM - ok
12:05:10.0205 15748 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
12:05:10.0217 15748 Wlansvc - ok
12:05:10.0251 15748 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
12:05:10.0254 15748 WmiAcpi - ok
12:05:10.0303 15748 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
12:05:10.0308 15748 wmiApSrv - ok
12:05:10.0364 15748 WMPNetworkSvc - ok
12:05:10.0392 15748 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
12:05:10.0396 15748 WPCSvc - ok
12:05:10.0435 15748 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
12:05:10.0439 15748 WPDBusEnum - ok
12:05:10.0471 15748 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
12:05:10.0474 15748 ws2ifsl - ok
12:05:10.0495 15748 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
12:05:10.0498 15748 wscsvc - ok
12:05:10.0510 15748 WSearch - ok
12:05:10.0605 15748 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
12:05:10.0652 15748 wuauserv - ok
12:05:10.0765 15748 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
12:05:10.0770 15748 WudfPf - ok
12:05:10.0816 15748 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:05:10.0819 15748 WUDFRd - ok
12:05:10.0856 15748 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
12:05:10.0860 15748 wudfsvc - ok
12:05:10.0891 15748 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
12:05:10.0896 15748 WwanSvc - ok
12:05:10.0959 15748 MBR (0x1B8) (e9e1952e8c9ff3cb45f3696d0c75f6d8) \Device\Harddisk0\DR0
12:05:11.0068 15748 \Device\Harddisk0\DR0 - ok
12:05:11.0076 15748 Boot (0x1200) (572e3775cf86c05dd76b2bdc6c56ddd7) \Device\Harddisk0\DR0\Partition0
12:05:11.0077 15748 \Device\Harddisk0\DR0\Partition0 - ok
12:05:11.0088 15748 Boot (0x1200) (baa1490312ae4e609d4d476be29d421a) \Device\Harddisk0\DR0\Partition1
12:05:11.0091 15748 \Device\Harddisk0\DR0\Partition1 - ok
12:05:11.0121 15748 Boot (0x1200) (3bde9d8e097e05b9eacea4aa2fcdb297) \Device\Harddisk0\DR0\Partition2
12:05:11.0128 15748 \Device\Harddisk0\DR0\Partition2 - ok
12:05:11.0131 15748 ============================================================
12:05:11.0132 15748 Scan finished
12:05:11.0132 15748 ============================================================
12:05:11.0151 12684 Detected object count: 0
12:05:11.0151 12684 Actual detected object count: 0
12:05:24.0882 13928 Deinitialize success

aswMBR info

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-13 12:11:03
-----------------------------
12:11:03.538 OS Version: Windows x64 6.1.7601 Service Pack 1
12:11:03.538 Number of processors: 1 586 0x603
12:11:03.539 ComputerName: OFFICE UserName: Tim
12:11:06.337 Initialize success
12:12:01.506 AVAST engine defs: 12071300
12:12:13.534 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000063
12:12:13.537 Disk 0 Vendor: ST350041 HP35 Size: 476940MB BusType: 3
12:12:13.546 Disk 0 MBR read successfully
12:12:13.549 Disk 0 MBR scan
12:12:13.554 Disk 0 unknown MBR code
12:12:13.561 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:12:13.575 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 465939 MB offset 206848
12:12:13.608 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 10899 MB offset 954449920
12:12:13.658 Disk 0 scanning C:\Windows\system32\drivers
12:12:36.472 Service scanning
12:13:21.725 Modules scanning
12:13:21.747 Disk 0 trace - called modules:
12:13:21.769 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
12:13:22.143 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800268f790]
12:13:22.157 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa800247f7a0]
12:13:22.170 5 ACPI.sys[fffff88000f627a1] -> nt!IofCallDriver -> \Device\00000063[0xfffffa800247f060]
12:13:24.083 AVAST engine scan C:\Windows
12:13:30.119 AVAST engine scan C:\Windows\system32
12:20:21.620 AVAST engine scan C:\Windows\system32\drivers
12:21:01.258 AVAST engine scan C:\Users\Tim
12:27:35.801 AVAST engine scan C:\ProgramData
12:32:55.545 Scan finished successfully
12:51:16.383 Disk 0 MBR has been saved successfully to "C:\Users\Tim\Desktop\Virus removal\MBR.dat"
12:51:16.392 The log file has been saved successfully to "C:\Users\Tim\Desktop\Virus removal\aswMBR.txt"

Mini toolbox

MiniToolBox by Farbar Version: 25-06-2012
Ran by Tim (administrator) on 13-07-2012 at 13:41:25
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost






66.197.194.231 www.google-analytics.com.
66.197.194.231 ad-emea.doubleclick.net.
66.197.194.231 www.statcounter.com.
69.72.252.254 www.google-analytics.com.
69.72.252.254 ad-emea.doubleclick.net.
69.72.252.254 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Office
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sc.charter.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : sc.charter.com
Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
Physical Address. . . . . . . . . : 70-71-BC-B3-2F-1E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::c99:1b01:9d09:6e8f%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, July 13, 2012 8:30:49 AM
Lease Expires . . . . . . . . . . : Saturday, July 14, 2012 8:30:49 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242250172
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-4E-76-B1-70-71-BC-B3-2F-1E
DNS Servers . . . . . . . . . . . : 24.178.162.3
66.189.0.100
24.217.201.67
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.sc.charter.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : sc.charter.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:2c06:2a92:3f57:fe97(Preferred)
Link-local IPv6 Address . . . . . : fe80::2c06:2a92:3f57:fe97%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: vip01spbgsc.spbg.sc.charter.com
Address: 24.178.162.3

Name: google.com
Addresses: 2001:4860:800a::71
74.125.130.100
74.125.130.101
74.125.130.138
74.125.130.102
74.125.130.139
74.125.130.113


Pinging google.com [173.194.37.72] with 32 bytes of data:
Reply from 173.194.37.72: bytes=32 time=79ms TTL=47
Reply from 173.194.37.72: bytes=32 time=64ms TTL=47

Ping statistics for 173.194.37.72:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 64ms, Maximum = 79ms, Average = 71ms
Server: vip01spbgsc.spbg.sc.charter.com
Address: 24.178.162.3

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=112ms TTL=46
Reply from 72.30.38.140: bytes=32 time=190ms TTL=46

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 112ms, Maximum = 190ms, Average = 151ms
Server: vip01spbgsc.spbg.sc.charter.com
Address: 24.178.162.3

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...70 71 bc b3 2f 1e ......NVIDIA nForce 10/100 Mbps Ethernet
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.104 276
192.168.1.104 255.255.255.255 On-link 192.168.1.104 276
192.168.1.255 255.255.255.255 On-link 192.168.1.104 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.104 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.104 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:2c06:2a92:3f57:fe97/128
On-link
10 276 fe80::/64 On-link
13 306 fe80::/64 On-link
10 276 fe80::c99:1b01:9d09:6e8f/128
On-link
13 306 fe80::2c06:2a92:3f57:fe97/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/13/2012 01:13:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000004e4b4
Faulting process id: 0x34e4
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3

Error: (07/13/2012 00:08:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000005
Fault offset: 0x000000000004e4b4
Faulting process id: 0x500
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (07/13/2012 06:35:09 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (07/12/2012 11:44:07 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (07/12/2012 00:31:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (07/12/2012 00:30:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (07/11/2012 04:33:05 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (07/11/2012 03:44:51 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (07/11/2012 03:03:00 AM) (Source: Windows Search Service) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (07/11/2012 00:31:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (07/11/2012 03:23:56 AM) (Source: Service Control Manager) (User: )
Description: The Windows Time service terminated with the following error:
%%1115

Error: (07/08/2012 10:47:54 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:22:43 PM on ?7/?1/?2012 was unexpected.

Error: (06/24/2012 02:05:57 AM) (Source: BugCheck) (User: )
Description: 0x0000003b (0x00000000c0000005, 0xfffff8800389a23f, 0xfffff88009b39f40, 0x0000000000000000)C:\Windows\MEMORY.DMP062412-19780-01

Error: (06/24/2012 02:05:53 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:04:21 AM on ?6/?24/?2012 was unexpected.

Error: (05/27/2012 08:03:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:41:34 AM on ?5/?27/?2012 was unexpected.

Error: (05/26/2012 04:18:33 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 11:57:00 AM on ?5/?26/?2012 was unexpected.

Error: (05/21/2012 02:37:34 PM) (Source: Service Control Manager) (User: )
Description: The NPPTNT2 service failed to start due to the following error:
%%2

Error: (05/21/2012 02:37:27 PM) (Source: Application Popup) (User: )
Description: \??\C:\GamesCampus\Heroes In the Sky\GameGuard\dump_wmimmc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (05/21/2012 01:42:05 PM) (Source: Service Control Manager) (User: )
Description: The NPPTNT2 service failed to start due to the following error:
%%2

Error: (05/21/2012 01:41:39 PM) (Source: Application Popup) (User: )
Description: \??\C:\GamesCampus\Heroes In the Sky\GameGuard\dump_wmimmc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
6000E609_eDocs (Version: 1.00.0000)
6000E609_Help (Version: 1.00.0000)
6000E609n (Version: 50.0.165.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AVG 2012 (Version: 12.0.2195)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2195)
Bing Bar (Version: 7.0.850.0)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
BufferChm (Version: 130.0.331.000)
Compact Wireless-G USB Network Adapter with SpeedBooster
Corel Shell Extension - 64Bit (Version: 14.0)
CorelDRAW Graphics Suite X4 - Capture (Version: 14.0)
CorelDRAW Graphics Suite X4 - Content (Version: 14.0)
CorelDRAW Graphics Suite X4 - Draw (Version: 14.0)
CorelDRAW Graphics Suite X4 - Filters (Version: 14.0)
CorelDRAW Graphics Suite X4 - FontNav (Version: 14.0)
CorelDRAW Graphics SUite X4 - ICA (Version: 14.0)
CorelDRAW Graphics Suite X4 - IPM (Version: 14.0)
CorelDRAW Graphics Suite X4 - Lang BR (Version: 14.0)
CorelDRAW Graphics Suite X4 - Lang EN (Version: 14.0)
CorelDRAW Graphics Suite X4 - Lang ES (Version: 14.0)
CorelDRAW Graphics Suite X4 - Lang FR (Version: 14.0)
CorelDRAW Graphics Suite X4 - PP (Version: 14.0)
CorelDRAW Graphics Suite X4 - VBA (Version: 14.0)
CorelDRAW Graphics Suite X4 (Version: 14.0)
CorelDRAW® Graphics Suite X4
CorelDRAW® Graphics Suite X4 - Windows Shell Extension
CorelDRAW® Graphics Suite X4 - Windows Shell Extension (Version: 1.0)
CutePDF Writer 2.8
CyberLink DVD Suite Deluxe (Version: 7.0.2115)
DeviceDiscovery (Version: 130.0.465.000)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Google Chrome (Version: 20.0.1132.57)
Google Update Helper (Version: 1.3.21.115)
GPBaseService2 (Version: 130.0.371.000)
Heroes In the Sky (Version: 282)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Games (Version: 1.0.0.71)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Odometer (Version: 2.10.0000)
HP Officejet 6000 E609 Series (Version: 13.0)
HP Remote Solution (Version: 1.1.11.0)
HP Remote Solution (Version: 1.1.12.0)
HP Setup (Version: 8.1.4186.3400)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.002.003.003)
HP Vision Hardware Diagnostics (Version: 2.1.2.27173)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
Hulu Desktop (Version: 0.9.10)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2017)
LightScribe System Software (Version: 1.18.17.1)
MarketResearch (Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 14.0.1468.721)
Network64 (Version: 130.0.579.000)
Network64 (Version: 140.0.221.000)
Norton Internet Security (Version: 18.7.2.3)
Norton Online Backup (Version: 1.2.20.0)
NVIDIA Drivers (Version: 1.5)
Pando Media Booster (Version: 2.3.6.0)
PictureMover (Version: 3.3.1.19)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.0.3304)
PowerDirector (Version: 7.0.3503)
ProductContext (Version: 50.0.165.000)
Realtek High Definition Audio Driver (Version: 6.0.1.5938)
Recovery Manager (Version: 5.5.2216)
RingCentral Voicemail Player (Version: 1.4.31)
Rosetta Stone Ltd Services (Version: 3.2.17)
Rosetta Stone TOTALe (Version: 4.1.1)
Rosetta Stone TOTALe (Version: 4.1.15.1)
Shop for HP Supplies (Version: 13.0)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.6 (Version: 5.6.110)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy 2 (Version: 2.0.6)
Status (Version: 130.0.469.000)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WebReg (Version: 130.0.132.017)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Movie Maker (Version: 14.0.8091.0730)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)

========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 1790.49 MB
Available physical RAM: 516.93 MB
Total Pagefile: 3580.98 MB
Available Pagefile: 1617.36 MB
Total Virtual: 4095.88 MB
Available Virtual: 3973.82 MB

========================= Partitions: =====================================

1 Drive c: (COMPAQ) (Fixed) (Total:455.02 GB) (Free:406.22 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.64 GB) (Free:1.57 GB) NTFS

========================= Users: ========================================

User accounts for \\OFFICE

Administrator Guest Tim


**** End of log ****

Edited by Queen-Evie, 13 July 2012 - 01:06 PM.
moved to AII. The included logs are not allowed outside the Malware Removal forums.


BC AdBot (Login to Remove)

 


#2 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:03:35 PM

Posted 13 July 2012 - 01:36 PM

Hello Bamr1. Welcome to Bleeping Computer. Someone who knows more than I do about malware said it looks like you have the Google analytics infection.

You need more guidance than can be provided here in Am I Infected.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Also post the TDSSKiller and ASWMBR logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

#3 Bamr1

Bamr1
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:03:35 PM

Posted 13 July 2012 - 08:50 PM

REPOSTED AS

http://www.bleepingcomputer.com/forums/topic460580.html

#4 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Members
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:03:35 PM

Posted 14 July 2012 - 09:00 AM

Now that your logs have been posted in Malware Removal Logs and you are receiving help from gringo_pr

Please refrain from asking for further help from other members or staff until the Malware Removal Team has checked your posted log. The Malware Removal Team work very hard to investigate a unique solution to your problem and you will receive individual expert assistance. This takes time and effort so we ask you to please be patient while waiting for assistance and NOT to make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member. Any modifications you make on your own can result in system changes which may not show it the log you already posted. Further, following advice outside of that post may cause confusion for the team member assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

The Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean. If you followed any other advice already, please ensure you inform the Malware Removal Team Helper when they respond to assist you with your log. This will help them know what has been done and they probably will ask for an updated log.

This topic is now closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users