Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

invisible audio ads


  • Please log in to reply
7 replies to this topic

#1 squibbelings

squibbelings

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:03 PM

Posted 15 July 2012 - 03:25 PM

Mod Edit:Moved from Win7 to the Am I Infected forum. ~~boopme

Okay so this morning I get on my computer and I notice something is playing, sounds like an ad. after closing all my firefox windows I notice it's still playing. It's not just ads either, sometimes they sound like "how to" videos, and sometimes more than one plays at a time. I have no idea how this started because I haven't downloaded anything new lately. I just bought my computer a few months ago so I've been really apprehensive to download anything for this reason. I have Norton anti virus and I did a scan but they still play. In fact one is playing right now as I type /:

If someone can please help me out I would really appreciate it.

Edited by boopme, 15 July 2012 - 07:27 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:03 AM

Posted 15 July 2012 - 09:37 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 squibbelings

squibbelings
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:03 PM

Posted 16 July 2012 - 06:39 PM


TDSSKILLER


16:43:22.0113 0916 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
16:43:22.0503 0916 ============================================================
16:43:22.0503 0916 Current date / time: 2012/07/16 16:43:22.0503
16:43:22.0503 0916 SystemInfo:
16:43:22.0503 0916
16:43:22.0503 0916 OS Version: 6.1.7601 ServicePack: 1.0
16:43:22.0503 0916 Product type: Workstation
16:43:22.0503 0916 ComputerName: HOME-PC
16:43:22.0503 0916 UserName: Home
16:43:22.0503 0916 Windows directory: C:\Windows
16:43:22.0503 0916 System windows directory: C:\Windows
16:43:22.0503 0916 Running under WOW64
16:43:22.0503 0916 Processor architecture: Intel x64
16:43:22.0503 0916 Number of processors: 4
16:43:22.0503 0916 Page size: 0x1000
16:43:22.0503 0916 Boot type: Normal boot
16:43:22.0503 0916 ============================================================
16:43:22.0806 0916 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:43:22.0821 0916 ============================================================
16:43:22.0822 0916 \Device\Harddisk0\DR0:
16:43:22.0822 0916 MBR partitions:
16:43:22.0822 0916 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A80000
16:43:22.0822 0916 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A94000, BlocksNum 0x72C72000
16:43:22.0822 0916 ============================================================
16:43:22.0848 0916 C: <-> \Device\Harddisk0\DR0\Partition1
16:43:22.0848 0916 ============================================================
16:43:22.0848 0916 Initialize success
16:43:22.0848 0916 ============================================================
16:43:31.0104 3012 ============================================================
16:43:31.0104 3012 Scan started
16:43:31.0104 3012 Mode: Manual;
16:43:31.0104 3012 ============================================================
16:43:31.0527 3012 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:43:31.0529 3012 1394ohci - ok
16:43:31.0545 3012 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:43:31.0547 3012 ACPI - ok
16:43:31.0550 3012 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:43:31.0550 3012 AcpiPmi - ok
16:43:31.0649 3012 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:43:31.0650 3012 AdobeARMservice - ok
16:43:31.0735 3012 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:43:31.0737 3012 AdobeFlashPlayerUpdateSvc - ok
16:43:31.0760 3012 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:43:31.0764 3012 adp94xx - ok
16:43:31.0781 3012 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:43:31.0784 3012 adpahci - ok
16:43:31.0799 3012 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:43:31.0801 3012 adpu320 - ok
16:43:31.0823 3012 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:43:31.0824 3012 AeLookupSvc - ok
16:43:31.0854 3012 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:43:31.0857 3012 AFD - ok
16:43:31.0880 3012 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:43:31.0881 3012 agp440 - ok
16:43:31.0902 3012 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:43:31.0903 3012 ALG - ok
16:43:31.0916 3012 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:43:31.0916 3012 aliide - ok
16:43:31.0947 3012 AMD External Events Utility (310f88a93c3b02e3d1f906fb57b9e01e) C:\Windows\system32\atiesrxx.exe
16:43:31.0948 3012 AMD External Events Utility - ok
16:43:31.0951 3012 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:43:31.0952 3012 amdide - ok
16:43:31.0956 3012 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:43:31.0957 3012 AmdK8 - ok
16:43:32.0191 3012 amdkmdag (62ddf55680f8c53e4b8dde4189ada0b8) C:\Windows\system32\DRIVERS\atikmdag.sys
16:43:32.0338 3012 amdkmdag - ok
16:43:32.0417 3012 amdkmdap (51f027dffedfb8d763fabffa06b56e6d) C:\Windows\system32\DRIVERS\atikmpag.sys
16:43:32.0418 3012 amdkmdap - ok
16:43:32.0423 3012 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:43:32.0424 3012 AmdPPM - ok
16:43:32.0442 3012 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:43:32.0443 3012 amdsata - ok
16:43:32.0462 3012 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:43:32.0464 3012 amdsbs - ok
16:43:32.0481 3012 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:43:32.0481 3012 amdxata - ok
16:43:32.0599 3012 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:43:32.0601 3012 AppID - ok
16:43:32.0618 3012 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:43:32.0619 3012 AppIDSvc - ok
16:43:32.0632 3012 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:43:32.0633 3012 Appinfo - ok
16:43:32.0746 3012 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:43:32.0748 3012 Apple Mobile Device - ok
16:43:32.0755 3012 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:43:32.0757 3012 arc - ok
16:43:32.0773 3012 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:43:32.0774 3012 arcsas - ok
16:43:32.0876 3012 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:43:32.0877 3012 aspnet_state - ok
16:43:32.0896 3012 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:43:32.0897 3012 AsyncMac - ok
16:43:32.0924 3012 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:43:32.0925 3012 atapi - ok
16:43:32.0974 3012 AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
16:43:32.0976 3012 AtiHDAudioService - ok
16:43:33.0004 3012 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:43:33.0011 3012 AudioEndpointBuilder - ok
16:43:33.0019 3012 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:43:33.0022 3012 AudioSrv - ok
16:43:33.0056 3012 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:43:33.0058 3012 AxInstSV - ok
16:43:33.0085 3012 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:43:33.0090 3012 b06bdrv - ok
16:43:33.0111 3012 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:43:33.0115 3012 b57nd60a - ok
16:43:33.0225 3012 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
16:43:33.0239 3012 BCM43XX - ok
16:43:33.0301 3012 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:43:33.0303 3012 BDESVC - ok
16:43:33.0349 3012 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:43:33.0350 3012 Beep - ok
16:43:33.0401 3012 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:43:33.0409 3012 BFE - ok
16:43:33.0531 3012 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120711.002\BHDrvx64.sys
16:43:33.0540 3012 BHDrvx64 - ok
16:43:33.0656 3012 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:43:33.0666 3012 BITS - ok
16:43:33.0700 3012 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:43:33.0701 3012 blbdrive - ok
16:43:33.0776 3012 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
16:43:33.0778 3012 Bonjour Service - ok
16:43:33.0807 3012 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:43:33.0808 3012 bowser - ok
16:43:33.0840 3012 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:43:33.0841 3012 BrFiltLo - ok
16:43:33.0852 3012 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:43:33.0853 3012 BrFiltUp - ok
16:43:33.0874 3012 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:43:33.0876 3012 Browser - ok
16:43:33.0905 3012 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:43:33.0919 3012 Brserid - ok
16:43:33.0924 3012 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:43:33.0925 3012 BrSerWdm - ok
16:43:33.0937 3012 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:43:33.0938 3012 BrUsbMdm - ok
16:43:33.0941 3012 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:43:33.0942 3012 BrUsbSer - ok
16:43:33.0948 3012 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:43:33.0949 3012 BTHMODEM - ok
16:43:33.0979 3012 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:43:33.0980 3012 bthserv - ok
16:43:34.0041 3012 ccSet_NAV (a8ad33c9dd88c810cac00acc7f4329fb) C:\Windows\system32\drivers\NAVx64\1301000.01C\ccSetx64.sys
16:43:34.0043 3012 ccSet_NAV - ok
16:43:34.0058 3012 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:43:34.0060 3012 cdfs - ok
16:43:34.0075 3012 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:43:34.0078 3012 cdrom - ok
16:43:34.0108 3012 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:43:34.0110 3012 CertPropSvc - ok
16:43:34.0115 3012 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:43:34.0116 3012 circlass - ok
16:43:34.0148 3012 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:43:34.0152 3012 CLFS - ok
16:43:34.0218 3012 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:43:34.0219 3012 clr_optimization_v2.0.50727_32 - ok
16:43:34.0263 3012 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:43:34.0264 3012 clr_optimization_v2.0.50727_64 - ok
16:43:34.0322 3012 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:43:34.0324 3012 clr_optimization_v4.0.30319_32 - ok
16:43:34.0373 3012 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:43:34.0375 3012 clr_optimization_v4.0.30319_64 - ok
16:43:34.0379 3012 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:43:34.0380 3012 CmBatt - ok
16:43:34.0388 3012 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:43:34.0389 3012 cmdide - ok
16:43:34.0425 3012 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
16:43:34.0430 3012 CNG - ok
16:43:34.0442 3012 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:43:34.0443 3012 Compbatt - ok
16:43:34.0458 3012 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:43:34.0459 3012 CompositeBus - ok
16:43:34.0461 3012 COMSysApp - ok
16:43:34.0466 3012 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:43:34.0468 3012 crcdisk - ok
16:43:34.0501 3012 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
16:43:34.0504 3012 CryptSvc - ok
16:43:34.0549 3012 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:43:34.0556 3012 DcomLaunch - ok
16:43:34.0580 3012 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:43:34.0585 3012 defragsvc - ok
16:43:34.0599 3012 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:43:34.0601 3012 DfsC - ok
16:43:34.0621 3012 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:43:34.0625 3012 Dhcp - ok
16:43:34.0643 3012 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:43:34.0643 3012 discache - ok
16:43:34.0678 3012 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:43:34.0679 3012 Disk - ok
16:43:34.0720 3012 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:43:34.0722 3012 Dnscache - ok
16:43:34.0739 3012 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:43:34.0743 3012 dot3svc - ok
16:43:34.0756 3012 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:43:34.0759 3012 DPS - ok
16:43:34.0783 3012 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:43:34.0784 3012 drmkaud - ok
16:43:34.0820 3012 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:43:34.0826 3012 DXGKrnl - ok
16:43:34.0847 3012 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:43:34.0849 3012 EapHost - ok
16:43:34.0941 3012 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:43:34.0997 3012 ebdrv - ok
16:43:35.0121 3012 eeCtrl (ba6420c1f7070ed8f1ba372844f3e1ec) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:43:35.0125 3012 eeCtrl - ok
16:43:35.0185 3012 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:43:35.0187 3012 EFS - ok
16:43:35.0236 3012 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:43:35.0243 3012 ehRecvr - ok
16:43:35.0263 3012 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:43:35.0265 3012 ehSched - ok
16:43:35.0302 3012 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:43:35.0308 3012 elxstor - ok
16:43:35.0356 3012 EraserUtilRebootDrv (1343df3451bc0c442dc69837c6fba21b) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:43:35.0357 3012 EraserUtilRebootDrv - ok
16:43:35.0372 3012 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:43:35.0373 3012 ErrDev - ok
16:43:35.0404 3012 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:43:35.0408 3012 EventSystem - ok
16:43:35.0428 3012 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:43:35.0430 3012 exfat - ok
16:43:35.0443 3012 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:43:35.0445 3012 fastfat - ok
16:43:35.0474 3012 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:43:35.0481 3012 Fax - ok
16:43:35.0500 3012 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:43:35.0501 3012 fdc - ok
16:43:35.0522 3012 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:43:35.0523 3012 fdPHost - ok
16:43:35.0533 3012 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:43:35.0534 3012 FDResPub - ok
16:43:35.0548 3012 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:43:35.0549 3012 FileInfo - ok
16:43:35.0562 3012 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:43:35.0563 3012 Filetrace - ok
16:43:35.0623 3012 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:43:35.0632 3012 FLEXnet Licensing Service - ok
16:43:35.0674 3012 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:43:35.0675 3012 flpydisk - ok
16:43:35.0692 3012 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:43:35.0695 3012 FltMgr - ok
16:43:35.0748 3012 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:43:35.0771 3012 FontCache - ok
16:43:35.0832 3012 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:43:35.0832 3012 FontCache3.0.0.0 - ok
16:43:35.0858 3012 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:43:35.0860 3012 FsDepends - ok
16:43:35.0873 3012 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:43:35.0874 3012 Fs_Rec - ok
16:43:35.0888 3012 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:43:35.0890 3012 fvevol - ok
16:43:35.0905 3012 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:43:35.0907 3012 gagp30kx - ok
16:43:35.0940 3012 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:43:35.0941 3012 GEARAspiWDM - ok
16:43:35.0984 3012 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:43:35.0993 3012 gpsvc - ok
16:43:36.0019 3012 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:43:36.0020 3012 hcw85cir - ok
16:43:36.0039 3012 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:43:36.0041 3012 HDAudBus - ok
16:43:36.0045 3012 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:43:36.0046 3012 HidBatt - ok
16:43:36.0053 3012 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:43:36.0054 3012 HidBth - ok
16:43:36.0067 3012 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:43:36.0068 3012 HidIr - ok
16:43:36.0084 3012 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:43:36.0086 3012 hidserv - ok
16:43:36.0104 3012 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:43:36.0105 3012 HidUsb - ok
16:43:36.0119 3012 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:43:36.0121 3012 hkmsvc - ok
16:43:36.0138 3012 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:43:36.0142 3012 HomeGroupListener - ok
16:43:36.0170 3012 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:43:36.0173 3012 HomeGroupProvider - ok
16:43:36.0188 3012 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:43:36.0190 3012 HpSAMD - ok
16:43:36.0221 3012 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:43:36.0228 3012 HTTP - ok
16:43:36.0253 3012 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:43:36.0253 3012 hwpolicy - ok
16:43:36.0296 3012 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:43:36.0298 3012 i8042prt - ok
16:43:36.0335 3012 iaStor (2fdaec4b02729c48c0fd1b0b4695995b) C:\Windows\system32\drivers\iaStor.sys
16:43:36.0339 3012 iaStor - ok
16:43:36.0468 3012 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:43:36.0469 3012 IAStorDataMgrSvc - ok
16:43:36.0493 3012 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:43:36.0497 3012 iaStorV - ok
16:43:36.0580 3012 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:43:36.0589 3012 idsvc - ok
16:43:36.0697 3012 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120713.001\IDSvia64.sys
16:43:36.0701 3012 IDSVia64 - ok
16:43:36.0753 3012 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:43:36.0754 3012 iirsp - ok
16:43:36.0795 3012 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:43:36.0804 3012 IKEEXT - ok
16:43:36.0892 3012 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
16:43:36.0902 3012 IntcAzAudAddService - ok
16:43:37.0005 3012 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:43:37.0009 3012 IntcDAud - ok
16:43:37.0028 3012 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:43:37.0029 3012 intelide - ok
16:43:37.0040 3012 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:43:37.0041 3012 intelppm - ok
16:43:37.0066 3012 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:43:37.0068 3012 IPBusEnum - ok
16:43:37.0085 3012 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:43:37.0086 3012 IpFilterDriver - ok
16:43:37.0111 3012 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:43:37.0118 3012 iphlpsvc - ok
16:43:37.0127 3012 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:43:37.0129 3012 IPMIDRV - ok
16:43:37.0138 3012 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:43:37.0139 3012 IPNAT - ok
16:43:37.0212 3012 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
16:43:37.0222 3012 iPod Service - ok
16:43:37.0257 3012 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:43:37.0258 3012 IRENUM - ok
16:43:37.0268 3012 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:43:37.0269 3012 isapnp - ok
16:43:37.0287 3012 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:43:37.0291 3012 iScsiPrt - ok
16:43:37.0313 3012 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys
16:43:37.0316 3012 k57nd60a - ok
16:43:37.0325 3012 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:43:37.0326 3012 kbdclass - ok
16:43:37.0335 3012 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
16:43:37.0335 3012 kbdhid - ok
16:43:37.0358 3012 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:43:37.0359 3012 KeyIso - ok
16:43:37.0388 3012 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
16:43:37.0389 3012 KSecDD - ok
16:43:37.0402 3012 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
16:43:37.0404 3012 KSecPkg - ok
16:43:37.0414 3012 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:43:37.0415 3012 ksthunk - ok
16:43:37.0434 3012 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:43:37.0438 3012 KtmRm - ok
16:43:37.0471 3012 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:43:37.0475 3012 LanmanServer - ok
16:43:37.0505 3012 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:43:37.0508 3012 LanmanWorkstation - ok
16:43:37.0553 3012 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:43:37.0554 3012 lltdio - ok
16:43:37.0576 3012 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:43:37.0580 3012 lltdsvc - ok
16:43:37.0590 3012 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:43:37.0591 3012 lmhosts - ok
16:43:37.0615 3012 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:43:37.0617 3012 LSI_FC - ok
16:43:37.0623 3012 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:43:37.0625 3012 LSI_SAS - ok
16:43:37.0630 3012 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:43:37.0631 3012 LSI_SAS2 - ok
16:43:37.0638 3012 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:43:37.0639 3012 LSI_SCSI - ok
16:43:37.0656 3012 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:43:37.0657 3012 luafv - ok
16:43:37.0724 3012 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
16:43:37.0727 3012 McComponentHostService - ok
16:43:37.0748 3012 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:43:37.0751 3012 Mcx2Svc - ok
16:43:37.0755 3012 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:43:37.0756 3012 megasas - ok
16:43:37.0772 3012 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:43:37.0776 3012 MegaSR - ok
16:43:37.0827 3012 MEIx64 (1c6e73fc46b509eff9d0086aa37132df) C:\Windows\system32\DRIVERS\HECIx64.sys
16:43:37.0828 3012 MEIx64 - ok
16:43:37.0843 3012 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:43:37.0845 3012 MMCSS - ok
16:43:37.0860 3012 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:43:37.0862 3012 Modem - ok
16:43:37.0870 3012 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:43:37.0871 3012 monitor - ok
16:43:37.0887 3012 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:43:37.0888 3012 mouclass - ok
16:43:37.0902 3012 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:43:37.0903 3012 mouhid - ok
16:43:37.0917 3012 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:43:37.0918 3012 mountmgr - ok
16:43:37.0980 3012 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:43:37.0982 3012 MozillaMaintenance - ok
16:43:37.0999 3012 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:43:38.0001 3012 mpio - ok
16:43:38.0019 3012 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:43:38.0021 3012 mpsdrv - ok
16:43:38.0055 3012 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:43:38.0064 3012 MpsSvc - ok
16:43:38.0076 3012 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:43:38.0078 3012 MRxDAV - ok
16:43:38.0116 3012 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:43:38.0118 3012 mrxsmb - ok
16:43:38.0139 3012 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:43:38.0142 3012 mrxsmb10 - ok
16:43:38.0155 3012 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:43:38.0157 3012 mrxsmb20 - ok
16:43:38.0181 3012 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:43:38.0182 3012 msahci - ok
16:43:38.0196 3012 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:43:38.0198 3012 msdsm - ok
16:43:38.0215 3012 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:43:38.0219 3012 MSDTC - ok
16:43:38.0232 3012 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:43:38.0232 3012 Msfs - ok
16:43:38.0257 3012 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:43:38.0258 3012 mshidkmdf - ok
16:43:38.0270 3012 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:43:38.0270 3012 msisadrv - ok
16:43:38.0288 3012 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:43:38.0291 3012 MSiSCSI - ok
16:43:38.0294 3012 msiserver - ok
16:43:38.0328 3012 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:43:38.0329 3012 MSKSSRV - ok
16:43:38.0333 3012 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:43:38.0334 3012 MSPCLOCK - ok
16:43:38.0342 3012 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:43:38.0342 3012 MSPQM - ok
16:43:38.0358 3012 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:43:38.0362 3012 MsRPC - ok
16:43:38.0372 3012 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:43:38.0373 3012 mssmbios - ok
16:43:38.0388 3012 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:43:38.0389 3012 MSTEE - ok
16:43:38.0392 3012 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:43:38.0393 3012 MTConfig - ok
16:43:38.0405 3012 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:43:38.0406 3012 Mup - ok
16:43:38.0422 3012 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:43:38.0428 3012 napagent - ok
16:43:38.0463 3012 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:43:38.0467 3012 NativeWifiP - ok
16:43:38.0557 3012 NAV (e127420b7feb65c7f279eaac183bbc0e) C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.0.28\ccSvcHst.exe
16:43:38.0558 3012 NAV - ok
16:43:38.0644 3012 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120716.002\ENG64.SYS
16:43:38.0645 3012 NAVENG - ok
16:43:38.0730 3012 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120716.002\EX64.SYS
16:43:38.0743 3012 NAVEX15 - ok
16:43:38.0864 3012 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
16:43:38.0870 3012 NDIS - ok
16:43:38.0881 3012 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:43:38.0882 3012 NdisCap - ok
16:43:38.0897 3012 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:43:38.0897 3012 NdisTapi - ok
16:43:38.0920 3012 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:43:38.0921 3012 Ndisuio - ok
16:43:38.0933 3012 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:43:38.0935 3012 NdisWan - ok
16:43:38.0952 3012 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:43:38.0952 3012 NDProxy - ok
16:43:38.0964 3012 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:43:38.0965 3012 NetBIOS - ok
16:43:38.0978 3012 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:43:38.0980 3012 NetBT - ok
16:43:38.0989 3012 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:43:38.0990 3012 Netlogon - ok
16:43:39.0021 3012 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:43:39.0024 3012 Netman - ok
16:43:39.0081 3012 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:39.0084 3012 NetMsmqActivator - ok
16:43:39.0087 3012 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:39.0089 3012 NetPipeActivator - ok
16:43:39.0115 3012 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:43:39.0119 3012 netprofm - ok
16:43:39.0121 3012 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:39.0122 3012 NetTcpActivator - ok
16:43:39.0124 3012 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:43:39.0125 3012 NetTcpPortSharing - ok
16:43:39.0147 3012 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:43:39.0148 3012 nfrd960 - ok
16:43:39.0167 3012 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:43:39.0170 3012 NlaSvc - ok
16:43:39.0180 3012 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:43:39.0180 3012 Npfs - ok
16:43:39.0186 3012 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:43:39.0187 3012 nsi - ok
16:43:39.0197 3012 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:43:39.0197 3012 nsiproxy - ok
16:43:39.0236 3012 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:43:39.0265 3012 Ntfs - ok
16:43:39.0312 3012 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:43:39.0313 3012 Null - ok
16:43:39.0334 3012 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:43:39.0335 3012 nvraid - ok
16:43:39.0397 3012 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:43:39.0399 3012 nvstor - ok
16:43:39.0441 3012 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:43:39.0443 3012 nv_agp - ok
16:43:39.0457 3012 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:43:39.0459 3012 ohci1394 - ok
16:43:39.0503 3012 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:43:39.0506 3012 ose - ok
16:43:39.0679 3012 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:43:39.0764 3012 osppsvc - ok
16:43:39.0836 3012 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:43:39.0841 3012 p2pimsvc - ok
16:43:39.0888 3012 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:43:39.0893 3012 p2psvc - ok
16:43:39.0906 3012 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:43:39.0907 3012 Parport - ok
16:43:39.0928 3012 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:43:39.0929 3012 partmgr - ok
16:43:39.0943 3012 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:43:39.0946 3012 PcaSvc - ok
16:43:40.0012 3012 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
16:43:40.0013 3012 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
16:43:40.0037 3012 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:43:40.0039 3012 pci - ok
16:43:40.0052 3012 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:43:40.0053 3012 pciide - ok
16:43:40.0072 3012 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:43:40.0075 3012 pcmcia - ok
16:43:40.0094 3012 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:43:40.0095 3012 pcw - ok
16:43:40.0119 3012 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:43:40.0125 3012 PEAUTH - ok
16:43:40.0188 3012 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:43:40.0190 3012 PerfHost - ok
16:43:40.0233 3012 phaudlwr (fe8af03efec0387fbbfcfd32e328db9a) C:\Windows\system32\DRIVERS\phaudlwr.sys
16:43:40.0234 3012 phaudlwr - ok
16:43:40.0281 3012 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:43:40.0310 3012 pla - ok
16:43:40.0346 3012 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:43:40.0351 3012 PlugPlay - ok
16:43:40.0365 3012 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:43:40.0368 3012 PNRPAutoReg - ok
16:43:40.0386 3012 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:43:40.0390 3012 PNRPsvc - ok
16:43:40.0425 3012 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:43:40.0431 3012 PolicyAgent - ok
16:43:40.0460 3012 Power (a2cca4fb273e6050f17a0a416cff2fcd) C:\Windows\system32\umpo.dll
16:43:40.0464 3012 Power - ok
16:43:40.0519 3012 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:43:40.0520 3012 PptpMiniport - ok
16:43:40.0542 3012 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:43:40.0544 3012 Processor - ok
16:43:40.0571 3012 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:43:40.0575 3012 ProfSvc - ok
16:43:40.0588 3012 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:43:40.0589 3012 ProtectedStorage - ok
16:43:40.0614 3012 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:43:40.0616 3012 Psched - ok
16:43:40.0639 3012 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:43:40.0640 3012 PxHlpa64 - ok
16:43:40.0720 3012 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:43:40.0748 3012 ql2300 - ok
16:43:40.0817 3012 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:43:40.0819 3012 ql40xx - ok
16:43:40.0848 3012 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:43:40.0852 3012 QWAVE - ok
16:43:40.0868 3012 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:43:40.0870 3012 QWAVEdrv - ok
16:43:40.0886 3012 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:43:40.0887 3012 RasAcd - ok
16:43:40.0910 3012 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:43:40.0911 3012 RasAgileVpn - ok
16:43:40.0933 3012 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:43:40.0935 3012 RasAuto - ok
16:43:40.0953 3012 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:43:40.0955 3012 Rasl2tp - ok
16:43:40.0989 3012 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:43:40.0994 3012 RasMan - ok
16:43:41.0009 3012 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:43:41.0011 3012 RasPppoe - ok
16:43:41.0022 3012 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:43:41.0023 3012 RasSstp - ok
16:43:41.0044 3012 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:43:41.0048 3012 rdbss - ok
16:43:41.0065 3012 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
16:43:41.0066 3012 rdpbus - ok
16:43:41.0081 3012 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:43:41.0082 3012 RDPCDD - ok
16:43:41.0092 3012 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:43:41.0093 3012 RDPENCDD - ok
16:43:41.0102 3012 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:43:41.0103 3012 RDPREFMP - ok
16:43:41.0139 3012 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:43:41.0141 3012 RDPWD - ok
16:43:41.0156 3012 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:43:41.0159 3012 rdyboost - ok
16:43:41.0189 3012 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:43:41.0191 3012 RemoteAccess - ok
16:43:41.0224 3012 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:43:41.0228 3012 RemoteRegistry - ok
16:43:41.0320 3012 RoxMediaDB12OEM (3c957189b31c34d3ad21967b12b6aed7) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
16:43:41.0344 3012 RoxMediaDB12OEM - ok
16:43:41.0371 3012 RoxWatch12 (2b73088cc2ca757a172b425c9398e5bc) C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
16:43:41.0374 3012 RoxWatch12 - ok
16:43:41.0427 3012 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:43:41.0429 3012 RpcEptMapper - ok
16:43:41.0437 3012 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:43:41.0439 3012 RpcLocator - ok
16:43:41.0460 3012 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:43:41.0465 3012 RpcSs - ok
16:43:41.0487 3012 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:43:41.0488 3012 rspndr - ok
16:43:41.0529 3012 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:43:41.0530 3012 SamSs - ok
16:43:41.0550 3012 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:43:41.0552 3012 sbp2port - ok
16:43:41.0565 3012 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:43:41.0569 3012 SCardSvr - ok
16:43:41.0579 3012 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:43:41.0580 3012 scfilter - ok
16:43:41.0614 3012 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:43:41.0638 3012 Schedule - ok
16:43:41.0668 3012 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:43:41.0669 3012 SCPolicySvc - ok
16:43:41.0685 3012 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:43:41.0689 3012 SDRSVC - ok
16:43:41.0713 3012 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:43:41.0714 3012 secdrv - ok
16:43:41.0720 3012 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:43:41.0723 3012 seclogon - ok
16:43:41.0743 3012 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:43:41.0748 3012 SENS - ok
16:43:41.0768 3012 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:43:41.0770 3012 SensrSvc - ok
16:43:41.0787 3012 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:43:41.0788 3012 Serenum - ok
16:43:41.0796 3012 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:43:41.0797 3012 Serial - ok
16:43:41.0812 3012 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:43:41.0813 3012 sermouse - ok
16:43:41.0837 3012 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:43:41.0840 3012 SessionEnv - ok
16:43:41.0844 3012 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:43:41.0845 3012 sffdisk - ok
16:43:41.0855 3012 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:43:41.0856 3012 sffp_mmc - ok
16:43:41.0870 3012 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:43:41.0872 3012 sffp_sd - ok
16:43:41.0876 3012 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:43:41.0877 3012 sfloppy - ok
16:43:41.0975 3012 SftService (421c30c8e686dc41e64881269982b382) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
16:43:42.0016 3012 SftService - ok
16:43:42.0074 3012 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:43:42.0079 3012 SharedAccess - ok
16:43:42.0098 3012 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:43:42.0103 3012 ShellHWDetection - ok
16:43:42.0128 3012 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:43:42.0130 3012 SiSRaid2 - ok
16:43:42.0143 3012 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:43:42.0145 3012 SiSRaid4 - ok
16:43:42.0185 3012 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:43:42.0187 3012 Smb - ok
16:43:42.0210 3012 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:43:42.0212 3012 SNMPTRAP - ok
16:43:42.0327 3012 SPC1330 (88cc2a38b87925e1f6a6bb515014d05c) C:\Windows\system32\DRIVERS\spc1330.sys
16:43:42.0385 3012 SPC1330 - ok
16:43:42.0447 3012 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:43:42.0448 3012 spldr - ok
16:43:42.0475 3012 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:43:42.0482 3012 Spooler - ok
16:43:42.0584 3012 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:43:42.0642 3012 sppsvc - ok
16:43:42.0697 3012 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:43:42.0699 3012 sppuinotify - ok
16:43:42.0786 3012 SRTSP (1321a6c3c92bbd3f3bbe1292cff8e91a) C:\Windows\system32\drivers\NAVx64\1301000.01C\SRTSP64.SYS
16:43:42.0792 3012 SRTSP - ok
16:43:42.0812 3012 SRTSPX (bd129c22c3b8c2e584227269dfa77b09) C:\Windows\system32\drivers\NAVx64\1301000.01C\SRTSPX64.SYS
16:43:42.0813 3012 SRTSPX - ok
16:43:42.0838 3012 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:43:42.0841 3012 srv - ok
16:43:42.0862 3012 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:43:42.0865 3012 srv2 - ok
16:43:42.0877 3012 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:43:42.0878 3012 srvnet - ok
16:43:42.0904 3012 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:43:42.0908 3012 SSDPSRV - ok
16:43:42.0922 3012 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:43:42.0925 3012 SstpSvc - ok
16:43:42.0942 3012 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:43:42.0943 3012 stexstor - ok
16:43:43.0002 3012 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:43:43.0010 3012 stisvc - ok
16:43:43.0063 3012 stllssvr (7731f46ec0d687a931cba063e8f90ef0) C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
16:43:43.0065 3012 stllssvr - ok
16:43:43.0077 3012 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:43:43.0077 3012 swenum - ok
16:43:43.0101 3012 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:43:43.0108 3012 swprv - ok
16:43:43.0130 3012 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1301000.01C\SYMDS64.SYS
16:43:43.0135 3012 SymDS - ok
16:43:43.0172 3012 SymEFA (fe29b18bf86ffcd55d8733c9b01e5042) C:\Windows\system32\drivers\NAVx64\1301000.01C\SYMEFA64.SYS
16:43:43.0195 3012 SymEFA - ok
16:43:43.0208 3012 SymEvent (36b77f5c9e21f88a8c8ec67ad5415819) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:43:43.0209 3012 SymEvent - ok
16:43:43.0226 3012 SymIRON (dd70da422460fded831d211df151d560) C:\Windows\system32\drivers\NAVx64\1301000.01C\Ironx64.SYS
16:43:43.0228 3012 SymIRON - ok
16:43:43.0248 3012 SymNetS (bce4eb2eef05e388959b46fd21388c2d) C:\Windows\system32\drivers\NAVx64\1301000.01C\SYMNETS.SYS
16:43:43.0251 3012 SymNetS - ok
16:43:43.0305 3012 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:43:43.0334 3012 SysMain - ok
16:43:43.0384 3012 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:43:43.0387 3012 TabletInputService - ok
16:43:43.0407 3012 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:43:43.0412 3012 TapiSrv - ok
16:43:43.0422 3012 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:43:43.0424 3012 TBS - ok
16:43:43.0510 3012 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:43:43.0542 3012 Tcpip - ok
16:43:43.0636 3012 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:43:43.0646 3012 TCPIP6 - ok
16:43:43.0718 3012 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:43:43.0719 3012 tcpipreg - ok
16:43:43.0734 3012 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:43:43.0735 3012 TDPIPE - ok
16:43:43.0749 3012 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:43:43.0750 3012 TDTCP - ok
16:43:43.0782 3012 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:43:43.0784 3012 tdx - ok
16:43:43.0809 3012 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
16:43:43.0810 3012 TermDD - ok
16:43:43.0836 3012 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:43:43.0845 3012 TermService - ok
16:43:43.0903 3012 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:43:43.0905 3012 Themes - ok
16:43:43.0928 3012 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:43:43.0930 3012 THREADORDER - ok
16:43:43.0943 3012 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:43:43.0946 3012 TrkWks - ok
16:43:43.0966 3012 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:43:43.0968 3012 TrustedInstaller - ok
16:43:43.0982 3012 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:43:43.0984 3012 tssecsrv - ok
16:43:43.0998 3012 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:43:44.0000 3012 TsUsbFlt - ok
16:43:44.0004 3012 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
16:43:44.0005 3012 TsUsbGD - ok
16:43:44.0030 3012 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:43:44.0032 3012 tunnel - ok
16:43:44.0042 3012 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:43:44.0043 3012 uagp35 - ok
16:43:44.0068 3012 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:43:44.0071 3012 udfs - ok
16:43:44.0083 3012 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:43:44.0086 3012 UI0Detect - ok
16:43:44.0100 3012 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:43:44.0101 3012 uliagpkx - ok
16:43:44.0117 3012 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
16:43:44.0118 3012 umbus - ok
16:43:44.0127 3012 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:43:44.0128 3012 UmPass - ok
16:43:44.0155 3012 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:43:44.0160 3012 upnphost - ok
16:43:44.0192 3012 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
16:43:44.0193 3012 USBAAPL64 - ok
16:43:44.0226 3012 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
16:43:44.0227 3012 usbaudio - ok
16:43:44.0248 3012 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
16:43:44.0249 3012 usbccgp - ok
16:43:44.0257 3012 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:43:44.0259 3012 usbcir - ok
16:43:44.0268 3012 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:43:44.0269 3012 usbehci - ok
16:43:44.0313 3012 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:43:44.0317 3012 usbhub - ok
16:43:44.0331 3012 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:43:44.0333 3012 usbohci - ok
16:43:44.0358 3012 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:43:44.0358 3012 usbprint - ok
16:43:44.0385 3012 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:43:44.0387 3012 USBSTOR - ok
16:43:44.0416 3012 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:43:44.0417 3012 usbuhci - ok
16:43:44.0422 3012 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:43:44.0425 3012 UxSms - ok
16:43:44.0450 3012 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:43:44.0452 3012 VaultSvc - ok
16:43:44.0466 3012 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:43:44.0467 3012 vdrvroot - ok
16:43:44.0485 3012 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:43:44.0492 3012 vds - ok
16:43:44.0507 3012 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:43:44.0508 3012 vga - ok
16:43:44.0518 3012 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:43:44.0519 3012 VgaSave - ok
16:43:44.0535 3012 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:43:44.0537 3012 vhdmp - ok
16:43:44.0553 3012 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:43:44.0554 3012 viaide - ok
16:43:44.0570 3012 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:43:44.0571 3012 volmgr - ok
16:43:44.0589 3012 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:43:44.0593 3012 volmgrx - ok
16:43:44.0610 3012 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:43:44.0613 3012 volsnap - ok
16:43:44.0626 3012 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:43:44.0628 3012 vsmraid - ok
16:43:44.0679 3012 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:43:44.0708 3012 VSS - ok
16:43:44.0796 3012 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:43:44.0798 3012 vwifibus - ok
16:43:44.0813 3012 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:43:44.0814 3012 vwififlt - ok
16:43:44.0830 3012 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:43:44.0836 3012 W32Time - ok
16:43:44.0854 3012 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:43:44.0855 3012 WacomPen - ok
16:43:44.0872 3012 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:43:44.0874 3012 WANARP - ok
16:43:44.0877 3012 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:43:44.0878 3012 Wanarpv6 - ok
16:43:44.0934 3012 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
16:43:44.0956 3012 WatAdminSvc - ok
16:43:45.0021 3012 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:43:45.0045 3012 wbengine - ok
16:43:45.0111 3012 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:43:45.0116 3012 WbioSrvc - ok
16:43:45.0138 3012 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:43:45.0144 3012 wcncsvc - ok
16:43:45.0157 3012 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:43:45.0160 3012 WcsPlugInService - ok
16:43:45.0174 3012 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:43:45.0175 3012 Wd - ok
16:43:45.0197 3012 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:43:45.0202 3012 Wdf01000 - ok
16:43:45.0208 3012 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:43:45.0210 3012 WdiServiceHost - ok
16:43:45.0212 3012 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:43:45.0213 3012 WdiSystemHost - ok
16:43:45.0234 3012 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:43:45.0237 3012 WebClient - ok
16:43:45.0251 3012 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:43:45.0254 3012 Wecsvc - ok
16:43:45.0262 3012 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:43:45.0264 3012 wercplsupport - ok
16:43:45.0281 3012 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:43:45.0283 3012 WerSvc - ok
16:43:45.0292 3012 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:43:45.0293 3012 WfpLwf - ok
16:43:45.0320 3012 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
16:43:45.0323 3012 WimFltr - ok
16:43:45.0337 3012 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:43:45.0338 3012 WIMMount - ok
16:43:45.0364 3012 WinDefend - ok
16:43:45.0370 3012 WinHttpAutoProxySvc - ok
16:43:45.0422 3012 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:43:45.0425 3012 Winmgmt - ok
16:43:45.0482 3012 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:43:45.0529 3012 WinRM - ok
16:43:45.0595 3012 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
16:43:45.0597 3012 WinUsb - ok
16:43:45.0634 3012 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:43:45.0645 3012 Wlansvc - ok
16:43:45.0689 3012 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:43:45.0690 3012 wlcrasvc - ok
16:43:45.0763 3012 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:43:45.0799 3012 wlidsvc - ok
16:43:45.0853 3012 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:43:45.0854 3012 WmiAcpi - ok
16:43:45.0877 3012 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:43:45.0879 3012 wmiApSrv - ok
16:43:45.0892 3012 WMPNetworkSvc - ok
16:43:45.0901 3012 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:43:45.0902 3012 WPCSvc - ok
16:43:45.0915 3012 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:43:45.0917 3012 WPDBusEnum - ok
16:43:45.0928 3012 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:43:45.0929 3012 ws2ifsl - ok
16:43:45.0940 3012 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:43:45.0942 3012 wscsvc - ok
16:43:45.0943 3012 WSearch - ok
16:43:46.0026 3012 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:43:46.0065 3012 wuauserv - ok
16:43:46.0109 3012 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:43:46.0111 3012 WudfPf - ok
16:43:46.0141 3012 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:43:46.0144 3012 WUDFRd - ok
16:43:46.0155 3012 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:43:46.0157 3012 wudfsvc - ok
16:43:46.0168 3012 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:43:46.0171 3012 WwanSvc - ok
16:43:46.0206 3012 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:43:46.0232 3012 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:43:46.0232 3012 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:43:46.0285 3012 Boot (0x1200) (b763d5726234123f60eafc013bc6ba5d) \Device\Harddisk0\DR0\Partition0
16:43:46.0287 3012 \Device\Harddisk0\DR0\Partition0 - ok
16:43:46.0298 3012 Boot (0x1200) (74616fdcf87935f3ef8c13eb0e9bbeec) \Device\Harddisk0\DR0\Partition1
16:43:46.0299 3012 \Device\Harddisk0\DR0\Partition1 - ok
16:43:46.0300 3012 ============================================================
16:43:46.0300 3012 Scan finished
16:43:46.0300 3012 ============================================================
16:43:46.0306 5244 Detected object count: 1
16:43:46.0306 5244 Actual detected object count: 1
16:44:17.0097 5244 \Device\Harddisk0\DR0\# - copied to quarantine
16:44:17.0098 5244 \Device\Harddisk0\DR0 - copied to quarantine
16:44:17.0168 5244 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
16:44:17.0170 5244 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
16:44:17.0175 5244 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
16:44:17.0179 5244 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
16:44:17.0192 5244 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
16:44:17.0200 5244 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
16:44:17.0201 5244 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
16:44:17.0202 5244 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
16:44:17.0204 5244 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
16:44:17.0206 5244 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
16:44:17.0208 5244 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
16:44:17.0209 5244 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
16:44:17.0210 5244 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
16:44:17.0212 5244 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
16:44:17.0223 5244 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
16:44:17.0225 5244 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
16:44:17.0226 5244 \Device\Harddisk0\DR0 - ok
16:44:17.0236 5244 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
16:46:11.0214 0640 Deinitialize success


ASWMBR


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-16 16:52:07
-----------------------------
16:52:07.797 OS Version: Windows x64 6.1.7601 Service Pack 1
16:52:07.797 Number of processors: 4 586 0x2A07
16:52:07.797 ComputerName: HOME-PC UserName: Home
16:52:10.043 Initialize success
16:52:46.343 AVAST engine defs: 12071601
16:52:55.298 The log file has been saved successfully to "C:\Users\Home\Documents\aswMBR.txt"



ESET ONLINE SCANNER


C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0004.dta a variant of Win32/Rootkit.Kryptik.MY trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0005.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0009.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0010.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\16.07.2012_16.43.22\mbr0000\tdlfs0000\tsk0014.dta a variant of Win32/Olmarik.AYI trojan cleaned by deleting - quarantined








#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:03 AM

Posted 16 July 2012 - 08:00 PM

Restart the PC ,run ASWMBR again,post the new log

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 squibbelings

squibbelings
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:03 PM

Posted 16 July 2012 - 10:02 PM






Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.16.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Home :: HOME-PC [administrator]

Protection: Enabled

7/16/2012 7:51:09 PM
mbam-log-2012-07-16 (19-51-09).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 329880
Time elapsed: 25 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)














MiniToolBox by Farbar Version: 15-07-2012
Ran by Home (administrator) on 16-07-2012 at 20:56:05
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Home-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : D4-BE-D9-9D-3D-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::4400:c22d:b7e1:7738%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 16, 2012 7:50:07 PM
Lease Expires . . . . . . . . . . : Friday, August 23, 2148 3:24:24 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 299155161
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F2-D8-4A-D4-BE-D9-9D-3D-42
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 9C-B7-0D-4D-40-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::215a:4552:fcdd:fe00%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, July 16, 2012 7:50:09 PM
Lease Expires . . . . . . . . . . : Friday, August 23, 2148 3:24:24 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 194819853
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-F2-D8-4A-D4-BE-D9-9D-3D-42
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1cdb:29ff:3f57:fdfa(Preferred)
Link-local IPv6 Address . . . . . : fe80::1cdb:29ff:3f57:fdfa%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: Vista
Address: 192.168.2.1

Name: google.com
Addresses: 2607:f8b0:400f:801::1007
74.125.225.200
74.125.225.199
74.125.225.192
74.125.225.195
74.125.225.198
74.125.225.197
74.125.225.193
74.125.225.194
74.125.225.201
74.125.225.196
74.125.225.206


Pinging google.com [74.125.225.195] with 32 bytes of data:
Reply from 74.125.225.195: bytes=32 time=37ms TTL=55
Reply from 74.125.225.195: bytes=32 time=37ms TTL=55

Ping statistics for 74.125.225.195:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 37ms, Maximum = 37ms, Average = 37ms
Server: Vista
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=49ms TTL=50
Reply from 72.30.38.140: bytes=32 time=91ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 49ms, Maximum = 91ms, Average = 70ms
Server: Vista
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
===========================================================================
Interface List
12...d4 be d9 9d 3d 42 ......Broadcom NetLink ™ Gigabit Ethernet
11...9c b7 0d 4d 40 0c ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.5 20
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.6 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.5 276
192.168.2.0 255.255.255.0 On-link 192.168.2.6 281
192.168.2.5 255.255.255.255 On-link 192.168.2.5 276
192.168.2.6 255.255.255.255 On-link 192.168.2.6 281
192.168.2.255 255.255.255.255 On-link 192.168.2.5 276
192.168.2.255 255.255.255.255 On-link 192.168.2.6 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.5 276
224.0.0.0 240.0.0.0 On-link 192.168.2.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.5 276
255.255.255.255 255.255.255.255 On-link 192.168.2.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:5ef5:79fd:1cdb:29ff:3f57:fdfa/128
On-link
12 276 fe80::/64 On-link
11 281 fe80::/64 On-link
17 306 fe80::/64 On-link
17 306 fe80::1cdb:29ff:3f57:fdfa/128
On-link
11 281 fe80::215a:4552:fcdd:fe00/128
On-link
12 276 fe80::4400:c22d:b7e1:7738/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
12 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/16/2012 08:42:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11014

Error: (07/16/2012 08:42:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11014

Error: (07/16/2012 08:42:29 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2012 08:42:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10016

Error: (07/16/2012 08:42:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10016

Error: (07/16/2012 08:42:28 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2012 08:42:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9002

Error: (07/16/2012 08:42:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9002

Error: (07/16/2012 08:42:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2012 08:42:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003


System errors:
=============
Error: (07/16/2012 07:50:36 PM) (Source: Service Control Manager) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/16/2012 07:49:36 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/16/2012 07:16:44 PM) (Source: Service Control Manager) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/16/2012 07:15:21 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/16/2012 04:49:32 PM) (Source: Service Control Manager) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/16/2012 04:48:00 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/16/2012 04:47:23 PM) (Source: Service Control Manager) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/16/2012 04:46:11 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/16/2012 00:31:09 PM) (Source: Service Control Manager) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (07/16/2012 02:28:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2709715).


Microsoft Office Sessions:
=========================
Error: (07/16/2012 08:42:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11014

Error: (07/16/2012 08:42:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11014

Error: (07/16/2012 08:42:29 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2012 08:42:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10016

Error: (07/16/2012 08:42:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10016

Error: (07/16/2012 08:42:28 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2012 08:42:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9002

Error: (07/16/2012 08:42:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9002

Error: (07/16/2012 08:42:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/16/2012 08:42:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8003


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
AMD APP SDK Runtime (Version: 2.4.650.9)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AT&T Connect Participant Application v8.9.35 (Version: 8.9.35)
ATI AVIVO64 Codecs (Version: 11.6.0.10628)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.0628.2340.40663)
Catalyst Control Center InstallProxy (Version: 2011.0628.2340.40663)
Catalyst Control Center Localization All (Version: 2011.0628.2340.40663)
ccc-utility64 (Version: 2011.0628.2340.40663)
CCC Help Chinese Standard (Version: 2011.0628.2339.40663)
CCC Help Chinese Traditional (Version: 2011.0628.2339.40663)
CCC Help Czech (Version: 2011.0628.2339.40663)
CCC Help Danish (Version: 2011.0628.2339.40663)
CCC Help Dutch (Version: 2011.0628.2339.40663)
CCC Help English (Version: 2011.0628.2339.40663)
CCC Help Finnish (Version: 2011.0628.2339.40663)
CCC Help French (Version: 2011.0628.2339.40663)
CCC Help German (Version: 2011.0628.2339.40663)
CCC Help Greek (Version: 2011.0628.2339.40663)
CCC Help Hungarian (Version: 2011.0628.2339.40663)
CCC Help Italian (Version: 2011.0628.2339.40663)
CCC Help Japanese (Version: 2011.0628.2339.40663)
CCC Help Korean (Version: 2011.0628.2339.40663)
CCC Help Norwegian (Version: 2011.0628.2339.40663)
CCC Help Polish (Version: 2011.0628.2339.40663)
CCC Help Portuguese (Version: 2011.0628.2339.40663)
CCC Help Russian (Version: 2011.0628.2339.40663)
CCC Help Spanish (Version: 2011.0628.2339.40663)
CCC Help Swedish (Version: 2011.0628.2339.40663)
CCC Help Thai (Version: 2011.0628.2339.40663)
CCC Help Turkish (Version: 2011.0628.2339.40663)
Coupon Printer for Windows (Version: 5.0.0.1)
CouponBar (Version: 5.0.0.5)
Cozi (Version: 1.0.6505.38692)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.64)
Dell DataSafe Local Backup (Version: 9.4.64)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.6.225.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Product Registration (Version: 1.1.3)
Dell Stage (Version: 1.6.301.0)
Dell Support Center (Version: 3.1.5907.39)
Dell VideoStage (Version: 1.3.0.2214)
DirectX 9 Runtime (Version: 1.00.0000)
DW WLAN Card (Version: 5.60.48.35)
eBay (Version: 1.4.0)
ESET Online Scanner v3
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.5.1)
Java™ 7 Update 1 (64-bit) (Version: 7.0.10)
Java™ 7 Update 1 (Version: 7.0.10)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 2.0.181.2)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
Norton AntiVirus (Version: 19.1.0.28)
Origin (Version: 8.2.2.2413)
PhotoShowExpress (Version: 2.0.063)
QuickTime (Version: 7.71.80.42)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Skype™ 5.5 (Version: 5.5.119)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
The Sims™ 3 (Version: 1.34.27)
The Sims™ 3 High-End Loft Stuff (Version: 3.0.38)
The Sims™ 3 Late Night (Version: 6.0.81)
The Sims™ 3 Showtime (Version: 12.0.273)
THX TruStudio PC (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 8174.46 MB
Available physical RAM: 6512.54 MB
Total Pagefile: 16347.11 MB
Available Pagefile: 13537.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.17 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:852.97 GB) NTFS
2 Drive d: (Sims3EP06) (CDROM) (Total:5.22 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\HOME-PC

Administrator Guest Home


**** End of log ****












Farbar Service Scanner Version: 08-07-2012
Ran by Home (administrator) on 16-07-2012 at 20:57:20
Running from "C:\Users\Home\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:03 AM

Posted 16 July 2012 - 10:21 PM

Run ASWMBR once again and post the new log

Let me know if you have any current issues

#7 squibbelings

squibbelings
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:03 PM

Posted 17 July 2012 - 07:45 PM


No current issues.
Thank you so much!

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-16 16:52:07
-----------------------------
16:52:07.797 OS Version: Windows x64 6.1.7601 Service Pack 1
16:52:07.797 Number of processors: 4 586 0x2A07
16:52:07.797 ComputerName: HOME-PC UserName: Home
16:52:10.043 Initialize success
16:52:46.343 AVAST engine defs: 12071601
16:52:55.298 The log file has been saved successfully to "C:\Users\Home\Documents\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-17 15:50:44
-----------------------------
15:50:44.960 OS Version: Windows x64 6.1.7601 Service Pack 1
15:50:44.960 Number of processors: 4 586 0x2A07
15:50:44.960 ComputerName: HOME-PC UserName: Home
15:50:48.252 Initialize success
15:50:51.949 AVAST engine defs: 12071601
15:50:59.733 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:50:59.733 Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
15:50:59.749 Disk 0 MBR read successfully
15:50:59.749 Disk 0 MBR scan
15:50:59.764 Disk 0 Windows VISTA default MBR code
15:50:59.764 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
15:50:59.764 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 13568 MB offset 81920
15:50:59.764 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 940260 MB offset 27869184
15:50:59.780 Disk 0 scanning C:\Windows\system32\drivers
15:51:07.362 Service scanning
15:51:21.168 Modules scanning
15:51:21.168 Disk 0 trace - called modules:
15:51:21.183 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
15:51:21.199 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009d15060]
15:51:21.511 3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800759d050]
15:51:33.086 AVAST engine scan C:\Windows
15:51:41.292 AVAST engine scan C:\Windows\system32
15:53:45.834 AVAST engine scan C:\Windows\system32\drivers
15:53:58.596 AVAST engine scan C:\Users\Home
15:55:37.242 AVAST engine scan C:\ProgramData
15:56:29.825 Scan finished successfully
18:42:00.980 Disk 0 MBR has been saved successfully to "C:\Users\Home\Documents\MBR.dat"
18:42:00.980 The log file has been saved successfully to "C:\Users\Home\Documents\aswMBR.txt"






#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:03 AM

Posted 17 July 2012 - 08:53 PM

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users