Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected, need help.


  • Please log in to reply
9 replies to this topic

#1 sutter63

sutter63

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 28 July 2012 - 08:21 AM

My computer is infected. I constantly get pop-ups in the lower right corner, which often look like an iPhone, and often are ads for the same thing I am searching for. When I close the small pop-up, it sometimes minimizes to a very small box that says "Recommended For You".

I am also very often redirected to other websites when doing a routine search. I am running Windows 7, and use IE9. AVG 2012, Malwarebytes and Spybot have found nothing. AVG 2012 will no longer update. I get a "general failure" message after an attempted AVG program update.

Any help would be great!

Thanks,
Ron

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 AM

Posted 28 July 2012 - 08:30 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 sutter63

sutter63
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 28 July 2012 - 10:51 AM

There are 3 logs posted in this response.


Here is the log from TDSSkiller:


10:19:17.0891 6784 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
10:19:18.0156 6784 ============================================================
10:19:18.0156 6784 Current date / time: 2012/07/28 10:19:18.0156
10:19:18.0156 6784 SystemInfo:
10:19:18.0156 6784
10:19:18.0156 6784 OS Version: 6.1.7601 ServicePack: 1.0
10:19:18.0156 6784 Product type: Workstation
10:19:18.0156 6784 ComputerName: INSPIRON-15R
10:19:18.0156 6784 UserName: Ron
10:19:18.0156 6784 Windows directory: C:\Windows
10:19:18.0156 6784 System windows directory: C:\Windows
10:19:18.0156 6784 Running under WOW64
10:19:18.0156 6784 Processor architecture: Intel x64
10:19:18.0156 6784 Number of processors: 4
10:19:18.0156 6784 Page size: 0x1000
10:19:18.0156 6784 Boot type: Normal boot
10:19:18.0156 6784 ============================================================
10:19:18.0671 6784 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:19:18.0671 6784 ============================================================
10:19:18.0671 6784 \Device\Harddisk0\DR0:
10:19:18.0671 6784 MBR partitions:
10:19:18.0671 6784 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
10:19:18.0671 6784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x48AD92B0
10:19:18.0671 6784 ============================================================
10:19:18.0702 6784 C: <-> \Device\Harddisk0\DR0\Partition1
10:19:18.0702 6784 ============================================================
10:19:18.0702 6784 Initialize success
10:19:18.0702 6784 ============================================================
10:19:46.0751 5796 ============================================================
10:19:46.0751 5796 Scan started
10:19:46.0751 5796 Mode: Manual; TDLFS;
10:19:46.0751 5796 ============================================================
10:19:47.0453 5796 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:19:47.0453 5796 1394ohci - ok
10:19:47.0516 5796 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:19:47.0516 5796 ACPI - ok
10:19:47.0562 5796 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:19:47.0562 5796 AcpiPmi - ok
10:19:47.0672 5796 AdobeARMservice (11a52cf7b265631deeb24c6149309eff) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:19:47.0672 5796 AdobeARMservice - ok
10:19:47.0765 5796 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:19:47.0765 5796 adp94xx - ok
10:19:47.0843 5796 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:19:47.0843 5796 adpahci - ok
10:19:47.0906 5796 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:19:47.0906 5796 adpu320 - ok
10:19:47.0952 5796 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:19:47.0952 5796 AeLookupSvc - ok
10:19:48.0015 5796 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
10:19:48.0015 5796 AESTFilters - ok
10:19:48.0093 5796 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:19:48.0108 5796 AFD - ok
10:19:48.0155 5796 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:19:48.0155 5796 agp440 - ok
10:19:48.0186 5796 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:19:48.0186 5796 ALG - ok
10:19:48.0233 5796 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:19:48.0233 5796 aliide - ok
10:19:48.0249 5796 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:19:48.0249 5796 amdide - ok
10:19:48.0296 5796 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:19:48.0296 5796 AmdK8 - ok
10:19:48.0327 5796 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:19:48.0327 5796 AmdPPM - ok
10:19:48.0374 5796 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:19:48.0374 5796 amdsata - ok
10:19:48.0436 5796 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:19:48.0436 5796 amdsbs - ok
10:19:48.0467 5796 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:19:48.0467 5796 amdxata - ok
10:19:48.0514 5796 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:19:48.0530 5796 AppID - ok
10:19:48.0561 5796 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:19:48.0561 5796 AppIDSvc - ok
10:19:48.0623 5796 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:19:48.0623 5796 Appinfo - ok
10:19:48.0732 5796 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:19:48.0732 5796 Apple Mobile Device - ok
10:19:48.0779 5796 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:19:48.0779 5796 arc - ok
10:19:48.0795 5796 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:19:48.0795 5796 arcsas - ok
10:19:48.0826 5796 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:19:48.0826 5796 AsyncMac - ok
10:19:48.0888 5796 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:19:48.0888 5796 atapi - ok
10:19:48.0982 5796 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:19:48.0982 5796 AudioEndpointBuilder - ok
10:19:48.0998 5796 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:19:48.0998 5796 AudioSrv - ok
10:19:49.0138 5796 AVG Security Toolbar Service (d45b7995761253a92ab071d576114f28) C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
10:19:49.0138 5796 AVG Security Toolbar Service - ok
10:19:49.0590 5796 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
10:19:49.0622 5796 AVGIDSAgent - ok
10:19:49.0793 5796 AVGIDSDriver (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
10:19:49.0793 5796 AVGIDSDriver - ok
10:19:49.0856 5796 AVGIDSFilter (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
10:19:49.0856 5796 AVGIDSFilter - ok
10:19:49.0934 5796 AVGIDSHA (cffc3a4a638f462e0561cb368b9a7a3a) C:\Windows\system32\DRIVERS\avgidsha.sys
10:19:49.0934 5796 AVGIDSHA - ok
10:19:50.0027 5796 Avgldx64 (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
10:19:50.0027 5796 Avgldx64 - ok
10:19:50.0105 5796 Avgmfx64 (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
10:19:50.0105 5796 Avgmfx64 - ok
10:19:50.0168 5796 Avgrkx64 (645c7f0a0e39758a0024a9b1748273c0) C:\Windows\system32\DRIVERS\avgrkx64.sys
10:19:50.0168 5796 Avgrkx64 - ok
10:19:50.0230 5796 Avgtdia (1bee674ad792b1c63bb0dac5fa724b23) C:\Windows\system32\DRIVERS\avgtdia.sys
10:19:50.0230 5796 Avgtdia - ok
10:19:50.0355 5796 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:19:50.0355 5796 avgwd - ok
10:19:50.0417 5796 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:19:50.0417 5796 AxInstSV - ok
10:19:50.0495 5796 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:19:50.0511 5796 b06bdrv - ok
10:19:50.0573 5796 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:19:50.0573 5796 b57nd60a - ok
10:19:50.0729 5796 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
10:19:50.0729 5796 BBSvc - ok
10:19:50.0807 5796 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
10:19:50.0807 5796 BBUpdate - ok
10:19:50.0854 5796 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
10:19:50.0854 5796 BCM42RLY - ok
10:19:51.0088 5796 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
10:19:51.0104 5796 BCM43XX - ok
10:19:51.0228 5796 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys
10:19:51.0228 5796 BcmVWL - ok
10:19:51.0291 5796 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:19:51.0291 5796 BDESVC - ok
10:19:51.0322 5796 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:19:51.0322 5796 Beep - ok
10:19:51.0447 5796 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:19:51.0447 5796 BFE - ok
10:19:51.0556 5796 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:19:51.0572 5796 BITS - ok
10:19:51.0681 5796 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:19:51.0681 5796 blbdrive - ok
10:19:51.0790 5796 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:19:51.0790 5796 Bonjour Service - ok
10:19:51.0852 5796 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:19:51.0852 5796 bowser - ok
10:19:51.0884 5796 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:19:51.0884 5796 BrFiltLo - ok
10:19:51.0899 5796 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:19:51.0899 5796 BrFiltUp - ok
10:19:51.0962 5796 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:19:51.0962 5796 Browser - ok
10:19:52.0008 5796 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:19:52.0008 5796 Brserid - ok
10:19:52.0040 5796 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:19:52.0040 5796 BrSerWdm - ok
10:19:52.0071 5796 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:19:52.0071 5796 BrUsbMdm - ok
10:19:52.0086 5796 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:19:52.0086 5796 BrUsbSer - ok
10:19:52.0102 5796 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:19:52.0102 5796 BTHMODEM - ok
10:19:52.0149 5796 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:19:52.0149 5796 bthserv - ok
10:19:52.0180 5796 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:19:52.0180 5796 cdfs - ok
10:19:52.0242 5796 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:19:52.0242 5796 cdrom - ok
10:19:52.0289 5796 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:19:52.0289 5796 CertPropSvc - ok
10:19:52.0320 5796 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:19:52.0320 5796 circlass - ok
10:19:52.0383 5796 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:19:52.0383 5796 CLFS - ok
10:19:52.0523 5796 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:19:52.0523 5796 clr_optimization_v2.0.50727_32 - ok
10:19:52.0539 5796 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:19:52.0554 5796 clr_optimization_v2.0.50727_64 - ok
10:19:52.0664 5796 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:19:52.0664 5796 clr_optimization_v4.0.30319_32 - ok
10:19:52.0710 5796 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:19:52.0710 5796 clr_optimization_v4.0.30319_64 - ok
10:19:52.0757 5796 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:19:52.0757 5796 CmBatt - ok
10:19:52.0788 5796 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:19:52.0788 5796 cmdide - ok
10:19:52.0866 5796 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:19:52.0882 5796 CNG - ok
10:19:52.0913 5796 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:19:52.0913 5796 Compbatt - ok
10:19:52.0944 5796 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:19:52.0944 5796 CompositeBus - ok
10:19:52.0960 5796 COMSysApp - ok
10:19:52.0976 5796 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:19:52.0976 5796 crcdisk - ok
10:19:53.0038 5796 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
10:19:53.0038 5796 CryptSvc - ok
10:19:53.0116 5796 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:19:53.0116 5796 CtClsFlt - ok
10:19:53.0210 5796 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:19:53.0210 5796 DcomLaunch - ok
10:19:53.0256 5796 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:19:53.0272 5796 defragsvc - ok
10:19:53.0303 5796 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:19:53.0303 5796 DfsC - ok
10:19:53.0381 5796 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:19:53.0381 5796 Dhcp - ok
10:19:53.0412 5796 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:19:53.0412 5796 discache - ok
10:19:53.0459 5796 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:19:53.0459 5796 Disk - ok
10:19:53.0490 5796 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:19:53.0490 5796 Dnscache - ok
10:19:53.0615 5796 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
10:19:53.0615 5796 DockLoginService - ok
10:19:53.0678 5796 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:19:53.0678 5796 dot3svc - ok
10:19:53.0724 5796 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:19:53.0724 5796 DPS - ok
10:19:53.0756 5796 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:19:53.0756 5796 drmkaud - ok
10:19:53.0865 5796 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:19:53.0880 5796 DXGKrnl - ok
10:19:53.0912 5796 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:19:53.0912 5796 EapHost - ok
10:19:54.0208 5796 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:19:54.0239 5796 ebdrv - ok
10:19:54.0380 5796 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:19:54.0380 5796 EFS - ok
10:19:54.0473 5796 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:19:54.0473 5796 ehRecvr - ok
10:19:54.0551 5796 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:19:54.0551 5796 ehSched - ok
10:19:54.0676 5796 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:19:54.0692 5796 elxstor - ok
10:19:54.0707 5796 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:19:54.0707 5796 ErrDev - ok
10:19:54.0785 5796 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:19:54.0785 5796 EventSystem - ok
10:19:54.0832 5796 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:19:54.0832 5796 exfat - ok
10:19:54.0879 5796 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:19:54.0879 5796 fastfat - ok
10:19:54.0972 5796 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:19:54.0988 5796 Fax - ok
10:19:55.0019 5796 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:19:55.0019 5796 fdc - ok
10:19:55.0050 5796 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:19:55.0050 5796 fdPHost - ok
10:19:55.0050 5796 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:19:55.0066 5796 FDResPub - ok
10:19:55.0082 5796 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:19:55.0097 5796 FileInfo - ok
10:19:55.0113 5796 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:19:55.0113 5796 Filetrace - ok
10:19:55.0144 5796 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:19:55.0144 5796 flpydisk - ok
10:19:55.0206 5796 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:19:55.0206 5796 FltMgr - ok
10:19:55.0331 5796 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:19:55.0347 5796 FontCache - ok
10:19:55.0425 5796 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:19:55.0425 5796 FontCache3.0.0.0 - ok
10:19:55.0487 5796 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:19:55.0487 5796 FsDepends - ok
10:19:55.0550 5796 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:19:55.0550 5796 Fs_Rec - ok
10:19:55.0612 5796 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:19:55.0612 5796 fvevol - ok
10:19:55.0643 5796 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:19:55.0643 5796 gagp30kx - ok
10:19:55.0737 5796 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
10:19:55.0737 5796 GameConsoleService - ok
10:19:55.0768 5796 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:19:55.0768 5796 GEARAspiWDM - ok
10:19:55.0799 5796 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
10:19:55.0799 5796 GoToAssist - ok
10:19:55.0908 5796 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:19:55.0908 5796 gpsvc - ok
10:19:55.0940 5796 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:19:55.0940 5796 hcw85cir - ok
10:19:56.0033 5796 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:19:56.0033 5796 HdAudAddService - ok
10:19:56.0064 5796 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:19:56.0064 5796 HDAudBus - ok
10:19:56.0111 5796 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
10:19:56.0111 5796 HECIx64 - ok
10:19:56.0142 5796 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:19:56.0142 5796 HidBatt - ok
10:19:56.0158 5796 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:19:56.0158 5796 HidBth - ok
10:19:56.0189 5796 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:19:56.0189 5796 HidIr - ok
10:19:56.0220 5796 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:19:56.0220 5796 hidserv - ok
10:19:56.0267 5796 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:19:56.0267 5796 HidUsb - ok
10:19:56.0314 5796 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:19:56.0314 5796 hkmsvc - ok
10:19:56.0376 5796 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:19:56.0376 5796 HomeGroupListener - ok
10:19:56.0423 5796 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:19:56.0423 5796 HomeGroupProvider - ok
10:19:56.0470 5796 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:19:56.0470 5796 HpSAMD - ok
10:19:56.0579 5796 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:19:56.0579 5796 HTTP - ok
10:19:56.0610 5796 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:19:56.0610 5796 hwpolicy - ok
10:19:56.0673 5796 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:19:56.0673 5796 i8042prt - ok
10:19:56.0766 5796 iaStor (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\DRIVERS\iaStor.sys
10:19:56.0766 5796 iaStor - ok
10:19:56.0860 5796 IAStorDataMgrSvc (a9be186abf28b3d3d698cb855edf457e) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:19:56.0860 5796 IAStorDataMgrSvc - ok
10:19:56.0922 5796 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:19:56.0922 5796 iaStorV - ok
10:19:57.0078 5796 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:19:57.0094 5796 idsvc - ok
10:19:57.0827 5796 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:19:57.0874 5796 igfx - ok
10:19:58.0030 5796 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:19:58.0030 5796 iirsp - ok
10:19:58.0124 5796 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:19:58.0139 5796 IKEEXT - ok
10:19:58.0186 5796 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
10:19:58.0186 5796 Impcd - ok
10:19:58.0248 5796 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:19:58.0248 5796 IntcDAud - ok
10:19:58.0280 5796 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:19:58.0280 5796 intelide - ok
10:19:58.0311 5796 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:19:58.0326 5796 intelppm - ok
10:19:58.0358 5796 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:19:58.0358 5796 IPBusEnum - ok
10:19:58.0404 5796 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:19:58.0404 5796 IpFilterDriver - ok
10:19:58.0498 5796 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:19:58.0498 5796 iphlpsvc - ok
10:19:58.0545 5796 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:19:58.0545 5796 IPMIDRV - ok
10:19:58.0592 5796 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:19:58.0592 5796 IPNAT - ok
10:19:58.0701 5796 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
10:19:58.0716 5796 iPod Service - ok
10:19:58.0748 5796 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:19:58.0748 5796 IRENUM - ok
10:19:58.0779 5796 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:19:58.0779 5796 isapnp - ok
10:19:58.0841 5796 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:19:58.0841 5796 iScsiPrt - ok
10:19:58.0872 5796 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:19:58.0872 5796 kbdclass - ok
10:19:58.0919 5796 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:19:58.0919 5796 kbdhid - ok
10:19:58.0950 5796 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:19:58.0950 5796 KeyIso - ok
10:19:58.0982 5796 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:19:58.0982 5796 KSecDD - ok
10:19:59.0013 5796 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:19:59.0028 5796 KSecPkg - ok
10:19:59.0060 5796 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:19:59.0060 5796 ksthunk - ok
10:19:59.0122 5796 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:19:59.0122 5796 KtmRm - ok
10:19:59.0184 5796 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:19:59.0200 5796 LanmanServer - ok
10:19:59.0231 5796 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:19:59.0247 5796 LanmanWorkstation - ok
10:19:59.0294 5796 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:19:59.0294 5796 lltdio - ok
10:19:59.0340 5796 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:19:59.0356 5796 lltdsvc - ok
10:19:59.0387 5796 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:19:59.0403 5796 lmhosts - ok
10:19:59.0528 5796 LMS (23de5b62b0445a6f874be633c95b483e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:19:59.0528 5796 LMS - ok
10:19:59.0559 5796 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:19:59.0559 5796 LSI_FC - ok
10:19:59.0606 5796 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:19:59.0606 5796 LSI_SAS - ok
10:19:59.0621 5796 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:19:59.0621 5796 LSI_SAS2 - ok
10:19:59.0652 5796 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:19:59.0652 5796 LSI_SCSI - ok
10:19:59.0684 5796 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:19:59.0684 5796 luafv - ok
10:19:59.0730 5796 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:19:59.0746 5796 Mcx2Svc - ok
10:19:59.0777 5796 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:19:59.0777 5796 megasas - ok
10:19:59.0808 5796 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:19:59.0808 5796 MegaSR - ok
10:19:59.0933 5796 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:19:59.0933 5796 Microsoft Office Groove Audit Service - ok
10:19:59.0964 5796 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:19:59.0964 5796 MMCSS - ok
10:20:00.0011 5796 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:20:00.0011 5796 Modem - ok
10:20:00.0042 5796 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:20:00.0042 5796 monitor - ok
10:20:00.0089 5796 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
10:20:00.0089 5796 mouclass - ok
10:20:00.0120 5796 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:20:00.0120 5796 mouhid - ok
10:20:00.0167 5796 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:20:00.0183 5796 mountmgr - ok
10:20:00.0214 5796 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:20:00.0214 5796 mpio - ok
10:20:00.0261 5796 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:20:00.0261 5796 mpsdrv - ok
10:20:00.0370 5796 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:20:00.0370 5796 MpsSvc - ok
10:20:00.0417 5796 mrtRate - ok
10:20:00.0448 5796 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:20:00.0448 5796 MRxDAV - ok
10:20:00.0510 5796 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:20:00.0510 5796 mrxsmb - ok
10:20:00.0557 5796 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:20:00.0557 5796 mrxsmb10 - ok
10:20:00.0588 5796 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:20:00.0588 5796 mrxsmb20 - ok
10:20:00.0620 5796 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:20:00.0620 5796 msahci - ok
10:20:00.0651 5796 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:20:00.0666 5796 msdsm - ok
10:20:00.0698 5796 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:20:00.0713 5796 MSDTC - ok
10:20:00.0744 5796 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:20:00.0744 5796 Msfs - ok
10:20:00.0776 5796 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:20:00.0776 5796 mshidkmdf - ok
10:20:00.0822 5796 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:20:00.0822 5796 msisadrv - ok
10:20:00.0854 5796 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:20:00.0854 5796 MSiSCSI - ok
10:20:00.0869 5796 msiserver - ok
10:20:00.0916 5796 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:20:00.0916 5796 MSKSSRV - ok
10:20:00.0932 5796 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:20:00.0932 5796 MSPCLOCK - ok
10:20:00.0947 5796 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:20:00.0947 5796 MSPQM - ok
10:20:01.0010 5796 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:20:01.0010 5796 MsRPC - ok
10:20:01.0056 5796 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:20:01.0056 5796 mssmbios - ok
10:20:01.0103 5796 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:20:01.0103 5796 MSTEE - ok
10:20:01.0119 5796 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:20:01.0119 5796 MTConfig - ok
10:20:01.0150 5796 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:20:01.0150 5796 Mup - ok
10:20:01.0228 5796 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:20:01.0228 5796 napagent - ok
10:20:01.0306 5796 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:20:01.0306 5796 NativeWifiP - ok
10:20:01.0415 5796 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:20:01.0415 5796 NDIS - ok
10:20:01.0446 5796 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:20:01.0462 5796 NdisCap - ok
10:20:01.0478 5796 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:20:01.0478 5796 NdisTapi - ok
10:20:01.0524 5796 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:20:01.0524 5796 Ndisuio - ok
10:20:01.0571 5796 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:20:01.0587 5796 NdisWan - ok
10:20:01.0634 5796 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:20:01.0634 5796 NDProxy - ok
10:20:01.0680 5796 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:20:01.0680 5796 NetBIOS - ok
10:20:01.0727 5796 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:20:01.0727 5796 NetBT - ok
10:20:01.0758 5796 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:20:01.0758 5796 Netlogon - ok
10:20:01.0821 5796 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:20:01.0836 5796 Netman - ok
10:20:01.0868 5796 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:20:01.0868 5796 netprofm - ok
10:20:01.0961 5796 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:20:01.0961 5796 NetTcpPortSharing - ok
10:20:02.0008 5796 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:20:02.0008 5796 nfrd960 - ok
10:20:02.0086 5796 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:20:02.0086 5796 NlaSvc - ok
10:20:02.0102 5796 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:20:02.0102 5796 Npfs - ok
10:20:02.0148 5796 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:20:02.0148 5796 nsi - ok
10:20:02.0164 5796 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:20:02.0164 5796 nsiproxy - ok
10:20:02.0304 5796 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:20:02.0351 5796 Ntfs - ok
10:20:02.0460 5796 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:20:02.0460 5796 Null - ok
10:20:02.0523 5796 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:20:02.0523 5796 nvraid - ok
10:20:02.0570 5796 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:20:02.0585 5796 nvstor - ok
10:20:02.0632 5796 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:20:02.0632 5796 nv_agp - ok
10:20:02.0772 5796 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:20:02.0788 5796 odserv - ok
10:20:02.0819 5796 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:20:02.0819 5796 ohci1394 - ok
10:20:02.0897 5796 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:20:02.0913 5796 ose - ok
10:20:02.0960 5796 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:20:02.0975 5796 p2pimsvc - ok
10:20:03.0022 5796 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:20:03.0038 5796 p2psvc - ok
10:20:03.0069 5796 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:20:03.0069 5796 Parport - ok
10:20:03.0116 5796 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:20:03.0116 5796 partmgr - ok
10:20:03.0162 5796 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:20:03.0162 5796 PcaSvc - ok
10:20:03.0194 5796 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:20:03.0209 5796 pci - ok
10:20:03.0225 5796 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:20:03.0225 5796 pciide - ok
10:20:03.0272 5796 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:20:03.0303 5796 pcmcia - ok
10:20:03.0318 5796 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:20:03.0318 5796 pcw - ok
10:20:03.0381 5796 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:20:03.0396 5796 PEAUTH - ok
10:20:03.0490 5796 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:20:03.0490 5796 PerfHost - ok
10:20:03.0646 5796 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:20:03.0662 5796 pla - ok
10:20:03.0755 5796 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:20:03.0755 5796 PlugPlay - ok
10:20:03.0802 5796 Pml Driver HPZ12 (f485770eec8959684cc4c4786b63c06c) C:\Windows\system32\HPZipm12.dll
10:20:03.0818 5796 Pml Driver HPZ12 - ok
10:20:03.0849 5796 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:20:03.0849 5796 PNRPAutoReg - ok
10:20:03.0896 5796 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:20:03.0896 5796 PNRPsvc - ok
10:20:03.0958 5796 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:20:03.0958 5796 PolicyAgent - ok
10:20:04.0005 5796 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:20:04.0005 5796 Power - ok
10:20:04.0098 5796 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:20:04.0098 5796 PptpMiniport - ok
10:20:04.0130 5796 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:20:04.0130 5796 Processor - ok
10:20:04.0176 5796 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
10:20:04.0176 5796 ProfSvc - ok
10:20:04.0223 5796 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:20:04.0223 5796 ProtectedStorage - ok
10:20:04.0286 5796 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:20:04.0286 5796 Psched - ok
10:20:04.0332 5796 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
10:20:04.0332 5796 PxHlpa64 - ok
10:20:04.0488 5796 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:20:04.0520 5796 ql2300 - ok
10:20:04.0644 5796 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:20:04.0660 5796 ql40xx - ok
10:20:04.0691 5796 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:20:04.0707 5796 QWAVE - ok
10:20:04.0722 5796 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:20:04.0722 5796 QWAVEdrv - ok
10:20:04.0738 5796 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:20:04.0738 5796 RasAcd - ok
10:20:04.0785 5796 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:20:04.0785 5796 RasAgileVpn - ok
10:20:04.0832 5796 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:20:04.0832 5796 RasAuto - ok
10:20:04.0878 5796 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:20:04.0878 5796 Rasl2tp - ok
10:20:04.0941 5796 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:20:04.0956 5796 RasMan - ok
10:20:04.0988 5796 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:20:04.0988 5796 RasPppoe - ok
10:20:05.0003 5796 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:20:05.0019 5796 RasSstp - ok
10:20:05.0066 5796 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:20:05.0081 5796 rdbss - ok
10:20:05.0097 5796 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:20:05.0097 5796 rdpbus - ok
10:20:05.0128 5796 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:20:05.0128 5796 RDPCDD - ok
10:20:05.0144 5796 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:20:05.0144 5796 RDPENCDD - ok
10:20:05.0159 5796 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:20:05.0159 5796 RDPREFMP - ok
10:20:05.0206 5796 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
10:20:05.0222 5796 RDPWD - ok
10:20:05.0284 5796 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:20:05.0284 5796 rdyboost - ok
10:20:05.0331 5796 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:20:05.0346 5796 RemoteAccess - ok
10:20:05.0378 5796 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:20:05.0378 5796 RemoteRegistry - ok
10:20:05.0409 5796 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:20:05.0409 5796 RpcEptMapper - ok
10:20:05.0424 5796 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:20:05.0424 5796 RpcLocator - ok
10:20:05.0502 5796 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:20:05.0502 5796 RpcSs - ok
10:20:05.0565 5796 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:20:05.0565 5796 rspndr - ok
10:20:05.0612 5796 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys
10:20:05.0643 5796 RSUSBSTOR - ok
10:20:05.0721 5796 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:20:05.0736 5796 RTL8167 - ok
10:20:05.0768 5796 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:20:05.0768 5796 SamSs - ok
10:20:05.0799 5796 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:20:05.0799 5796 sbp2port - ok
10:20:05.0970 5796 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
10:20:05.0970 5796 SBSDWSCService - ok
10:20:06.0017 5796 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:20:06.0017 5796 SCardSvr - ok
10:20:06.0095 5796 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:20:06.0095 5796 scfilter - ok
10:20:06.0204 5796 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:20:06.0220 5796 Schedule - ok
10:20:06.0267 5796 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:20:06.0267 5796 SCPolicySvc - ok
10:20:06.0314 5796 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:20:06.0314 5796 SDRSVC - ok
10:20:06.0360 5796 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:20:06.0376 5796 secdrv - ok
10:20:06.0407 5796 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:20:06.0407 5796 seclogon - ok
10:20:06.0438 5796 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:20:06.0438 5796 SENS - ok
10:20:06.0470 5796 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:20:06.0470 5796 SensrSvc - ok
10:20:06.0516 5796 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:20:06.0516 5796 Serenum - ok
10:20:06.0548 5796 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:20:06.0563 5796 Serial - ok
10:20:06.0594 5796 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:20:06.0594 5796 sermouse - ok
10:20:06.0641 5796 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:20:06.0657 5796 SessionEnv - ok
10:20:06.0688 5796 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:20:06.0688 5796 sffdisk - ok
10:20:06.0704 5796 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:20:06.0704 5796 sffp_mmc - ok
10:20:06.0735 5796 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:20:06.0735 5796 sffp_sd - ok
10:20:06.0766 5796 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:20:06.0782 5796 sfloppy - ok
10:20:06.0906 5796 SftService (38f88f0df46c4d42125ef721abd7f6b9) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:20:06.0906 5796 SftService - ok
10:20:06.0969 5796 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:20:06.0969 5796 SharedAccess - ok
10:20:07.0047 5796 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:20:07.0047 5796 ShellHWDetection - ok
10:20:07.0109 5796 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:20:07.0109 5796 SiSRaid2 - ok
10:20:07.0125 5796 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:20:07.0140 5796 SiSRaid4 - ok
10:20:07.0172 5796 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:20:07.0172 5796 Smb - ok
10:20:07.0234 5796 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:20:07.0234 5796 SNMPTRAP - ok
10:20:07.0265 5796 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:20:07.0265 5796 spldr - ok
10:20:07.0343 5796 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:20:07.0343 5796 Spooler - ok
10:20:07.0686 5796 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:20:07.0718 5796 sppsvc - ok
10:20:07.0827 5796 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:20:07.0827 5796 sppuinotify - ok
10:20:07.0920 5796 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
10:20:07.0920 5796 sprtsvc_DellSupportCenter - ok
10:20:08.0045 5796 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:20:08.0045 5796 srv - ok
10:20:08.0092 5796 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:20:08.0108 5796 srv2 - ok
10:20:08.0123 5796 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:20:08.0123 5796 srvnet - ok
10:20:08.0170 5796 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:20:08.0170 5796 SSDPSRV - ok
10:20:08.0201 5796 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:20:08.0201 5796 SstpSvc - ok
10:20:08.0264 5796 STacSV (463e33b1ea7af1e6eb87b66b831db41a) C:\Program Files\IDT\WDM\STacSV64.exe
10:20:08.0264 5796 STacSV - ok
10:20:08.0310 5796 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:20:08.0310 5796 stexstor - ok
10:20:08.0388 5796 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys
10:20:08.0388 5796 STHDA - ok
10:20:08.0466 5796 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:20:08.0482 5796 stisvc - ok
10:20:08.0498 5796 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:20:08.0498 5796 swenum - ok
10:20:08.0560 5796 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:20:08.0560 5796 swprv - ok
10:20:08.0638 5796 SynTP (8a3fbcb3d6d4710730d27da4392a4863) C:\Windows\system32\DRIVERS\SynTP.sys
10:20:08.0638 5796 SynTP - ok
10:20:08.0810 5796 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:20:08.0810 5796 SysMain - ok
10:20:08.0934 5796 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:20:08.0950 5796 TabletInputService - ok
10:20:08.0997 5796 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:20:09.0012 5796 TapiSrv - ok
10:20:09.0028 5796 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:20:09.0044 5796 TBS - ok
10:20:09.0247 5796 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:20:09.0293 5796 Tcpip - ok
10:20:09.0590 5796 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:20:09.0621 5796 TCPIP6 - ok
10:20:09.0730 5796 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:20:09.0730 5796 tcpipreg - ok
10:20:09.0761 5796 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:20:09.0761 5796 TDPIPE - ok
10:20:09.0777 5796 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:20:09.0793 5796 TDTCP - ok
10:20:09.0824 5796 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:20:09.0824 5796 tdx - ok
10:20:09.0886 5796 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:20:09.0886 5796 TermDD - ok
10:20:09.0980 5796 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:20:09.0995 5796 TermService - ok
10:20:10.0011 5796 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:20:10.0011 5796 Themes - ok
10:20:10.0058 5796 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:20:10.0058 5796 THREADORDER - ok
10:20:10.0073 5796 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:20:10.0073 5796 TrkWks - ok
10:20:10.0136 5796 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:20:10.0151 5796 TrustedInstaller - ok
10:20:10.0183 5796 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:20:10.0183 5796 tssecsrv - ok
10:20:10.0229 5796 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:20:10.0229 5796 TsUsbFlt - ok
10:20:10.0292 5796 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:20:10.0292 5796 tunnel - ok
10:20:10.0323 5796 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
10:20:10.0323 5796 TurboB - ok
10:20:10.0385 5796 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:20:10.0401 5796 TurboBoost - ok
10:20:10.0432 5796 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:20:10.0432 5796 uagp35 - ok
10:20:10.0495 5796 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:20:10.0495 5796 udfs - ok
10:20:10.0541 5796 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:20:10.0541 5796 UI0Detect - ok
10:20:10.0588 5796 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:20:10.0588 5796 uliagpkx - ok
10:20:10.0619 5796 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:20:10.0619 5796 umbus - ok
10:20:10.0666 5796 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:20:10.0666 5796 UmPass - ok
10:20:10.0900 5796 UNS (cc3775100aba633984f73dfae1f55cae) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:20:10.0916 5796 UNS - ok
10:20:11.0056 5796 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:20:11.0056 5796 upnphost - ok
10:20:11.0103 5796 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
10:20:11.0103 5796 USBAAPL64 - ok
10:20:11.0150 5796 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:20:11.0150 5796 usbccgp - ok
10:20:11.0197 5796 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:20:11.0197 5796 usbcir - ok
10:20:11.0212 5796 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:20:11.0212 5796 usbehci - ok
10:20:11.0259 5796 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:20:11.0259 5796 usbhub - ok
10:20:11.0306 5796 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:20:11.0306 5796 usbohci - ok
10:20:11.0337 5796 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:20:11.0337 5796 usbprint - ok
10:20:11.0368 5796 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
10:20:11.0384 5796 USBSTOR - ok
10:20:11.0399 5796 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:20:11.0399 5796 usbuhci - ok
10:20:11.0462 5796 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
10:20:11.0462 5796 usbvideo - ok
10:20:11.0493 5796 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:20:11.0493 5796 UxSms - ok
10:20:11.0540 5796 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:20:11.0540 5796 VaultSvc - ok
10:20:11.0587 5796 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:20:11.0587 5796 vdrvroot - ok
10:20:11.0665 5796 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:20:11.0680 5796 vds - ok
10:20:11.0727 5796 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:20:11.0743 5796 vga - ok
10:20:11.0758 5796 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:20:11.0758 5796 VgaSave - ok
10:20:11.0805 5796 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:20:11.0821 5796 vhdmp - ok
10:20:11.0867 5796 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:20:11.0867 5796 viaide - ok
10:20:11.0899 5796 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:20:11.0899 5796 volmgr - ok
10:20:11.0977 5796 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:20:11.0977 5796 volmgrx - ok
10:20:12.0023 5796 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:20:12.0039 5796 volsnap - ok
10:20:12.0086 5796 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:20:12.0101 5796 vsmraid - ok
10:20:12.0257 5796 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:20:12.0273 5796 VSS - ok
10:20:12.0507 5796 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
10:20:12.0507 5796 vToolbarUpdater11.2.0 - ok
10:20:12.0632 5796 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:20:12.0632 5796 vwifibus - ok
10:20:12.0647 5796 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:20:12.0647 5796 vwififlt - ok
10:20:12.0679 5796 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:20:12.0679 5796 vwifimp - ok
10:20:12.0741 5796 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:20:12.0741 5796 W32Time - ok
10:20:12.0772 5796 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:20:12.0772 5796 WacomPen - ok
10:20:12.0819 5796 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:20:12.0819 5796 WANARP - ok
10:20:12.0819 5796 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:20:12.0835 5796 Wanarpv6 - ok
10:20:12.0944 5796 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:20:12.0959 5796 WatAdminSvc - ok
10:20:13.0131 5796 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:20:13.0162 5796 wbengine - ok
10:20:13.0303 5796 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:20:13.0303 5796 WbioSrvc - ok
10:20:13.0381 5796 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:20:13.0381 5796 wcncsvc - ok
10:20:13.0396 5796 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:20:13.0396 5796 WcsPlugInService - ok
10:20:13.0474 5796 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:20:13.0474 5796 Wd - ok
10:20:13.0552 5796 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:20:13.0552 5796 Wdf01000 - ok
10:20:13.0615 5796 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:20:13.0615 5796 WdiServiceHost - ok
10:20:13.0615 5796 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:20:13.0630 5796 WdiSystemHost - ok
10:20:13.0693 5796 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:20:13.0693 5796 WebClient - ok
10:20:13.0739 5796 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:20:13.0755 5796 Wecsvc - ok
10:20:13.0786 5796 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:20:13.0802 5796 wercplsupport - ok
10:20:13.0864 5796 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:20:13.0864 5796 WerSvc - ok
10:20:13.0927 5796 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:20:13.0942 5796 WfpLwf - ok
10:20:13.0973 5796 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
10:20:13.0973 5796 WimFltr - ok
10:20:14.0005 5796 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:20:14.0005 5796 WIMMount - ok
10:20:14.0020 5796 WinDefend - ok
10:20:14.0036 5796 WinHttpAutoProxySvc - ok
10:20:14.0129 5796 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:20:14.0129 5796 Winmgmt - ok
10:20:14.0317 5796 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:20:14.0332 5796 WinRM - ok
10:20:14.0488 5796 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:20:14.0488 5796 WinUsb - ok
10:20:14.0582 5796 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:20:14.0597 5796 Wlansvc - ok
10:20:14.0847 5796 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:20:14.0863 5796 wlidsvc - ok
10:20:14.0894 5796 wltrysvc (de816a0624d54d68e1fb8a9028dcf81a) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
10:20:14.0894 5796 wltrysvc - ok
10:20:15.0019 5796 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:20:15.0019 5796 WmiAcpi - ok
10:20:15.0081 5796 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:20:15.0081 5796 wmiApSrv - ok
10:20:15.0128 5796 WMPNetworkSvc - ok
10:20:15.0175 5796 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:20:15.0175 5796 WPCSvc - ok
10:20:15.0221 5796 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:20:15.0221 5796 WPDBusEnum - ok
10:20:15.0253 5796 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:20:15.0253 5796 ws2ifsl - ok
10:20:15.0284 5796 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:20:15.0284 5796 wscsvc - ok
10:20:15.0284 5796 WSearch - ok
10:20:15.0518 5796 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
10:20:15.0533 5796 wuauserv - ok
10:20:15.0674 5796 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:20:15.0674 5796 WudfPf - ok
10:20:15.0705 5796 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:20:15.0705 5796 WUDFRd - ok
10:20:15.0767 5796 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:20:15.0767 5796 wudfsvc - ok
10:20:15.0814 5796 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:20:15.0814 5796 WwanSvc - ok
10:20:15.0892 5796 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
10:20:15.0939 5796 yukonw7 - ok
10:20:15.0986 5796 MBR (0x1B8) (c3220eb08add62e3ed9f72a1f4e4b1bb) \Device\Harddisk0\DR0
10:20:16.0469 5796 \Device\Harddisk0\DR0 - ok
10:20:16.0485 5796 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0
10:20:16.0501 5796 \Device\Harddisk0\DR0\Partition0 - ok
10:20:16.0501 5796 Boot (0x1200) (723ffebde086355ce5f5c8e20d4fdb4a) \Device\Harddisk0\DR0\Partition1
10:20:16.0516 5796 \Device\Harddisk0\DR0\Partition1 - ok
10:20:16.0516 5796 ============================================================
10:20:16.0516 5796 Scan finished
10:20:16.0516 5796 ============================================================
10:20:16.0547 2628 Detected object count: 0
10:20:16.0547 2628 Actual detected object count: 0
10:40:18.0408 5728 Deinitialize success






Here is the log from aswMBR:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-28 10:27:09
-----------------------------
10:27:09.549 OS Version: Windows x64 6.1.7601 Service Pack 1
10:27:09.549 Number of processors: 4 586 0x2505
10:27:09.549 ComputerName: INSPIRON-15R UserName: Ron
10:27:11.199 Initialize success
10:30:00.883 AVAST engine defs: 12072800
10:33:34.096 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:33:34.096 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
10:33:34.111 Disk 0 MBR read successfully
10:33:34.111 Disk 0 MBR scan
10:33:34.111 Disk 0 Windows 7 default MBR code
10:33:34.111 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
10:33:34.127 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
10:33:34.142 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
10:33:34.174 Disk 0 scanning C:\Windows\system32\drivers
10:33:45.575 Service scanning
10:34:40.713 Modules scanning
10:34:40.723 Disk 0 trace - called modules:
10:34:40.743 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:34:40.753 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064aa060]
10:34:40.753 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80061f5050]
10:34:42.457 AVAST engine scan C:\Windows
10:34:45.579 AVAST engine scan C:\Windows\system32
10:37:43.651 AVAST engine scan C:\Windows\system32\drivers
10:37:56.810 AVAST engine scan C:\Users\Ron
10:46:14.359 AVAST engine scan C:\ProgramData
10:49:34.812 Scan finished successfully
10:51:33.015 Disk 0 MBR has been saved successfully to "C:\Users\Ron\Documents\MBR.dat"
10:51:33.015 The log file has been saved successfully to "C:\Users\Ron\Documents\aswMBR.txt"




Here is the log from ESET online scanner:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-28 10:27:09
-----------------------------
10:27:09.549 OS Version: Windows x64 6.1.7601 Service Pack 1
10:27:09.549 Number of processors: 4 586 0x2505
10:27:09.549 ComputerName: INSPIRON-15R UserName: Ron
10:27:11.199 Initialize success
10:30:00.883 AVAST engine defs: 12072800
10:33:34.096 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:33:34.096 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
10:33:34.111 Disk 0 MBR read successfully
10:33:34.111 Disk 0 MBR scan
10:33:34.111 Disk 0 Windows 7 default MBR code
10:33:34.111 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 100 MB offset 2048
10:33:34.127 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 206848
10:33:34.142 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 595378 MB offset 30926848
10:33:34.174 Disk 0 scanning C:\Windows\system32\drivers
10:33:45.575 Service scanning
10:34:40.713 Modules scanning
10:34:40.723 Disk 0 trace - called modules:
10:34:40.743 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:34:40.753 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064aa060]
10:34:40.753 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80061f5050]
10:34:42.457 AVAST engine scan C:\Windows
10:34:45.579 AVAST engine scan C:\Windows\system32
10:37:43.651 AVAST engine scan C:\Windows\system32\drivers
10:37:56.810 AVAST engine scan C:\Users\Ron
10:46:14.359 AVAST engine scan C:\ProgramData
10:49:34.812 Scan finished successfully
10:51:33.015 Disk 0 MBR has been saved successfully to "C:\Users\Ron\Documents\MBR.dat"
10:51:33.015 The log file has been saved successfully to "C:\Users\Ron\Documents\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 AM

Posted 28 July 2012 - 11:49 AM

Please post the ESET log.You have posted aswmbr log twice

#5 sutter63

sutter63
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 28 July 2012 - 12:11 PM

C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7TFV7YSV\17[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\7TFV7YSV\a29338eea6a4ec08ebc071db958802fc[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZF2POH7L\17[1].htm HTML/Iframe.B.Gen virus deleted - quarantined
C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZF2POH7L\i[1].htm JS/Kryptik.NX trojan cleaned by deleting - quarantined
C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\ZF2POH7L\ki95vot[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 AM

Posted 28 July 2012 - 12:28 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 sutter63

sutter63
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 28 July 2012 - 03:27 PM

Ran Malwarebytes twice as instructed. Nothing found.


Here's the results from the mini toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Ron (administrator) on 28-07-2012 at 16:21:59
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.
67.215.245.19 www.google-analytics.com.
67.215.245.19 ad-emea.doubleclick.net.
67.215.245.19 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Inspiron-15R
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 1C-65-9D-7C-EA-FF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : 1C-65-9D-7C-EA-FF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 1C-65-9D-7C-EA-FF
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5c82:afa8:1d57:3565%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 28, 2012 4:00:35 PM
Lease Expires . . . . . . . . . . : Sunday, July 29, 2012 4:00:35 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 219964829
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-5A-36-E5-F0-4D-A2-A7-9B-DD
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{3D42035D-F2E1-4503-BEF5-93D9F7530D73}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{27C6B111-2E16-40F8-AAE7-BE8BF6F22A8E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:4f9:cd0:bb9c:ccb7(Preferred)
Link-local IPv6 Address . . . . . : fe80::4f9:cd0:bb9c:ccb7%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 2607:f8b0:4007:800::1008
74.125.239.1
74.125.239.2
74.125.239.3
74.125.239.4
74.125.239.5
74.125.239.6
74.125.239.7
74.125.239.8
74.125.239.9
74.125.239.14
74.125.239.0


Pinging google.com [74.125.224.165] with 32 bytes of data:
Reply from 74.125.224.165: bytes=32 time=83ms TTL=47
Reply from 74.125.224.165: bytes=32 time=82ms TTL=53

Ping statistics for 74.125.224.165:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 82ms, Maximum = 83ms, Average = 82ms
Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=41ms TTL=56
Reply from 209.191.122.70: bytes=32 time=43ms TTL=56

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 41ms, Maximum = 43ms, Average = 42ms
Server: cdns1.cox.net
Address: 68.105.28.11

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...1c 65 9d 7c ea ff ......Microsoft Virtual WiFi Miniport Adapter
12...1c 65 9d 7c ea ff ......Broadcom Virtual Wireless Adapter
11...1c 65 9d 7c ea ff ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.102 281
192.168.0.102 255.255.255.255 On-link 192.168.0.102 281
192.168.0.255 255.255.255.255 On-link 192.168.0.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:9d38:953c:4f9:cd0:bb9c:ccb7/128
On-link
11 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::4f9:cd0:bb9c:ccb7/128
On-link
11 281 fe80::5c82:afa8:1d57:3565/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/28/2012 04:21:23 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 04:19:52 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 04:17:20 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 03:41:22 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 03:39:51 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 03:38:35 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 03:35:34 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 03:33:13 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 03:17:04 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).

Error: (07/28/2012 03:14:20 PM) (Source: Windows Search Service) (User: )
Description: The protocol handler IEHistory cannot be loaded. Error description: The specified module could not be found. (HRESULT : 0x8007007e).


System errors:
=============
Error: (07/28/2012 04:02:50 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x8004a026

Error: (07/28/2012 04:02:50 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x8004a026

Error: (07/28/2012 04:00:34 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (07/28/2012 03:29:51 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x8004a026

Error: (07/28/2012 03:29:51 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x8004a026

Error: (07/28/2012 03:28:10 PM) (Source: Service Control Manager) (User: )
Description: The mrtRate service failed to start due to the following error:
%%2

Error: (07/28/2012 03:23:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007371c: Security Update for Windows 7 for x64-based Systems (KB2691442).

Error: (07/28/2012 03:23:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007371c: Security Update for Windows 7 for x64-based Systems (KB2655992).

Error: (07/28/2012 03:23:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007371c: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2719177).

Error: (07/28/2012 01:52:10 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x8004a026


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Flash Player 10 Plugin (Version: 10.1.53.64)
Adobe Reader X (10.1.1) (Version: 10.1.1)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2195)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2195)
Bing Bar (Version: 7.1.361.0)
Bonjour (Version: 3.0.0.10)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
ClosetMaid v1.5.2
Cozi (Version: 1.0.4323.24051)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.51)
Dell Dock (Version: 2.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Dell Webcam Central (Version: 1.40.05)
DW WLAN Card Utility (Version: 5.60.48.35)
ESET Online Scanner v3
GoToAssist 8.0.0.514
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2104)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.4.1002)
Intel® Turbo Boost Technology Monitor (Version: 1.0.186.6)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 27 (Version: 6.0.270)
Junk Mail filter update (Version: 15.4.3502.0922)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Meeting 2007 (Version: 8.0.6362.202)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Quicken 2004 (Version: 13.00.0000)
Quickset64 (Version: 10.5.0)
QuickTime (Version: 7.71.80.42)
Roxio Burn (Version: 1.01)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.0.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
WildTangent Games (Version: 1.0.0.71)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 5942.68 MB
Available physical RAM: 4219.87 MB
Total Pagefile: 11883.56 MB
Available Pagefile: 9953.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3963.96 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:530.28 GB) NTFS

========================= Users: ========================================

User accounts for \\INSPIRON-15R

Administrator Guest Ron


**** End of log ****


Here's the results from FSS:


Farbar Service Scanner Version: 26-07-2012
Ran by Ron (administrator) on 28-07-2012 at 16:25:16
Running from "C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZN11K5U"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Demand
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Here's the results from adware cleaner:

# AdwCleaner v1.703 - Logfile created 07/28/2012 at 15:59:17
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Ron - INSPIRON-15R
# Running from : C:\Users\Ron\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C8YV16HU\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [338 octets] - [28/07/2012 15:17:52]
AdwCleaner[S3].txt - [657 octets] - [28/07/2012 15:59:17]

########## EOF - C:\AdwCleaner[S3].txt - [784 octets] ##########

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 AM

Posted 28 July 2012 - 03:32 PM

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

#9 sutter63

sutter63
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 28 July 2012 - 04:42 PM

Ran RogueKiller as instructed. Here's the log:


RogueKiller V7.6.4 [07/17/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Ron [Admin rights]
Mode: HOSTSFix -- Date: 07/28/2012 17:41:20

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:53 AM

Posted 28 July 2012 - 05:12 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users