Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple malware problems


  • Please log in to reply
15 replies to this topic

#1 d02an

d02an

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 30 July 2012 - 05:46 AM

Hello everyone i am hoping someone here can help me, when switching on the pc the other day we noticed a few new icons on the desktop of programs that were not installed by anyone in the house and think we may now be infected , when i looked at the program list via the control panel it seems they were all installed at the same time.
the list of the programs is as follows:

iLivid
Smart PC Cleaner v3.0
Driver Genius Professional Edition
Mplayer 0.6.9

Without researching properly and now feeling quite stupid STOPzilla was also downloaded to try and get rid of these thinking it was a real malware removal program but have since realised it is just another scam program.

there was another program that i did try and get rid of with the usual uninstall system in windows but cant remember the name of it but as is usual i am sure it will pop into existence.

I admit i am not capable of getting rid of these things on my own and would be eternally grateful for all support.

My operating system is Windows 7 home premium 32 bit.

Thanks in advance for any help

Dan

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 30 July 2012 - 06:05 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 30 July 2012 - 01:44 PM

19:35:52.0807 7520 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
19:35:53.0245 7520 ============================================================
19:35:53.0245 7520 Current date / time: 2012/07/30 19:35:53.0245
19:35:53.0245 7520 SystemInfo:
19:35:53.0245 7520
19:35:53.0245 7520 OS Version: 6.1.7601 ServicePack: 1.0
19:35:53.0245 7520 Product type: Workstation
19:35:53.0245 7520 ComputerName: DAN-DESKTOP
19:35:53.0245 7520 UserName: DAN
19:35:53.0245 7520 Windows directory: C:\Windows
19:35:53.0245 7520 System windows directory: C:\Windows
19:35:53.0245 7520 Processor architecture: Intel x86
19:35:53.0245 7520 Number of processors: 1
19:35:53.0245 7520 Page size: 0x1000
19:35:53.0245 7520 Boot type: Normal boot
19:35:53.0245 7520 ============================================================
19:35:57.0666 7520 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:35:57.0729 7520 ============================================================
19:35:57.0729 7520 \Device\Harddisk0\DR0:
19:35:57.0745 7520 MBR partitions:
19:35:57.0745 7520 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
19:35:57.0745 7520 ============================================================
19:35:57.0885 7520 C: <-> \Device\Harddisk0\DR0\Partition0
19:35:58.0010 7520 ============================================================
19:35:58.0010 7520 Initialize success
19:35:58.0010 7520 ============================================================
19:42:15.0208 7140 ============================================================
19:42:15.0208 7140 Scan started
19:42:15.0208 7140 Mode: Manual; TDLFS;
19:42:15.0208 7140 ============================================================
19:42:16.0895 7140 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
19:42:16.0911 7140 1394ohci - ok
19:42:16.0973 7140 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
19:42:16.0989 7140 ACPI - ok
19:42:17.0036 7140 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
19:42:17.0051 7140 AcpiPmi - ok
19:42:17.0208 7140 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:42:17.0223 7140 AdobeARMservice - ok
19:42:17.0301 7140 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
19:42:17.0317 7140 adp94xx - ok
19:42:17.0379 7140 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
19:42:17.0395 7140 adpahci - ok
19:42:17.0426 7140 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
19:42:17.0442 7140 adpu320 - ok
19:42:17.0489 7140 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
19:42:17.0504 7140 AeLookupSvc - ok
19:42:17.0583 7140 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
19:42:17.0598 7140 AFD - ok
19:42:17.0708 7140 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
19:42:17.0708 7140 agp440 - ok
19:42:17.0770 7140 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
19:42:17.0786 7140 aic78xx - ok
19:42:17.0848 7140 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
19:42:17.0848 7140 ALG - ok
19:42:17.0879 7140 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
19:42:17.0895 7140 aliide - ok
19:42:17.0926 7140 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
19:42:17.0926 7140 amdagp - ok
19:42:17.0973 7140 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
19:42:17.0989 7140 amdide - ok
19:42:18.0020 7140 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
19:42:18.0051 7140 AmdK8 - ok
19:42:18.0067 7140 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
19:42:18.0083 7140 AmdPPM - ok
19:42:18.0129 7140 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
19:42:18.0145 7140 amdsata - ok
19:42:18.0192 7140 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
19:42:18.0208 7140 amdsbs - ok
19:42:18.0223 7140 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
19:42:18.0239 7140 amdxata - ok
19:42:18.0286 7140 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
19:42:18.0301 7140 AppID - ok
19:42:18.0333 7140 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
19:42:18.0348 7140 AppIDSvc - ok
19:42:18.0395 7140 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
19:42:18.0411 7140 Appinfo - ok
19:42:18.0458 7140 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
19:42:18.0458 7140 arc - ok
19:42:18.0504 7140 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
19:42:18.0520 7140 arcsas - ok
19:42:18.0567 7140 aswFsBlk (c47623ffd181a1e7d63574dde2a0a711) C:\Windows\system32\drivers\aswFsBlk.sys
19:42:18.0583 7140 aswFsBlk - ok
19:42:18.0629 7140 aswMonFlt (4804753a4ec7d67cc22d226bffd1c1e3) C:\Windows\system32\drivers\aswMonFlt.sys
19:42:18.0629 7140 aswMonFlt - ok
19:42:18.0676 7140 aswRdr (36239e24470a3dd81fae37510953cc6c) C:\Windows\system32\drivers\aswRdr.sys
19:42:18.0676 7140 aswRdr - ok
19:42:18.0723 7140 aswSnx (caa846e9c83836bdc3d2d700c678db65) C:\Windows\system32\drivers\aswSnx.sys
19:42:18.0739 7140 aswSnx - ok
19:42:18.0770 7140 aswSP (748ae7f2d7da33adb063fe05704a9969) C:\Windows\system32\drivers\aswSP.sys
19:42:18.0801 7140 aswSP - ok
19:42:18.0848 7140 aswTdi (ca9925ce1dbd07ffe1eb357752cf5577) C:\Windows\system32\drivers\aswTdi.sys
19:42:18.0848 7140 aswTdi - ok
19:42:18.0895 7140 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
19:42:18.0895 7140 AsyncMac - ok
19:42:18.0942 7140 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
19:42:18.0942 7140 atapi - ok
19:42:19.0020 7140 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:42:19.0051 7140 AudioEndpointBuilder - ok
19:42:19.0067 7140 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
19:42:19.0067 7140 Audiosrv - ok
19:42:19.0176 7140 avast! Antivirus (c76769f246250edad34a5581419e9d60) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:42:19.0176 7140 avast! Antivirus - ok
19:42:19.0301 7140 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
19:42:19.0317 7140 AxInstSV - ok
19:42:19.0379 7140 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
19:42:19.0395 7140 b06bdrv - ok
19:42:19.0458 7140 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
19:42:19.0458 7140 b57nd60x - ok
19:42:19.0598 7140 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.exe
19:42:19.0614 7140 BBSvc - ok
19:42:19.0676 7140 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.exe
19:42:19.0692 7140 BBUpdate - ok
19:42:19.0723 7140 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
19:42:19.0739 7140 BDESVC - ok
19:42:19.0786 7140 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
19:42:19.0801 7140 Beep - ok
19:42:20.0051 7140 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
19:42:20.0067 7140 BFE - ok
19:42:20.0129 7140 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
19:42:20.0192 7140 BITS - ok
19:42:20.0239 7140 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
19:42:20.0254 7140 blbdrive - ok
19:42:20.0348 7140 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
19:42:20.0364 7140 bowser - ok
19:42:20.0411 7140 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:42:20.0411 7140 BrFiltLo - ok
19:42:20.0442 7140 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:42:20.0458 7140 BrFiltUp - ok
19:42:20.0520 7140 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
19:42:20.0520 7140 Browser - ok
19:42:20.0583 7140 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
19:42:20.0598 7140 Brserid - ok
19:42:20.0629 7140 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
19:42:20.0645 7140 BrSerWdm - ok
19:42:20.0661 7140 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:42:20.0676 7140 BrUsbMdm - ok
19:42:20.0692 7140 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
19:42:20.0692 7140 BrUsbSer - ok
19:42:20.0739 7140 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
19:42:20.0739 7140 BTHMODEM - ok
19:42:20.0801 7140 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
19:42:20.0817 7140 bthserv - ok
19:42:20.0848 7140 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
19:42:20.0864 7140 cdfs - ok
19:42:20.0958 7140 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
19:42:20.0973 7140 cdrom - ok
19:42:21.0036 7140 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:42:21.0051 7140 CertPropSvc - ok
19:42:21.0098 7140 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
19:42:21.0098 7140 circlass - ok
19:42:21.0145 7140 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
19:42:21.0161 7140 CLFS - ok
19:42:21.0254 7140 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:42:21.0286 7140 clr_optimization_v2.0.50727_32 - ok
19:42:21.0379 7140 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:42:21.0442 7140 clr_optimization_v4.0.30319_32 - ok
19:42:21.0473 7140 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
19:42:21.0473 7140 CmBatt - ok
19:42:21.0520 7140 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
19:42:21.0536 7140 cmdide - ok
19:42:21.0645 7140 cmuda (e5adeef2c0db43964223f408f1fcc97e) C:\Windows\system32\drivers\cmuda.sys
19:42:21.0692 7140 cmuda - ok
19:42:21.0754 7140 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys
19:42:21.0770 7140 CNG - ok
19:42:21.0848 7140 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
19:42:21.0864 7140 Compbatt - ok
19:42:21.0926 7140 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
19:42:21.0942 7140 CompositeBus - ok
19:42:21.0958 7140 COMSysApp - ok
19:42:22.0004 7140 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
19:42:22.0004 7140 crcdisk - ok
19:42:22.0098 7140 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll
19:42:22.0114 7140 CryptSvc - ok
19:42:22.0176 7140 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:42:22.0223 7140 DcomLaunch - ok
19:42:22.0270 7140 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
19:42:22.0317 7140 defragsvc - ok
19:42:22.0364 7140 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
19:42:22.0364 7140 DfsC - ok
19:42:22.0442 7140 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
19:42:22.0473 7140 Dhcp - ok
19:42:22.0504 7140 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
19:42:22.0520 7140 discache - ok
19:42:22.0567 7140 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
19:42:22.0583 7140 Disk - ok
19:42:22.0645 7140 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
19:42:22.0661 7140 Dnscache - ok
19:42:22.0723 7140 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
19:42:22.0739 7140 dot3svc - ok
19:42:22.0786 7140 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
19:42:22.0817 7140 DPS - ok
19:42:22.0864 7140 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
19:42:22.0864 7140 drmkaud - ok
19:42:22.0942 7140 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
19:42:22.0958 7140 DXGKrnl - ok
19:42:23.0004 7140 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
19:42:23.0036 7140 EapHost - ok
19:42:23.0223 7140 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
19:42:23.0301 7140 ebdrv - ok
19:42:23.0411 7140 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
19:42:23.0442 7140 EFS - ok
19:42:23.0536 7140 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
19:42:23.0567 7140 ehRecvr - ok
19:42:23.0598 7140 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
19:42:23.0614 7140 ehSched - ok
19:42:23.0739 7140 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
19:42:23.0754 7140 elxstor - ok
19:42:23.0801 7140 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
19:42:23.0833 7140 ErrDev - ok
19:42:23.0911 7140 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
19:42:23.0942 7140 EventSystem - ok
19:42:23.0989 7140 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
19:42:23.0989 7140 exfat - ok
19:42:24.0036 7140 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
19:42:24.0067 7140 fastfat - ok
19:42:24.0145 7140 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
19:42:24.0192 7140 Fax - ok
19:42:24.0223 7140 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
19:42:24.0223 7140 fdc - ok
19:42:24.0270 7140 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
19:42:24.0301 7140 fdPHost - ok
19:42:24.0333 7140 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
19:42:24.0364 7140 FDResPub - ok
19:42:24.0411 7140 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
19:42:24.0426 7140 FileInfo - ok
19:42:24.0458 7140 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
19:42:24.0473 7140 Filetrace - ok
19:42:24.0504 7140 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
19:42:24.0520 7140 flpydisk - ok
19:42:24.0567 7140 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
19:42:24.0583 7140 FltMgr - ok
19:42:24.0676 7140 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
19:42:24.0708 7140 FontCache - ok
19:42:24.0817 7140 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:42:24.0833 7140 FontCache3.0.0.0 - ok
19:42:25.0083 7140 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
19:42:25.0114 7140 FsDepends - ok
19:42:25.0145 7140 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys
19:42:25.0161 7140 Fs_Rec - ok
19:42:25.0223 7140 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
19:42:25.0239 7140 fvevol - ok
19:42:25.0286 7140 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:42:25.0286 7140 gagp30kx - ok
19:42:25.0426 7140 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
19:42:25.0442 7140 gpsvc - ok
19:42:25.0551 7140 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:42:25.0567 7140 gupdate - ok
19:42:25.0583 7140 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
19:42:25.0583 7140 gupdatem - ok
19:42:25.0629 7140 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
19:42:25.0661 7140 hcw85cir - ok
19:42:25.0801 7140 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
19:42:25.0848 7140 HDAudBus - ok
19:42:25.0911 7140 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
19:42:25.0926 7140 HidBatt - ok
19:42:25.0958 7140 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
19:42:25.0973 7140 HidBth - ok
19:42:26.0020 7140 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
19:42:26.0020 7140 HidIr - ok
19:42:26.0067 7140 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
19:42:26.0083 7140 hidserv - ok
19:42:26.0145 7140 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
19:42:26.0161 7140 HidUsb - ok
19:42:26.0208 7140 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
19:42:26.0254 7140 hkmsvc - ok
19:42:26.0286 7140 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
19:42:26.0317 7140 HomeGroupListener - ok
19:42:26.0364 7140 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
19:42:26.0426 7140 HomeGroupProvider - ok
19:42:26.0754 7140 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
19:42:26.0801 7140 HpSAMD - ok
19:42:27.0520 7140 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
19:42:27.0536 7140 HTTP - ok
19:42:27.0567 7140 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
19:42:27.0583 7140 hwpolicy - ok
19:42:27.0645 7140 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
19:42:27.0661 7140 i8042prt - ok
19:42:27.0723 7140 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
19:42:27.0770 7140 iaStor - ok
19:42:27.0833 7140 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
19:42:27.0848 7140 iaStorV - ok
19:42:28.0004 7140 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:42:28.0036 7140 idsvc - ok
19:42:28.0083 7140 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
19:42:28.0098 7140 iirsp - ok
19:42:28.0208 7140 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
19:42:28.0254 7140 IKEEXT - ok
19:42:28.0317 7140 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
19:42:28.0317 7140 intelide - ok
19:42:28.0411 7140 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
19:42:28.0426 7140 intelppm - ok
19:42:28.0458 7140 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
19:42:28.0520 7140 IPBusEnum - ok
19:42:28.0551 7140 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:42:28.0567 7140 IpFilterDriver - ok
19:42:28.0661 7140 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
19:42:28.0723 7140 iphlpsvc - ok
19:42:28.0770 7140 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
19:42:28.0786 7140 IPMIDRV - ok
19:42:28.0864 7140 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
19:42:28.0879 7140 IPNAT - ok
19:42:28.0926 7140 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
19:42:28.0958 7140 IRENUM - ok
19:42:29.0036 7140 is3srv (dccbdfd30bbeca6d74d9133981429b94) C:\Windows\system32\drivers\is3srv.sys
19:42:29.0051 7140 is3srv - ok
19:42:29.0114 7140 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
19:42:29.0129 7140 isapnp - ok
19:42:29.0161 7140 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
19:42:29.0223 7140 iScsiPrt - ok
19:42:29.0270 7140 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
19:42:29.0286 7140 kbdclass - ok
19:42:29.0333 7140 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
19:42:29.0348 7140 kbdhid - ok
19:42:29.0395 7140 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:42:29.0411 7140 KeyIso - ok
19:42:29.0473 7140 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys
19:42:29.0489 7140 KSecDD - ok
19:42:29.0551 7140 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys
19:42:29.0551 7140 KSecPkg - ok
19:42:29.0614 7140 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
19:42:29.0661 7140 KtmRm - ok
19:42:29.0723 7140 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
19:42:29.0770 7140 LanmanServer - ok
19:42:29.0864 7140 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
19:42:29.0942 7140 LanmanWorkstation - ok
19:42:30.0083 7140 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
19:42:30.0083 7140 lltdio - ok
19:42:30.0129 7140 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
19:42:30.0176 7140 lltdsvc - ok
19:42:30.0208 7140 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
19:42:30.0239 7140 lmhosts - ok
19:42:30.0286 7140 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:42:30.0301 7140 LSI_FC - ok
19:42:30.0348 7140 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:42:30.0364 7140 LSI_SAS - ok
19:42:30.0426 7140 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:42:30.0442 7140 LSI_SAS2 - ok
19:42:30.0489 7140 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:42:30.0504 7140 LSI_SCSI - ok
19:42:30.0536 7140 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
19:42:30.0551 7140 luafv - ok
19:42:30.0614 7140 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
19:42:30.0614 7140 MBAMProtector - ok
19:42:30.0754 7140 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:42:30.0770 7140 MBAMService - ok
19:42:30.0817 7140 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
19:42:30.0864 7140 Mcx2Svc - ok
19:42:30.0911 7140 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
19:42:30.0926 7140 megasas - ok
19:42:30.0973 7140 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
19:42:30.0989 7140 MegaSR - ok
19:42:31.0114 7140 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:42:31.0114 7140 Microsoft Office Groove Audit Service - ok
19:42:31.0161 7140 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:42:31.0223 7140 MMCSS - ok
19:42:31.0270 7140 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
19:42:31.0286 7140 Modem - ok
19:42:31.0379 7140 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
19:42:31.0395 7140 monitor - ok
19:42:31.0848 7140 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
19:42:31.0848 7140 mouclass - ok
19:42:31.0895 7140 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
19:42:31.0911 7140 mouhid - ok
19:42:31.0958 7140 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
19:42:31.0973 7140 mountmgr - ok
19:42:32.0036 7140 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:42:32.0051 7140 MozillaMaintenance - ok
19:42:32.0098 7140 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
19:42:32.0114 7140 mpio - ok
19:42:32.0161 7140 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
19:42:32.0176 7140 mpsdrv - ok
19:42:32.0254 7140 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
19:42:32.0301 7140 MpsSvc - ok
19:42:32.0348 7140 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
19:42:32.0364 7140 MRxDAV - ok
19:42:32.0411 7140 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:42:32.0426 7140 mrxsmb - ok
19:42:32.0458 7140 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:42:32.0473 7140 mrxsmb10 - ok
19:42:32.0504 7140 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:42:32.0520 7140 mrxsmb20 - ok
19:42:32.0583 7140 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
19:42:32.0598 7140 msahci - ok
19:42:32.0629 7140 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
19:42:32.0645 7140 msdsm - ok
19:42:32.0692 7140 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
19:42:32.0723 7140 MSDTC - ok
19:42:32.0786 7140 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
19:42:32.0817 7140 Msfs - ok
19:42:32.0848 7140 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
19:42:32.0864 7140 mshidkmdf - ok
19:42:32.0911 7140 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
19:42:32.0911 7140 msisadrv - ok
19:42:32.0958 7140 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
19:42:33.0520 7140 MSiSCSI - ok
19:42:33.0536 7140 msiserver - ok
19:42:33.0661 7140 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
19:42:33.0676 7140 MSKSSRV - ok
19:42:33.0708 7140 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
19:42:33.0723 7140 MSPCLOCK - ok
19:42:34.0208 7140 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
19:42:34.0223 7140 MSPQM - ok
19:42:34.0286 7140 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
19:42:34.0301 7140 MsRPC - ok
19:42:34.0348 7140 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
19:42:34.0364 7140 mssmbios - ok
19:42:34.0395 7140 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
19:42:34.0426 7140 MSTEE - ok
19:42:34.0458 7140 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
19:42:34.0458 7140 MTConfig - ok
19:42:34.0489 7140 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
19:42:34.0504 7140 Mup - ok
19:42:34.0583 7140 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
19:42:34.0629 7140 napagent - ok
19:42:34.0692 7140 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
19:42:34.0708 7140 NativeWifiP - ok
19:42:34.0801 7140 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
19:42:34.0833 7140 NDIS - ok
19:42:34.0879 7140 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
19:42:34.0895 7140 NdisCap - ok
19:42:34.0942 7140 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
19:42:34.0942 7140 NdisTapi - ok
19:42:35.0004 7140 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
19:42:35.0004 7140 Ndisuio - ok
19:42:35.0067 7140 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
19:42:35.0067 7140 NdisWan - ok
19:42:35.0098 7140 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
19:42:35.0114 7140 NDProxy - ok
19:42:35.0161 7140 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
19:42:35.0161 7140 NetBIOS - ok
19:42:35.0223 7140 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
19:42:35.0239 7140 NetBT - ok
19:42:35.0301 7140 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:42:35.0333 7140 Netlogon - ok
19:42:35.0395 7140 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
19:42:35.0442 7140 Netman - ok
19:42:35.0489 7140 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
19:42:35.0536 7140 netprofm - ok
19:42:35.0645 7140 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:42:35.0661 7140 NetTcpPortSharing - ok
19:42:35.0708 7140 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
19:42:35.0723 7140 nfrd960 - ok
19:42:35.0770 7140 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
19:42:35.0817 7140 NlaSvc - ok
19:42:35.0848 7140 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
19:42:35.0864 7140 Npfs - ok
19:42:35.0911 7140 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
19:42:35.0973 7140 nsi - ok
19:42:35.0989 7140 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
19:42:35.0989 7140 nsiproxy - ok
19:42:36.0098 7140 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
19:42:36.0161 7140 Ntfs - ok
19:42:36.0208 7140 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
19:42:36.0223 7140 Null - ok
19:42:36.0723 7140 nvlddmkm (b0881dda5a8160422561ffab7f0008b1) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:42:36.0942 7140 nvlddmkm - ok
19:42:37.0067 7140 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
19:42:37.0083 7140 nvraid - ok
19:42:37.0114 7140 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
19:42:37.0129 7140 nvstor - ok
19:42:37.0176 7140 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
19:42:37.0192 7140 nv_agp - ok
19:42:37.0348 7140 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:42:37.0379 7140 odserv - ok
19:42:37.0411 7140 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
19:42:37.0442 7140 ohci1394 - ok
19:42:37.0520 7140 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:42:37.0520 7140 ose - ok
19:42:37.0598 7140 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:42:37.0661 7140 p2pimsvc - ok
19:42:37.0708 7140 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
19:42:37.0754 7140 p2psvc - ok
19:42:37.0817 7140 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
19:42:37.0833 7140 Parport - ok
19:42:37.0895 7140 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys
19:42:37.0895 7140 partmgr - ok
19:42:37.0942 7140 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
19:42:37.0958 7140 Parvdm - ok
19:42:38.0004 7140 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
19:42:38.0051 7140 PcaSvc - ok
19:42:38.0098 7140 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
19:42:38.0114 7140 pci - ok
19:42:38.0145 7140 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
19:42:38.0161 7140 pciide - ok
19:42:38.0208 7140 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
19:42:38.0223 7140 pcmcia - ok
19:42:38.0254 7140 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
19:42:38.0286 7140 pcw - ok
19:42:38.0333 7140 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
19:42:38.0364 7140 PEAUTH - ok
19:42:38.0520 7140 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
19:42:38.0598 7140 pla - ok
19:42:38.0739 7140 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
19:42:38.0801 7140 PlugPlay - ok
19:42:38.0848 7140 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
19:42:38.0879 7140 PNRPAutoReg - ok
19:42:38.0942 7140 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
19:42:38.0989 7140 PNRPsvc - ok
19:42:39.0036 7140 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
19:42:39.0067 7140 PolicyAgent - ok
19:42:39.0145 7140 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
19:42:39.0208 7140 Power - ok
19:42:39.0270 7140 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
19:42:39.0286 7140 PptpMiniport - ok
19:42:39.0333 7140 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
19:42:39.0348 7140 Processor - ok
19:42:39.0426 7140 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll
19:42:39.0473 7140 ProfSvc - ok
19:42:39.0520 7140 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:42:39.0551 7140 ProtectedStorage - ok
19:42:39.0614 7140 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
19:42:39.0629 7140 Psched - ok
19:42:39.0739 7140 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
19:42:39.0786 7140 ql2300 - ok
19:42:39.0911 7140 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
19:42:39.0958 7140 ql40xx - ok
19:42:40.0004 7140 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
19:42:40.0067 7140 QWAVE - ok
19:42:40.0083 7140 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
19:42:40.0098 7140 QWAVEdrv - ok
19:42:40.0129 7140 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
19:42:40.0145 7140 RasAcd - ok
19:42:40.0208 7140 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:42:40.0208 7140 RasAgileVpn - ok
19:42:40.0254 7140 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
19:42:40.0301 7140 RasAuto - ok
19:42:40.0348 7140 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:42:40.0348 7140 Rasl2tp - ok
19:42:40.0426 7140 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
19:42:40.0489 7140 RasMan - ok
19:42:40.0536 7140 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
19:42:40.0551 7140 RasPppoe - ok
19:42:40.0598 7140 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
19:42:40.0614 7140 RasSstp - ok
19:42:40.0661 7140 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
19:42:40.0692 7140 rdbss - ok
19:42:40.0739 7140 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
19:42:40.0739 7140 rdpbus - ok
19:42:40.0786 7140 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:42:40.0817 7140 RDPCDD - ok
19:42:40.0864 7140 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
19:42:40.0879 7140 RDPENCDD - ok
19:42:40.0911 7140 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
19:42:40.0942 7140 RDPREFMP - ok
19:42:41.0004 7140 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys
19:42:41.0020 7140 RDPWD - ok
19:42:41.0098 7140 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
19:42:41.0114 7140 rdyboost - ok
19:42:41.0176 7140 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
19:42:41.0208 7140 RemoteAccess - ok
19:42:41.0254 7140 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
19:42:41.0301 7140 RemoteRegistry - ok
19:42:41.0348 7140 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
19:42:41.0395 7140 RpcEptMapper - ok
19:42:41.0442 7140 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
19:42:41.0473 7140 RpcLocator - ok
19:42:41.0536 7140 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
19:42:41.0583 7140 RpcSs - ok
19:42:41.0629 7140 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
19:42:41.0645 7140 rspndr - ok
19:42:41.0708 7140 RTL8023xp (4e20765744bfbc16f6d6e5bd5598786b) C:\Windows\system32\DRIVERS\Rtnicxp.sys
19:42:41.0723 7140 RTL8023xp - ok
19:42:41.0770 7140 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:42:41.0801 7140 SamSs - ok
19:42:41.0848 7140 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
19:42:41.0895 7140 sbp2port - ok
19:42:41.0942 7140 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
19:42:41.0958 7140 SBRE - ok
19:42:42.0020 7140 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
19:42:42.0067 7140 SCardSvr - ok
19:42:42.0129 7140 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
19:42:42.0145 7140 scfilter - ok
19:42:42.0223 7140 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
19:42:42.0270 7140 Schedule - ok
19:42:42.0333 7140 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
19:42:42.0348 7140 SCPolicySvc - ok
19:42:42.0395 7140 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
19:42:42.0473 7140 SDRSVC - ok
19:42:42.0520 7140 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:42:42.0536 7140 secdrv - ok
19:42:42.0567 7140 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
19:42:42.0629 7140 seclogon - ok
19:42:42.0676 7140 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
19:42:42.0723 7140 SENS - ok
19:42:42.0770 7140 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
19:42:42.0833 7140 SensrSvc - ok
19:42:42.0879 7140 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
19:42:42.0879 7140 Serenum - ok
19:42:42.0911 7140 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
19:42:42.0942 7140 Serial - ok
19:42:42.0989 7140 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
19:42:43.0004 7140 sermouse - ok
19:42:43.0083 7140 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
19:42:43.0129 7140 SessionEnv - ok
19:42:43.0176 7140 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
19:42:43.0192 7140 sffdisk - ok
19:42:43.0239 7140 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
19:42:43.0239 7140 sffp_mmc - ok
19:42:43.0270 7140 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
19:42:43.0286 7140 sffp_sd - ok
19:42:43.0333 7140 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
19:42:43.0348 7140 sfloppy - ok
19:42:43.0411 7140 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
19:42:43.0458 7140 SharedAccess - ok
19:42:43.0504 7140 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
19:42:43.0567 7140 ShellHWDetection - ok
19:42:43.0598 7140 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
19:42:43.0614 7140 sisagp - ok
19:42:43.0676 7140 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:42:43.0692 7140 SiSRaid2 - ok
19:42:43.0723 7140 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
19:42:43.0754 7140 SiSRaid4 - ok
19:42:43.0786 7140 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
19:42:43.0801 7140 Smb - ok
19:42:43.0879 7140 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
19:42:43.0942 7140 SNMPTRAP - ok
19:42:44.0098 7140 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
19:42:44.0129 7140 Sony PC Companion - ok
19:42:44.0161 7140 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
19:42:44.0176 7140 spldr - ok
19:42:44.0254 7140 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
19:42:44.0301 7140 Spooler - ok
19:42:44.0489 7140 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
19:42:44.0598 7140 sppsvc - ok
19:42:44.0723 7140 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
19:42:44.0770 7140 sppuinotify - ok
19:42:44.0864 7140 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
19:42:44.0879 7140 srv - ok
19:42:44.0911 7140 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
19:42:44.0942 7140 srv2 - ok
19:42:44.0989 7140 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
19:42:45.0004 7140 srvnet - ok
19:42:45.0051 7140 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
19:42:45.0114 7140 SSDPSRV - ok
19:42:45.0145 7140 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
19:42:45.0208 7140 SstpSvc - ok
19:42:45.0239 7140 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
19:42:45.0254 7140 stexstor - ok
19:42:45.0317 7140 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
19:42:45.0333 7140 StillCam - ok
19:42:45.0395 7140 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
19:42:45.0473 7140 StiSvc - ok
19:42:45.0520 7140 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
19:42:45.0536 7140 swenum - ok
19:42:45.0598 7140 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
19:42:45.0645 7140 swprv - ok
19:42:45.0739 7140 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
19:42:45.0817 7140 SysMain - ok
19:42:45.0895 7140 szkg5 (dccbdfd30bbeca6d74d9133981429b94) C:\Windows\system32\DRIVERS\szkg.sys
19:42:45.0911 7140 szkg5 - ok
19:42:45.0973 7140 szkgfs (d8e280f74e2995dd357cabc996952aec) C:\Windows\system32\drivers\szkgfs.sys
19:42:45.0973 7140 szkgfs - ok
19:42:46.0083 7140 szserver (8fdaf81240a4057162cad255f02a844e) C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
19:42:46.0098 7140 szserver - ok
19:42:46.0145 7140 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
19:42:46.0208 7140 TabletInputService - ok
19:42:46.0270 7140 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
19:42:46.0317 7140 TapiSrv - ok
19:42:46.0364 7140 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
19:42:46.0411 7140 TBS - ok
19:42:46.0520 7140 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys
19:42:46.0567 7140 Tcpip - ok
19:42:46.0598 7140 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys
19:42:46.0614 7140 TCPIP6 - ok
19:42:46.0676 7140 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
19:42:46.0708 7140 tcpipreg - ok
19:42:46.0770 7140 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
19:42:46.0786 7140 TDPIPE - ok
19:42:46.0833 7140 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
19:42:46.0848 7140 TDTCP - ok
19:42:46.0879 7140 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
19:42:46.0973 7140 tdx - ok
19:42:47.0145 7140 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
19:42:47.0161 7140 TermDD - ok
19:42:47.0239 7140 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
19:42:47.0301 7140 TermService - ok
19:42:47.0333 7140 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
19:42:47.0379 7140 Themes - ok
19:42:47.0426 7140 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
19:42:47.0458 7140 THREADORDER - ok
19:42:47.0520 7140 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
19:42:47.0567 7140 TrkWks - ok
19:42:47.0645 7140 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
19:42:47.0661 7140 TrustedInstaller - ok
19:42:47.0723 7140 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:42:47.0723 7140 tssecsrv - ok
19:42:47.0801 7140 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
19:42:47.0801 7140 TsUsbFlt - ok
19:42:47.0879 7140 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
19:42:47.0926 7140 tunnel - ok
19:42:47.0973 7140 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
19:42:47.0989 7140 uagp35 - ok
19:42:48.0036 7140 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
19:42:48.0051 7140 udfs - ok
19:42:48.0114 7140 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
19:42:48.0161 7140 UI0Detect - ok
19:42:48.0208 7140 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
19:42:48.0223 7140 uliagpkx - ok
19:42:48.0270 7140 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
19:42:48.0286 7140 umbus - ok
19:42:48.0317 7140 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
19:42:48.0333 7140 UmPass - ok
19:42:48.0379 7140 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
19:42:48.0442 7140 upnphost - ok
19:42:48.0489 7140 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
19:42:48.0520 7140 usbccgp - ok
19:42:48.0551 7140 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
19:42:48.0567 7140 usbcir - ok
19:42:48.0598 7140 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
19:42:48.0614 7140 usbehci - ok
19:42:48.0676 7140 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
19:42:48.0692 7140 usbhub - ok
19:42:48.0739 7140 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
19:42:48.0754 7140 usbohci - ok
19:42:48.0817 7140 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
19:42:48.0833 7140 usbprint - ok
19:42:48.0879 7140 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
19:42:48.0879 7140 usbscan - ok
19:42:48.0926 7140 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:42:48.0942 7140 USBSTOR - ok
19:42:48.0989 7140 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
19:42:49.0004 7140 usbuhci - ok
19:42:49.0067 7140 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
19:42:49.0098 7140 usb_rndisx - ok
19:42:49.0145 7140 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
19:42:49.0208 7140 UxSms - ok
19:42:49.0254 7140 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
19:42:49.0286 7140 VaultSvc - ok
19:42:49.0364 7140 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
19:42:49.0379 7140 vdrvroot - ok
19:42:49.0458 7140 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
19:42:49.0520 7140 vds - ok
19:42:49.0583 7140 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
19:42:49.0598 7140 vga - ok
19:42:49.0629 7140 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
19:42:49.0629 7140 VgaSave - ok
19:42:49.0692 7140 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
19:42:49.0723 7140 vhdmp - ok
19:42:49.0770 7140 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
19:42:49.0786 7140 viaagp - ok
19:42:49.0817 7140 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
19:42:49.0833 7140 ViaC7 - ok
19:42:49.0864 7140 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
19:42:49.0879 7140 viaide - ok
19:42:49.0926 7140 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
19:42:49.0942 7140 volmgr - ok
19:42:49.0989 7140 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
19:42:50.0004 7140 volmgrx - ok
19:42:50.0067 7140 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
19:42:50.0083 7140 volsnap - ok
19:42:50.0145 7140 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
19:42:50.0161 7140 vsmraid - ok
19:42:50.0254 7140 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
19:42:50.0333 7140 VSS - ok
19:42:50.0395 7140 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
19:42:50.0411 7140 vwifibus - ok
19:42:50.0489 7140 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
19:42:50.0551 7140 W32Time - ok
19:42:50.0614 7140 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
19:42:50.0629 7140 WacomPen - ok
19:42:50.0692 7140 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:42:50.0723 7140 WANARP - ok
19:42:50.0739 7140 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
19:42:50.0754 7140 Wanarpv6 - ok
19:42:50.0879 7140 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
19:42:50.0911 7140 WatAdminSvc - ok
19:42:51.0020 7140 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
19:42:51.0114 7140 wbengine - ok
19:42:51.0301 7140 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
19:42:51.0364 7140 WbioSrvc - ok
19:42:51.0442 7140 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
19:42:51.0520 7140 wcncsvc - ok
19:42:51.0551 7140 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
19:42:51.0614 7140 WcsPlugInService - ok
19:42:51.0676 7140 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
19:42:51.0708 7140 Wd - ok
19:42:51.0770 7140 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
19:42:51.0801 7140 Wdf01000 - ok
19:42:51.0973 7140 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:42:52.0036 7140 WdiServiceHost - ok
19:42:52.0051 7140 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
19:42:52.0129 7140 WdiSystemHost - ok
19:42:52.0239 7140 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
19:42:52.0301 7140 WebClient - ok
19:42:52.0411 7140 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
19:42:52.0489 7140 Wecsvc - ok
19:42:52.0520 7140 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
19:42:52.0567 7140 wercplsupport - ok
19:42:52.0645 7140 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
19:42:52.0708 7140 WerSvc - ok
19:42:52.0754 7140 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
19:42:52.0770 7140 WfpLwf - ok
19:42:52.0833 7140 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
19:42:52.0833 7140 WIMMount - ok
19:42:52.0989 7140 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
19:42:53.0020 7140 WinDefend - ok
19:42:53.0051 7140 WinHttpAutoProxySvc - ok
19:42:53.0114 7140 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
19:42:53.0145 7140 Winmgmt - ok
19:42:53.0254 7140 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
19:42:53.0333 7140 WinRM - ok
19:42:53.0473 7140 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
19:42:53.0551 7140 Wlansvc - ok
19:42:53.0614 7140 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
19:42:53.0629 7140 WmiAcpi - ok
19:42:53.0723 7140 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
19:42:53.0739 7140 wmiApSrv - ok
19:42:53.0911 7140 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
19:42:53.0958 7140 WMPNetworkSvc - ok
19:42:54.0020 7140 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
19:42:54.0083 7140 WPCSvc - ok
19:42:54.0129 7140 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
19:42:54.0208 7140 WPDBusEnum - ok
19:42:54.0270 7140 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
19:42:54.0286 7140 ws2ifsl - ok
19:42:54.0333 7140 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
19:42:54.0395 7140 wscsvc - ok
19:42:54.0411 7140 WSearch - ok
19:42:54.0567 7140 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
19:42:54.0661 7140 wuauserv - ok
19:42:54.0801 7140 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
19:42:54.0833 7140 WudfPf - ok
19:42:54.0879 7140 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:42:54.0895 7140 WUDFRd - ok
19:42:54.0958 7140 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
19:42:55.0020 7140 wudfsvc - ok
19:42:55.0067 7140 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
19:42:55.0145 7140 WwanSvc - ok
19:42:55.0208 7140 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:42:55.0770 7140 \Device\Harddisk0\DR0 - ok
19:42:55.0786 7140 Boot (0x1200) (bce421f517e53c6b9243057ca4859af2) \Device\Harddisk0\DR0\Partition0
19:42:55.0786 7140 \Device\Harddisk0\DR0\Partition0 - ok
19:42:55.0786 7140 ============================================================
19:42:55.0786 7140 Scan finished
19:42:55.0786 7140 ============================================================
19:42:55.0833 7132 Detected object count: 0
19:42:55.0833 7132 Actual detected object count: 0

other log files next

#4 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 30 July 2012 - 01:55 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-30 19:46:08
-----------------------------
19:46:08.531 OS Version: Windows 6.1.7601 Service Pack 1
19:46:08.531 Number of processors: 1 586 0x409
19:46:08.546 ComputerName: DAN-DESKTOP UserName: DAN
19:46:53.079 Initialize success
19:46:56.532 AVAST engine defs: 12073000
19:47:38.831 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:47:38.831 Disk 0 Vendor: ST3160812A 3.AAJ Size: 152627MB BusType: 3
19:47:38.877 Disk 0 MBR read successfully
19:47:38.893 Disk 0 MBR scan
19:47:38.893 Disk 0 Windows 7 default MBR code
19:47:38.909 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
19:47:38.924 Disk 0 scanning sectors +312560640
19:47:39.018 Disk 0 scanning C:\Windows\system32\drivers
19:47:53.846 Service scanning
19:48:25.284 Modules scanning
19:48:37.456 Disk 0 trace - called modules:
19:48:37.487 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
19:48:37.502 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85043030]
19:48:38.034 3 CLASSPNP.SYS[87e8959e] -> nt!IofCallDriver -> [0x84f7e900]
19:48:38.049 5 ACPI.sys[876783d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8429e610]
19:48:38.596 AVAST engine scan C:\Windows
19:48:41.174 AVAST engine scan C:\Windows\system32
19:52:00.799 AVAST engine scan C:\Windows\system32\drivers
19:52:17.862 AVAST engine scan C:\Users\DAN
19:54:13.706 Disk 0 MBR has been saved successfully to "C:\Users\DAN\Documents\MBR.dat"
19:54:13.737 The log file has been saved successfully to "C:\Users\DAN\Documents\aswMBR300712.txt"

#5 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 30 July 2012 - 04:25 PM

eset log

C:\Program Files\Smart PC Cleaner\SmartPCCleaner.exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\Windows.old\Documents and Settings\Ian Beare\Local Settings\Application Data\Mozilla\Firefox\Profiles\tqrlq117.default\Cache\FD973A74d01 HTML/ScrInject.B.Gen virus deleted - quarantined

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 30 July 2012 - 07:45 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 31 July 2012 - 02:38 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by DAN (administrator) on 31-07-2012 at 20:34:16
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DAN-DESKTOP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-13-8F-B8-F9-61
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b0ca:7020:1189:cb8c%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 31 July 2012 11:57:29
Lease Expires . . . . . . . . . . : 01 August 2012 11:57:29
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234886031
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-3E-04-0E-00-13-8F-B8-F9-61
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1cfa:7ad:4f07:3130(Preferred)
Link-local IPv6 Address . . . . . : fe80::1cfa:7ad:4f07:3130%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: myrouter.home
Address: 192.168.0.1

Name: google.com
Addresses: 2a00:1450:4009:803::1002
173.194.34.110
173.194.34.96
173.194.34.97
173.194.34.98
173.194.34.99
173.194.34.100
173.194.34.101
173.194.34.102
173.194.34.103
173.194.34.104
173.194.34.105


Pinging google.com [173.194.34.105] with 32 bytes of data:
Reply from 173.194.34.105: bytes=32 time=30ms TTL=57
Reply from 173.194.34.105: bytes=32 time=29ms TTL=57

Ping statistics for 173.194.34.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 29ms, Maximum = 30ms, Average = 29ms
Server: myrouter.home
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
209.191.122.70


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=167ms TTL=52
Reply from 209.191.122.70: bytes=32 time=154ms TTL=51

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 154ms, Maximum = 167ms, Average = 160ms
Server: myrouter.home
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=20ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 5ms, Maximum = 20ms, Average = 12ms
===========================================================================
Interface List
10...00 13 8f b8 f9 61 ......Realtek RTL8139/810x Family Fast Ethernet NIC
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.5 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.5 276
192.168.0.5 255.255.255.255 On-link 192.168.0.5 276
192.168.0.255 255.255.255.255 On-link 192.168.0.5 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.5 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.5 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5ef5:79fd:1cfa:7ad:4f07:3130/128
On-link
10 276 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::1cfa:7ad:4f07:3130/128
On-link
10 276 fe80::b0ca:7020:1189:cb8c/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/31/2012 06:47:51 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/30/2012 08:22:05 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5f43ef12-e646-4654-9f95-32cf7c153ea2}

Error: (07/30/2012 08:14:13 AM) (Source: ComputerUpdater Service) (User: )
Description: Error: Service started

Error: (07/30/2012 03:03:48 AM) (Source: ComputerUpdater Service) (User: )
Description: Error: Service started

Error: (07/30/2012 01:48:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2012 00:36:11 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/29/2012 11:25:16 AM) (Source: ComputerUpdater Service) (User: )
Description: Error: Service started

Error: (07/28/2012 01:05:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/25/2012 09:37:39 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (07/24/2012 04:13:07 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 14.0.1.4577 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1784

Start Time: 01cd697d4f7b110a

Termination Time: 3688

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: 07ecb593-d5a2-11e1-b5ab-00138fb8f961


System errors:
=============
Error: (07/31/2012 11:57:48 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
is3srv

Error: (07/31/2012 11:57:07 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (07/31/2012 11:35:14 AM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/31/2012 11:34:41 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
is3srv

Error: (07/31/2012 11:33:50 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (07/31/2012 06:04:43 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
is3srv

Error: (07/31/2012 06:03:51 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (07/30/2012 02:31:43 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/30/2012 02:31:14 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
is3srv

Error: (07/30/2012 02:30:21 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Reader X (10.1.3) (Version: 10.1.3)
avast! Free Antivirus (Version: 6.0.1289.0)
Bing Bar (Version: 7.1.361.0)
C-Media WDM Audio Driver
Driver Genius Professional Edition (Version: 11.0)
ESET Online Scanner v3
Google Chrome (Version: 20.0.1132.57)
Google Update Helper (Version: 1.3.21.115)
HP Deskjet 3050A J611 series Basic Device Software (Version: 25.0.571.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HP Deskjet 3050A J611 series Product Improvement Study (Version: 25.0.571.0)
HP Photo Creations (Version: 1.0.0.5192)
HP Update (Version: 5.003.001.001)
iLivid (Version: 1.92)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
king.com (remove only)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 14.0.1 (x86 en-GB) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
Mplayer 0.6.9 (Version: 0.6.9)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyTomTom 3.1.0.530 (Version: 3.1.0.530)
Serif DrawPlus X5 (Version: 12.0.0.017)
Serif WebPlus X5 (Version: 13.0.3.029)
Sky Broadband (Version: 1.0.0)
Smart PC Cleaner v3.0 (Version: 3.0)
Sony PC Companion 2.10.079 (Version: 2.10.079)
STOPzilla (Version: 5.0.98.116)
SWiSHmax
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio C++ 10.0 Runtime (Version: 10.0.0)

========================= Memory info: ===================================

Percentage of memory in use: 69%
Total physical RAM: 1022.87 MB
Available physical RAM: 308.93 MB
Total Pagefile: 2046.87 MB
Available Pagefile: 856.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.21 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:149.04 GB) (Free:92.59 GB) NTFS
3 Drive d: (Office 2007 Ent-) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\DAN-DESKTOP

Administrator DAN Guest


**** End of log ****

#8 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 31 July 2012 - 02:40 PM

Farbar Service Scanner Version: 26-07-2012
Ran by DAN (administrator) on 31-07-2012 at 20:39:46
Running from "C:\Users\DAN\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============

sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#9 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 31 July 2012 - 02:47 PM

# AdwCleaner v1.703 - Logfile created 07/31/2012 at 20:41:24
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : DAN - DAN-DESKTOP
# Running from : C:\Users\DAN\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Ilivid
File Deleted : C:\Users\DAN\AppData\Roaming\Mozilla\Firefox\Profiles\518bbn2w.default\searchplugins\my-web-search.xml

***** [Registry] *****

Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&ptnrS=ZKxdm741YYgb&ptb=722E185D-A34E-4326-80F8-4E9F04B8A191 --> hxxp://www.google.com

-\\ Mozilla Firefox v14.0.1 (en-GB)

Profile name : default
File : C:\Users\DAN\AppData\Roaming\Mozilla\Firefox\Profiles\518bbn2w.default\prefs.js

C:\Users\DAN\AppData\Roaming\Mozilla\Firefox\Profiles\518bbn2w.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "My Web Search");
Deleted : user_pref("browser.search.selectedEngine", "My Web Search");
Deleted : user_pref("extensions.toolbar.mindspark._52Members_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=722E185D[...]

-\\ Google Chrome v20.0.1132.57

File : C:\Users\DAN\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [1859 octets] - [31/07/2012 20:41:24]

########## EOF - C:\AdwCleaner[S1].txt - [1987 octets] ##########

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 31 July 2012 - 03:07 PM

Any current issues?

#11 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 31 July 2012 - 06:20 PM

all previously mentioned programs seem to still be there and loading at startup.

Edited by d02an, 31 July 2012 - 06:20 PM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 31 July 2012 - 06:22 PM

Uninstall them from add or remove programs including stop zilla

Install

http://windows.microsoft.com/en-US/windows/products/security-essentials

Let me know if you have any issues

#13 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 31 July 2012 - 06:27 PM

K will do that now thanks a lot for all the help will post again after i have tried taking them off and installing that last link

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:27 PM

Posted 31 July 2012 - 07:10 PM

:thumbup2:

We will wrap up then

#15 d02an

d02an
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:27 PM

Posted 01 August 2012 - 02:57 AM

Everything seems to have gone for good , thank you very much for all your help, extremely appreciated!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users