Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected - Pop up messages Lower Right Corner


  • Please log in to reply
11 replies to this topic

#1 LowerRightCorner

LowerRightCorner

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 12:49 PM

System Windows 7 Home Premium edition, 64 bit, Google Chrome Browser, HP laptop

Problem: Persistent popup's in the lower corner of the browser..sometime a 3 x 3 pop up with advertisement, sometime smart phone shaped banner with links /ads or sometimes a pop up resembles a video screen of ads.

Tried a few of the usual spyware scans.. spybot and malwarebyte as well. Nothing identified.

The only prior find from scan a while ago was CouponBar (from a Coupon Inc install), reinstalled it and removed the items identified as malware. This problem still persists.

Please help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:27 AM

Posted 12 August 2012 - 12:50 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 LowerRightCorner

LowerRightCorner
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 12:58 PM

13:52:41.0025 5484 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:52:41.0350 5484 ============================================================
13:52:41.0350 5484 Current date / time: 2012/08/12 13:52:41.0350
13:52:41.0350 5484 SystemInfo:
13:52:41.0350 5484
13:52:41.0351 5484 OS Version: 6.1.7601 ServicePack: 1.0
13:52:41.0351 5484 Product type: Workstation
13:52:41.0351 5484 ComputerName: VIN2011-HP
13:52:41.0352 5484 UserName: VIN2011
13:52:41.0352 5484 Windows directory: C:\Windows
13:52:41.0352 5484 System windows directory: C:\Windows
13:52:41.0352 5484 Running under WOW64
13:52:41.0352 5484 Processor architecture: Intel x64
13:52:41.0352 5484 Number of processors: 2
13:52:41.0352 5484 Page size: 0x1000
13:52:41.0352 5484 Boot type: Normal boot
13:52:41.0352 5484 ============================================================
13:52:44.0061 5484 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:52:44.0065 5484 ============================================================
13:52:44.0065 5484 \Device\Harddisk0\DR0:
13:52:44.0065 5484 MBR partitions:
13:52:44.0065 5484 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:52:44.0065 5484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x230E5800
13:52:44.0065 5484 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23149800, BlocksNum 0x22B1000
13:52:44.0065 5484 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x253FA800, BlocksNum 0x33AB0
13:52:44.0065 5484 ============================================================
13:52:44.0189 5484 C: <-> \Device\Harddisk0\DR0\Partition1
13:52:44.0353 5484 D: <-> \Device\Harddisk0\DR0\Partition2
13:52:44.0436 5484 ============================================================
13:52:44.0436 5484 Initialize success
13:52:44.0436 5484 ============================================================
13:53:22.0234 5680 ============================================================
13:53:22.0234 5680 Scan started
13:53:22.0234 5680 Mode: Manual; TDLFS;
13:53:22.0234 5680 ============================================================
13:53:22.0844 5680 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:53:22.0850 5680 1394ohci - ok
13:53:23.0057 5680 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:53:23.0066 5680 ACPI - ok
13:53:23.0105 5680 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:53:23.0106 5680 AcpiPmi - ok
13:53:23.0253 5680 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:53:23.0257 5680 AdobeFlashPlayerUpdateSvc - ok
13:53:23.0349 5680 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:53:23.0360 5680 adp94xx - ok
13:53:23.0393 5680 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:53:23.0399 5680 adpahci - ok
13:53:23.0455 5680 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:53:23.0461 5680 adpu320 - ok
13:53:23.0504 5680 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:53:23.0506 5680 AeLookupSvc - ok
13:53:23.0593 5680 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
13:53:23.0596 5680 AERTFilters - ok
13:53:23.0694 5680 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:53:23.0704 5680 AFD - ok
13:53:23.0762 5680 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:53:23.0765 5680 agp440 - ok
13:53:23.0805 5680 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:53:23.0808 5680 ALG - ok
13:53:23.0832 5680 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:53:23.0835 5680 aliide - ok
13:53:23.0927 5680 AMD External Events Utility (4609419a19891c706455c1a747431af9) C:\Windows\system32\atiesrxx.exe
13:53:23.0932 5680 AMD External Events Utility - ok
13:53:23.0957 5680 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:53:23.0959 5680 amdide - ok
13:53:23.0989 5680 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:53:23.0992 5680 AmdK8 - ok
13:53:24.0258 5680 amdkmdag (4bffead896affbc80c86f62cd18f17c9) C:\Windows\system32\DRIVERS\atipmdag.sys
13:53:24.0436 5680 amdkmdag - ok
13:53:24.0605 5680 amdkmdap (a7155a832f24cf5b048f6048380636ec) C:\Windows\system32\DRIVERS\atikmpag.sys
13:53:24.0611 5680 amdkmdap - ok
13:53:24.0673 5680 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:53:24.0674 5680 AmdPPM - ok
13:53:24.0709 5680 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
13:53:24.0711 5680 amdsata - ok
13:53:24.0752 5680 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:53:24.0758 5680 amdsbs - ok
13:53:24.0776 5680 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
13:53:24.0778 5680 amdxata - ok
13:53:24.0825 5680 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:53:24.0826 5680 AppID - ok
13:53:24.0852 5680 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:53:24.0854 5680 AppIDSvc - ok
13:53:24.0898 5680 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:53:24.0900 5680 Appinfo - ok
13:53:24.0947 5680 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:53:24.0950 5680 arc - ok
13:53:24.0984 5680 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:53:24.0988 5680 arcsas - ok
13:53:25.0085 5680 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:53:25.0087 5680 AsyncMac - ok
13:53:25.0138 5680 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:53:25.0139 5680 atapi - ok
13:53:25.0263 5680 athr (40734f3a5eec4c4ac6a1faf10b293714) C:\Windows\system32\DRIVERS\athrx.sys
13:53:25.0293 5680 athr - ok
13:53:25.0536 5680 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
13:53:25.0539 5680 AtiHdmiService - ok
13:53:25.0580 5680 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
13:53:25.0582 5680 AtiPcie - ok
13:53:25.0668 5680 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:53:25.0683 5680 AudioEndpointBuilder - ok
13:53:25.0696 5680 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:53:25.0703 5680 AudioSrv - ok
13:53:25.0756 5680 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:53:25.0760 5680 AxInstSV - ok
13:53:25.0807 5680 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:53:25.0818 5680 b06bdrv - ok
13:53:25.0857 5680 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:53:25.0864 5680 b57nd60a - ok
13:53:25.0927 5680 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:53:25.0931 5680 BDESVC - ok
13:53:25.0946 5680 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:53:25.0948 5680 Beep - ok
13:53:26.0036 5680 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:53:26.0047 5680 BFE - ok
13:53:26.0127 5680 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:53:26.0143 5680 BITS - ok
13:53:26.0209 5680 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:53:26.0212 5680 blbdrive - ok
13:53:26.0277 5680 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:53:26.0280 5680 bowser - ok
13:53:26.0302 5680 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:53:26.0305 5680 BrFiltLo - ok
13:53:26.0315 5680 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:53:26.0318 5680 BrFiltUp - ok
13:53:26.0401 5680 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:53:26.0405 5680 Browser - ok
13:53:26.0444 5680 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:53:26.0451 5680 Brserid - ok
13:53:26.0480 5680 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:53:26.0483 5680 BrSerWdm - ok
13:53:26.0528 5680 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:53:26.0530 5680 BrUsbMdm - ok
13:53:26.0541 5680 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:53:26.0543 5680 BrUsbSer - ok
13:53:26.0591 5680 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:53:26.0594 5680 BTHMODEM - ok
13:53:26.0666 5680 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:53:26.0670 5680 bthserv - ok
13:53:26.0718 5680 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:53:26.0722 5680 cdfs - ok
13:53:26.0806 5680 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
13:53:26.0811 5680 cdrom - ok
13:53:26.0863 5680 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:53:26.0866 5680 CertPropSvc - ok
13:53:26.0979 5680 CinemaNow Service (533328a3d9a9c286682525842547540c) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
13:53:26.0983 5680 CinemaNow Service - ok
13:53:27.0040 5680 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:53:27.0042 5680 circlass - ok
13:53:27.0088 5680 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:53:27.0097 5680 CLFS - ok
13:53:27.0190 5680 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:53:27.0193 5680 clr_optimization_v2.0.50727_32 - ok
13:53:27.0248 5680 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:53:27.0252 5680 clr_optimization_v2.0.50727_64 - ok
13:53:27.0322 5680 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:53:27.0325 5680 clr_optimization_v4.0.30319_32 - ok
13:53:27.0367 5680 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:53:27.0372 5680 clr_optimization_v4.0.30319_64 - ok
13:53:27.0409 5680 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:53:27.0411 5680 CmBatt - ok
13:53:27.0449 5680 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:53:27.0451 5680 cmdide - ok
13:53:27.0524 5680 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:53:27.0535 5680 CNG - ok
13:53:27.0571 5680 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:53:27.0573 5680 Compbatt - ok
13:53:27.0655 5680 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:53:27.0657 5680 CompositeBus - ok
13:53:27.0677 5680 COMSysApp - ok
13:53:27.0712 5680 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:53:27.0714 5680 crcdisk - ok
13:53:27.0782 5680 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:53:27.0786 5680 CryptSvc - ok
13:53:27.0885 5680 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
13:53:27.0888 5680 dc3d - ok
13:53:27.0959 5680 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:53:27.0973 5680 DcomLaunch - ok
13:53:28.0031 5680 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:53:28.0040 5680 defragsvc - ok
13:53:28.0108 5680 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:53:28.0111 5680 DfsC - ok
13:53:28.0198 5680 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:53:28.0206 5680 Dhcp - ok
13:53:28.0250 5680 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:53:28.0253 5680 discache - ok
13:53:28.0314 5680 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:53:28.0317 5680 Disk - ok
13:53:28.0354 5680 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:53:28.0359 5680 Dnscache - ok
13:53:28.0403 5680 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:53:28.0411 5680 dot3svc - ok
13:53:28.0448 5680 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:53:28.0452 5680 DPS - ok
13:53:28.0492 5680 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:53:28.0493 5680 drmkaud - ok
13:53:28.0635 5680 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:53:28.0654 5680 DXGKrnl - ok
13:53:28.0683 5680 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:53:28.0686 5680 EapHost - ok
13:53:28.0779 5680 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:53:28.0957 5680 ebdrv - ok
13:53:29.0086 5680 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:53:29.0089 5680 EFS - ok
13:53:29.0170 5680 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:53:29.0185 5680 ehRecvr - ok
13:53:29.0233 5680 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:53:29.0236 5680 ehSched - ok
13:53:29.0349 5680 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:53:29.0362 5680 elxstor - ok
13:53:29.0404 5680 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:53:29.0406 5680 ErrDev - ok
13:53:29.0476 5680 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:53:29.0486 5680 EventSystem - ok
13:53:29.0532 5680 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:53:29.0535 5680 exfat - ok
13:53:29.0589 5680 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:53:29.0595 5680 fastfat - ok
13:53:29.0666 5680 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:53:29.0677 5680 Fax - ok
13:53:29.0717 5680 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:53:29.0718 5680 fdc - ok
13:53:29.0741 5680 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:53:29.0742 5680 fdPHost - ok
13:53:29.0756 5680 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:53:29.0758 5680 FDResPub - ok
13:53:29.0773 5680 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:53:29.0775 5680 FileInfo - ok
13:53:29.0821 5680 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:53:29.0822 5680 Filetrace - ok
13:53:29.0847 5680 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:53:29.0849 5680 flpydisk - ok
13:53:29.0898 5680 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:53:29.0904 5680 FltMgr - ok
13:53:30.0017 5680 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:53:30.0037 5680 FontCache - ok
13:53:30.0169 5680 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:53:30.0171 5680 FontCache3.0.0.0 - ok
13:53:30.0239 5680 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:53:30.0242 5680 FsDepends - ok
13:53:30.0273 5680 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:53:30.0274 5680 Fs_Rec - ok
13:53:30.0336 5680 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:53:30.0342 5680 fvevol - ok
13:53:30.0378 5680 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:53:30.0381 5680 gagp30kx - ok
13:53:30.0450 5680 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:53:30.0463 5680 gpsvc - ok
13:53:30.0634 5680 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:53:30.0638 5680 gupdate - ok
13:53:30.0730 5680 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:53:30.0732 5680 gupdatem - ok
13:53:30.0769 5680 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:53:30.0773 5680 gusvc - ok
13:53:30.0804 5680 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:53:30.0805 5680 hcw85cir - ok
13:53:30.0887 5680 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:53:30.0895 5680 HdAudAddService - ok
13:53:30.0944 5680 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:53:30.0947 5680 HDAudBus - ok
13:53:30.0970 5680 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:53:30.0972 5680 HidBatt - ok
13:53:31.0005 5680 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:53:31.0009 5680 HidBth - ok
13:53:31.0028 5680 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:53:31.0030 5680 HidIr - ok
13:53:31.0050 5680 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:53:31.0052 5680 hidserv - ok
13:53:31.0125 5680 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
13:53:31.0127 5680 HidUsb - ok
13:53:31.0168 5680 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:53:31.0173 5680 hkmsvc - ok
13:53:31.0224 5680 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:53:31.0231 5680 HomeGroupListener - ok
13:53:31.0280 5680 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:53:31.0288 5680 HomeGroupProvider - ok
13:53:31.0425 5680 HP Health Check Service (ddd8f84e0b5fdb8a33cb4ea227d9abf8) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
13:53:31.0428 5680 HP Health Check Service - ok
13:53:31.0550 5680 HP Wireless Assistant Service (3a09322a8aa8b0c79036686a0ebe7b4c) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
13:53:31.0554 5680 HP Wireless Assistant Service - ok
13:53:31.0651 5680 hpqwmiex (fe51b163a618b1cbf015485d21c1bc68) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
13:53:31.0661 5680 hpqwmiex - ok
13:53:31.0769 5680 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:53:31.0773 5680 HpSAMD - ok
13:53:31.0854 5680 HPWMISVC (5aa89e152634954e15e9db265c6a8557) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
13:53:31.0856 5680 HPWMISVC - ok
13:53:31.0945 5680 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:53:31.0962 5680 HTTP - ok
13:53:32.0007 5680 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:53:32.0008 5680 hwpolicy - ok
13:53:32.0088 5680 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:53:32.0092 5680 i8042prt - ok
13:53:32.0137 5680 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:53:32.0147 5680 iaStorV - ok
13:53:32.0266 5680 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:53:32.0284 5680 idsvc - ok
13:53:32.0477 5680 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:53:32.0637 5680 igfx - ok
13:53:32.0799 5680 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:53:32.0801 5680 iirsp - ok
13:53:32.0866 5680 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:53:32.0877 5680 IKEEXT - ok
13:53:32.0968 5680 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys
13:53:32.0996 5680 IntcAzAudAddService - ok
13:53:33.0152 5680 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:53:33.0154 5680 intelide - ok
13:53:33.0199 5680 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:53:33.0202 5680 intelppm - ok
13:53:33.0230 5680 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:53:33.0235 5680 IPBusEnum - ok
13:53:33.0266 5680 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:53:33.0270 5680 IpFilterDriver - ok
13:53:33.0319 5680 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:53:33.0333 5680 iphlpsvc - ok
13:53:33.0366 5680 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:53:33.0369 5680 IPMIDRV - ok
13:53:33.0413 5680 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:53:33.0417 5680 IPNAT - ok
13:53:33.0479 5680 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:53:33.0481 5680 IRENUM - ok
13:53:33.0517 5680 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:53:33.0519 5680 isapnp - ok
13:53:33.0559 5680 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:53:33.0566 5680 iScsiPrt - ok
13:53:33.0638 5680 ivusb (bd5bf20ec242e003a2f570b8754a56d1) C:\Windows\system32\DRIVERS\ivusb.sys
13:53:33.0640 5680 ivusb - ok
13:53:33.0666 5680 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:53:33.0669 5680 kbdclass - ok
13:53:33.0768 5680 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:53:33.0770 5680 kbdhid - ok
13:53:33.0801 5680 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:53:33.0804 5680 KeyIso - ok
13:53:33.0872 5680 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:53:33.0876 5680 KSecDD - ok
13:53:33.0921 5680 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:53:33.0925 5680 KSecPkg - ok
13:53:33.0962 5680 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:53:33.0964 5680 ksthunk - ok
13:53:34.0041 5680 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:53:34.0052 5680 KtmRm - ok
13:53:34.0148 5680 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:53:34.0157 5680 LanmanServer - ok
13:53:34.0197 5680 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:53:34.0204 5680 LanmanWorkstation - ok
13:53:34.0320 5680 LightScribeService (7550d101bf49fdb1f92666a233ee36c4) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
13:53:34.0323 5680 LightScribeService - ok
13:53:34.0397 5680 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:53:34.0400 5680 lltdio - ok
13:53:34.0445 5680 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:53:34.0451 5680 lltdsvc - ok
13:53:34.0468 5680 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:53:34.0471 5680 lmhosts - ok
13:53:34.0524 5680 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:53:34.0526 5680 LSI_FC - ok
13:53:34.0550 5680 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:53:34.0553 5680 LSI_SAS - ok
13:53:34.0570 5680 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:53:34.0572 5680 LSI_SAS2 - ok
13:53:34.0590 5680 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:53:34.0593 5680 LSI_SCSI - ok
13:53:34.0664 5680 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:53:34.0668 5680 luafv - ok
13:53:34.0714 5680 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:53:34.0717 5680 Mcx2Svc - ok
13:53:34.0745 5680 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:53:34.0747 5680 megasas - ok
13:53:34.0814 5680 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:53:34.0821 5680 MegaSR - ok
13:53:34.0938 5680 Microsoft SharePoint Workspace Audit Service - ok
13:53:34.0988 5680 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:53:34.0993 5680 MMCSS - ok
13:53:35.0031 5680 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:53:35.0034 5680 Modem - ok
13:53:35.0048 5680 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:53:35.0049 5680 monitor - ok
13:53:35.0112 5680 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
13:53:35.0115 5680 mouclass - ok
13:53:35.0194 5680 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:53:35.0197 5680 mouhid - ok
13:53:35.0235 5680 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:53:35.0238 5680 mountmgr - ok
13:53:35.0330 5680 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
13:53:35.0335 5680 MpFilter - ok
13:53:35.0381 5680 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:53:35.0386 5680 mpio - ok
13:53:35.0416 5680 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:53:35.0419 5680 mpsdrv - ok
13:53:35.0493 5680 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:53:35.0506 5680 MpsSvc - ok
13:53:35.0551 5680 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:53:35.0554 5680 MRxDAV - ok
13:53:35.0587 5680 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:53:35.0590 5680 mrxsmb - ok
13:53:35.0707 5680 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:53:35.0714 5680 mrxsmb10 - ok
13:53:35.0756 5680 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:53:35.0760 5680 mrxsmb20 - ok
13:53:35.0794 5680 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:53:35.0797 5680 msahci - ok
13:53:35.0866 5680 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:53:35.0871 5680 msdsm - ok
13:53:35.0900 5680 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:53:35.0907 5680 MSDTC - ok
13:53:35.0980 5680 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:53:35.0983 5680 Msfs - ok
13:53:36.0024 5680 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:53:36.0026 5680 mshidkmdf - ok
13:53:36.0058 5680 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:53:36.0060 5680 msisadrv - ok
13:53:36.0113 5680 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:53:36.0120 5680 MSiSCSI - ok
13:53:36.0126 5680 msiserver - ok
13:53:36.0157 5680 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:53:36.0158 5680 MSKSSRV - ok
13:53:36.0317 5680 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
13:53:36.0319 5680 MsMpSvc - ok
13:53:36.0357 5680 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:53:36.0359 5680 MSPCLOCK - ok
13:53:36.0376 5680 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:53:36.0378 5680 MSPQM - ok
13:53:36.0431 5680 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:53:36.0440 5680 MsRPC - ok
13:53:36.0479 5680 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:53:36.0480 5680 mssmbios - ok
13:53:36.0515 5680 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:53:36.0517 5680 MSTEE - ok
13:53:36.0536 5680 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:53:36.0539 5680 MTConfig - ok
13:53:36.0619 5680 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:53:36.0622 5680 Mup - ok
13:53:36.0733 5680 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:53:36.0746 5680 napagent - ok
13:53:36.0841 5680 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:53:36.0849 5680 NativeWifiP - ok
13:53:36.0934 5680 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:53:36.0955 5680 NDIS - ok
13:53:36.0990 5680 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:53:36.0992 5680 NdisCap - ok
13:53:37.0018 5680 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:53:37.0020 5680 NdisTapi - ok
13:53:37.0097 5680 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:53:37.0100 5680 Ndisuio - ok
13:53:37.0153 5680 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:53:37.0159 5680 NdisWan - ok
13:53:37.0227 5680 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:53:37.0230 5680 NDProxy - ok
13:53:37.0272 5680 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:53:37.0275 5680 NetBIOS - ok
13:53:37.0335 5680 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:53:37.0342 5680 NetBT - ok
13:53:37.0379 5680 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:53:37.0381 5680 Netlogon - ok
13:53:37.0421 5680 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:53:37.0433 5680 Netman - ok
13:53:37.0461 5680 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:53:37.0469 5680 netprofm - ok
13:53:37.0590 5680 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:53:37.0593 5680 NetTcpPortSharing - ok
13:53:37.0800 5680 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
13:53:37.0926 5680 netw5v64 - ok
13:53:38.0081 5680 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:53:38.0084 5680 nfrd960 - ok
13:53:38.0167 5680 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
13:53:38.0170 5680 NisDrv - ok
13:53:38.0289 5680 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
13:53:38.0295 5680 NisSrv - ok
13:53:38.0384 5680 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:53:38.0393 5680 NlaSvc - ok
13:53:38.0619 5680 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
13:53:38.0648 5680 NOBU - ok
13:53:38.0793 5680 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:53:38.0796 5680 Npfs - ok
13:53:38.0831 5680 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:53:38.0836 5680 nsi - ok
13:53:38.0848 5680 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:53:38.0850 5680 nsiproxy - ok
13:53:38.0930 5680 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:53:38.0950 5680 Ntfs - ok
13:53:39.0109 5680 NuidFltr (317020d31f1696334679b9d0416eb62e) C:\Windows\system32\DRIVERS\NuidFltr.sys
13:53:39.0112 5680 NuidFltr - ok
13:53:39.0144 5680 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:53:39.0146 5680 Null - ok
13:53:39.0208 5680 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:53:39.0213 5680 nvraid - ok
13:53:39.0237 5680 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:53:39.0242 5680 nvstor - ok
13:53:39.0269 5680 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:53:39.0273 5680 nv_agp - ok
13:53:39.0366 5680 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:53:39.0368 5680 ohci1394 - ok
13:53:39.0510 5680 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:53:39.0515 5680 ose64 - ok
13:53:39.0783 5680 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:53:40.0057 5680 osppsvc - ok
13:53:40.0189 5680 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:53:40.0199 5680 p2pimsvc - ok
13:53:40.0236 5680 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:53:40.0247 5680 p2psvc - ok
13:53:40.0348 5680 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:53:40.0352 5680 Parport - ok
13:53:40.0397 5680 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:53:40.0400 5680 partmgr - ok
13:53:40.0467 5680 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:53:40.0474 5680 PcaSvc - ok
13:53:40.0522 5680 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:53:40.0526 5680 pci - ok
13:53:40.0543 5680 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:53:40.0544 5680 pciide - ok
13:53:40.0571 5680 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:53:40.0575 5680 pcmcia - ok
13:53:40.0612 5680 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:53:40.0614 5680 pcw - ok
13:53:40.0641 5680 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:53:40.0651 5680 PEAUTH - ok
13:53:40.0722 5680 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:53:40.0724 5680 PerfHost - ok
13:53:40.0834 5680 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:53:40.0853 5680 pla - ok
13:53:40.0909 5680 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:53:40.0921 5680 PlugPlay - ok
13:53:40.0978 5680 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:53:40.0981 5680 PNRPAutoReg - ok
13:53:41.0005 5680 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:53:41.0013 5680 PNRPsvc - ok
13:53:41.0123 5680 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
13:53:41.0126 5680 Point64 - ok
13:53:41.0189 5680 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:53:41.0201 5680 PolicyAgent - ok
13:53:41.0233 5680 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:53:41.0241 5680 Power - ok
13:53:41.0284 5680 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:53:41.0288 5680 PptpMiniport - ok
13:53:41.0321 5680 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:53:41.0325 5680 Processor - ok
13:53:41.0386 5680 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:53:41.0394 5680 ProfSvc - ok
13:53:41.0422 5680 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:53:41.0423 5680 ProtectedStorage - ok
13:53:41.0481 5680 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:53:41.0483 5680 Psched - ok
13:53:41.0550 5680 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:53:41.0572 5680 ql2300 - ok
13:53:41.0693 5680 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:53:41.0697 5680 ql40xx - ok
13:53:41.0761 5680 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:53:41.0771 5680 QWAVE - ok
13:53:41.0804 5680 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:53:41.0807 5680 QWAVEdrv - ok
13:53:41.0823 5680 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:53:41.0825 5680 RasAcd - ok
13:53:41.0904 5680 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:53:41.0907 5680 RasAgileVpn - ok
13:53:41.0934 5680 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:53:41.0941 5680 RasAuto - ok
13:53:41.0974 5680 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:53:41.0978 5680 Rasl2tp - ok
13:53:42.0043 5680 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:53:42.0055 5680 RasMan - ok
13:53:42.0089 5680 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:53:42.0091 5680 RasPppoe - ok
13:53:42.0124 5680 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:53:42.0128 5680 RasSstp - ok
13:53:42.0171 5680 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:53:42.0179 5680 rdbss - ok
13:53:42.0209 5680 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:53:42.0211 5680 rdpbus - ok
13:53:42.0245 5680 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:53:42.0246 5680 RDPCDD - ok
13:53:42.0280 5680 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:53:42.0281 5680 RDPENCDD - ok
13:53:42.0307 5680 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:53:42.0307 5680 RDPREFMP - ok
13:53:42.0346 5680 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:53:42.0351 5680 RDPWD - ok
13:53:42.0444 5680 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:53:42.0450 5680 rdyboost - ok
13:53:42.0480 5680 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:53:42.0486 5680 RemoteAccess - ok
13:53:42.0516 5680 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:53:42.0524 5680 RemoteRegistry - ok
13:53:42.0616 5680 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
13:53:42.0619 5680 RimVSerPort - ok
13:53:42.0654 5680 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
13:53:42.0656 5680 ROOTMODEM - ok
13:53:42.0696 5680 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:53:42.0701 5680 RpcEptMapper - ok
13:53:42.0728 5680 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:53:42.0732 5680 RpcLocator - ok
13:53:42.0802 5680 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:53:42.0813 5680 RpcSs - ok
13:53:42.0835 5680 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:53:42.0837 5680 rspndr - ok
13:53:42.0892 5680 RSUSBSTOR (22d6b47d004a6568c500680be2972854) C:\Windows\system32\Drivers\RtsUStor.sys
13:53:42.0897 5680 RSUSBSTOR - ok
13:53:42.0942 5680 RTL8167 (4fbda07ef0a3097ce14c5cabf723b278) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:53:42.0949 5680 RTL8167 - ok
13:53:43.0027 5680 RtVOsdService (5fff3e71b4724bb10918fd6dd7413d99) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
13:53:43.0034 5680 RtVOsdService - ok
13:53:43.0067 5680 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:53:43.0071 5680 SamSs - ok
13:53:43.0112 5680 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:53:43.0116 5680 sbp2port - ok
13:53:43.0195 5680 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:53:43.0203 5680 SCardSvr - ok
13:53:43.0241 5680 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:53:43.0243 5680 scfilter - ok
13:53:43.0353 5680 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:53:43.0378 5680 Schedule - ok
13:53:43.0440 5680 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:53:43.0442 5680 SCPolicySvc - ok
13:53:43.0640 5680 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
13:53:43.0669 5680 sdbus - ok
13:53:43.0765 5680 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:53:43.0772 5680 SDRSVC - ok
13:53:43.0819 5680 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:53:43.0820 5680 secdrv - ok
13:53:43.0849 5680 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:53:43.0852 5680 seclogon - ok
13:53:43.0884 5680 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:53:43.0887 5680 SENS - ok
13:53:43.0924 5680 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:53:43.0929 5680 SensrSvc - ok
13:53:43.0982 5680 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:53:43.0984 5680 Serenum - ok
13:53:44.0019 5680 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:53:44.0022 5680 Serial - ok
13:53:44.0094 5680 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:53:44.0096 5680 sermouse - ok
13:53:44.0153 5680 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:53:44.0157 5680 SessionEnv - ok
13:53:44.0188 5680 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:53:44.0189 5680 sffdisk - ok
13:53:44.0233 5680 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:53:44.0236 5680 sffp_mmc - ok
13:53:44.0249 5680 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:53:44.0251 5680 sffp_sd - ok
13:53:44.0282 5680 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:53:44.0283 5680 sfloppy - ok
13:53:44.0313 5680 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:53:44.0320 5680 SharedAccess - ok
13:53:44.0369 5680 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:53:44.0377 5680 ShellHWDetection - ok
13:53:44.0419 5680 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:53:44.0422 5680 SiSRaid2 - ok
13:53:44.0483 5680 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:53:44.0485 5680 SiSRaid4 - ok
13:53:44.0634 5680 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Program Files (x86)\Skype\Updater\Updater.exe
13:53:44.0641 5680 SkypeUpdate - ok
13:53:44.0684 5680 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:53:44.0686 5680 Smb - ok
13:53:44.0769 5680 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:53:44.0772 5680 SNMPTRAP - ok
13:53:44.0794 5680 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:53:44.0796 5680 spldr - ok
13:53:44.0888 5680 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:53:44.0897 5680 Spooler - ok
13:53:45.0021 5680 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:53:45.0154 5680 sppsvc - ok
13:53:45.0301 5680 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:53:45.0305 5680 sppuinotify - ok
13:53:45.0376 5680 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:53:45.0382 5680 srv - ok
13:53:45.0436 5680 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:53:45.0442 5680 srv2 - ok
13:53:45.0485 5680 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:53:45.0489 5680 SrvHsfHDA - ok
13:53:45.0539 5680 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:53:45.0557 5680 SrvHsfV92 - ok
13:53:45.0695 5680 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:53:45.0704 5680 SrvHsfWinac - ok
13:53:45.0831 5680 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:53:45.0837 5680 srvnet - ok
13:53:45.0897 5680 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:53:45.0905 5680 SSDPSRV - ok
13:53:45.0926 5680 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:53:45.0932 5680 SstpSvc - ok
13:53:45.0987 5680 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:53:45.0989 5680 stexstor - ok
13:53:46.0082 5680 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
13:53:46.0084 5680 StillCam - ok
13:53:46.0196 5680 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:53:46.0211 5680 stisvc - ok
13:53:46.0255 5680 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:53:46.0256 5680 swenum - ok
13:53:46.0313 5680 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:53:46.0329 5680 swprv - ok
13:53:46.0416 5680 SynTP (868dfb220a18312a12cef01ba9ac069b) C:\Windows\system32\DRIVERS\SynTP.sys
13:53:46.0424 5680 SynTP - ok
13:53:46.0567 5680 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:53:46.0593 5680 SysMain - ok
13:53:46.0701 5680 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:53:46.0704 5680 TabletInputService - ok
13:53:46.0745 5680 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:53:46.0750 5680 TapiSrv - ok
13:53:46.0771 5680 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:53:46.0774 5680 TBS - ok
13:53:46.0904 5680 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:53:46.0926 5680 Tcpip - ok
13:53:47.0124 5680 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:53:47.0141 5680 TCPIP6 - ok
13:53:47.0205 5680 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:53:47.0208 5680 tcpipreg - ok
13:53:47.0291 5680 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:53:47.0293 5680 TDPIPE - ok
13:53:47.0329 5680 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:53:47.0332 5680 TDTCP - ok
13:53:47.0389 5680 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:53:47.0393 5680 tdx - ok
13:53:47.0433 5680 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:53:47.0437 5680 TermDD - ok
13:53:47.0489 5680 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:53:47.0503 5680 TermService - ok
13:53:47.0548 5680 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:53:47.0554 5680 Themes - ok
13:53:47.0578 5680 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:53:47.0583 5680 THREADORDER - ok
13:53:47.0603 5680 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:53:47.0610 5680 TrkWks - ok
13:53:47.0665 5680 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:53:47.0670 5680 TrustedInstaller - ok
13:53:47.0717 5680 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:53:47.0718 5680 tssecsrv - ok
13:53:47.0757 5680 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:53:47.0759 5680 TsUsbFlt - ok
13:53:47.0810 5680 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:53:47.0814 5680 tunnel - ok
13:53:47.0854 5680 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:53:47.0857 5680 uagp35 - ok
13:53:47.0913 5680 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:53:47.0921 5680 udfs - ok
13:53:47.0973 5680 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:53:47.0977 5680 UI0Detect - ok
13:53:48.0012 5680 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:53:48.0015 5680 uliagpkx - ok
13:53:48.0068 5680 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
13:53:48.0071 5680 umbus - ok
13:53:48.0114 5680 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:53:48.0116 5680 UmPass - ok
13:53:48.0150 5680 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:53:48.0162 5680 upnphost - ok
13:53:48.0185 5680 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:53:48.0188 5680 usbccgp - ok
13:53:48.0245 5680 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:53:48.0249 5680 usbcir - ok
13:53:48.0269 5680 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:53:48.0273 5680 usbehci - ok
13:53:48.0301 5680 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
13:53:48.0304 5680 usbfilter - ok
13:53:48.0327 5680 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:53:48.0333 5680 usbhub - ok
13:53:48.0362 5680 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
13:53:48.0431 5680 usbohci - ok
13:53:48.0507 5680 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:53:48.0553 5680 usbprint - ok
13:53:48.0677 5680 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:53:48.0681 5680 USBSTOR - ok
13:53:48.0704 5680 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:53:48.0706 5680 usbuhci - ok
13:53:48.0766 5680 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
13:53:48.0772 5680 usbvideo - ok
13:53:48.0812 5680 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:53:48.0818 5680 UxSms - ok
13:53:48.0854 5680 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:53:48.0858 5680 VaultSvc - ok
13:53:48.0908 5680 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:53:48.0910 5680 vdrvroot - ok
13:53:48.0973 5680 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:53:48.0989 5680 vds - ok
13:53:49.0028 5680 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:53:49.0030 5680 vga - ok
13:53:49.0051 5680 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:53:49.0054 5680 VgaSave - ok
13:53:49.0102 5680 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:53:49.0108 5680 vhdmp - ok
13:53:49.0124 5680 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:53:49.0126 5680 viaide - ok
13:53:49.0151 5680 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:53:49.0153 5680 volmgr - ok
13:53:49.0200 5680 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:53:49.0204 5680 volmgrx - ok
13:53:49.0247 5680 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:53:49.0252 5680 volsnap - ok
13:53:49.0299 5680 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:53:49.0304 5680 vsmraid - ok
13:53:49.0412 5680 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:53:49.0432 5680 VSS - ok
13:53:49.0558 5680 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:53:49.0561 5680 vwifibus - ok
13:53:49.0593 5680 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:53:49.0596 5680 vwififlt - ok
13:53:49.0638 5680 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:53:49.0645 5680 W32Time - ok
13:53:49.0672 5680 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:53:49.0674 5680 WacomPen - ok
13:53:49.0738 5680 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:53:49.0741 5680 WANARP - ok
13:53:49.0750 5680 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:53:49.0752 5680 Wanarpv6 - ok
13:53:49.0848 5680 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:53:49.0869 5680 WatAdminSvc - ok
13:53:49.0949 5680 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:53:49.0970 5680 wbengine - ok
13:53:50.0061 5680 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:53:50.0070 5680 WbioSrvc - ok
13:53:50.0133 5680 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:53:50.0145 5680 wcncsvc - ok
13:53:50.0170 5680 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:53:50.0177 5680 WcsPlugInService - ok
13:53:50.0250 5680 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:53:50.0252 5680 Wd - ok
13:53:50.0301 5680 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\Windows\system32\DRIVERS\wdcsam64.sys
13:53:50.0304 5680 WDC_SAM - ok
13:53:50.0376 5680 WDDMService (7cb1e124542329ca2060594bb2b5a98f) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
13:53:50.0380 5680 WDDMService - ok
13:53:50.0453 5680 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:53:50.0466 5680 Wdf01000 - ok
13:53:50.0643 5680 WDFME (5bb2ed6a1070001038276c814bc8c1de) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
13:53:50.0664 5680 WDFME - ok
13:53:50.0758 5680 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:53:50.0764 5680 WdiServiceHost - ok
13:53:50.0772 5680 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:53:50.0778 5680 WdiSystemHost - ok
13:53:50.0886 5680 WDSC (4ba11da929f6ecdb2c6232f5a866ee2e) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
13:53:50.0896 5680 WDSC - ok
13:53:50.0946 5680 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:53:50.0957 5680 WebClient - ok
13:53:50.0999 5680 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:53:51.0005 5680 Wecsvc - ok
13:53:51.0033 5680 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:53:51.0037 5680 wercplsupport - ok
13:53:51.0065 5680 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:53:51.0069 5680 WerSvc - ok
13:53:51.0145 5680 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:53:51.0147 5680 WfpLwf - ok
13:53:51.0167 5680 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:53:51.0169 5680 WIMMount - ok
13:53:51.0193 5680 WinDefend - ok
13:53:51.0205 5680 WinHttpAutoProxySvc - ok
13:53:51.0259 5680 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:53:51.0265 5680 Winmgmt - ok
13:53:51.0384 5680 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:53:51.0412 5680 WinRM - ok
13:53:51.0562 5680 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:53:51.0586 5680 Wlansvc - ok
13:53:51.0753 5680 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:53:51.0778 5680 wlidsvc - ok
13:53:51.0908 5680 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:53:51.0910 5680 WmiAcpi - ok
13:53:51.0968 5680 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:53:51.0974 5680 wmiApSrv - ok
13:53:52.0034 5680 WMPNetworkSvc - ok
13:53:52.0071 5680 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:53:52.0077 5680 WPCSvc - ok
13:53:52.0115 5680 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:53:52.0122 5680 WPDBusEnum - ok
13:53:52.0162 5680 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:53:52.0165 5680 ws2ifsl - ok
13:53:52.0188 5680 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:53:52.0195 5680 wscsvc - ok
13:53:52.0204 5680 WSearch - ok
13:53:52.0308 5680 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:53:52.0337 5680 wuauserv - ok
13:53:52.0470 5680 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:53:52.0474 5680 WudfPf - ok
13:53:52.0507 5680 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:53:52.0511 5680 WUDFRd - ok
13:53:52.0551 5680 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:53:52.0558 5680 wudfsvc - ok
13:53:52.0596 5680 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:53:52.0605 5680 WwanSvc - ok
13:53:52.0651 5680 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
13:53:52.0656 5680 yukonw7 - ok
13:53:52.0700 5680 MBR (0x1B8) (5cc30a452671cf244989190fee7b1a69) \Device\Harddisk0\DR0
13:53:52.0916 5680 \Device\Harddisk0\DR0 - ok
13:53:52.0924 5680 Boot (0x1200) (7a885a08cd0b9a9b81e3d80abcec1df3) \Device\Harddisk0\DR0\Partition0
13:53:52.0927 5680 \Device\Harddisk0\DR0\Partition0 - ok
13:53:52.0967 5680 Boot (0x1200) (0a4aa723f3e7fe1aab664ddf410890b6) \Device\Harddisk0\DR0\Partition1
13:53:52.0969 5680 \Device\Harddisk0\DR0\Partition1 - ok
13:53:52.0999 5680 Boot (0x1200) (d3b41d37cbc361e1716cdf7c9d211be7) \Device\Harddisk0\DR0\Partition2
13:53:53.0001 5680 \Device\Harddisk0\DR0\Partition2 - ok
13:53:53.0019 5680 Boot (0x1200) (31d0373c36939d52f9859506824a1249) \Device\Harddisk0\DR0\Partition3
13:53:53.0021 5680 \Device\Harddisk0\DR0\Partition3 - ok
13:53:53.0022 5680 ============================================================
13:53:53.0022 5680 Scan finished
13:53:53.0023 5680 ============================================================
13:53:53.0039 1280 Detected object count: 0
13:53:53.0039 1280 Actual detected object count: 0

#4 LowerRightCorner

LowerRightCorner
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 01:22 PM

swMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-12 14:00:17
-----------------------------
14:00:17.429 OS Version: Windows x64 6.1.7601 Service Pack 1
14:00:17.429 Number of processors: 2 586 0x603
14:00:17.430 ComputerName: VIN2011-HP UserName: VIN2011
14:00:18.129 Initialize success
14:00:28.470 AVAST engine defs: 12081200
14:00:58.114 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000059
14:00:58.116 Disk 0 Vendor: SAMSUNG_ 2AJ1 Size: 305245MB BusType: 11
14:00:58.136 Disk 0 MBR read successfully
14:00:58.138 Disk 0 MBR scan
14:00:58.243 Disk 0 unknown MBR code
14:00:58.266 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
14:00:58.292 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 287179 MB offset 409600
14:00:58.335 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17762 MB offset 588552192
14:00:58.355 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 624928768
14:00:58.436 Disk 0 scanning C:\Windows\system32\drivers
14:01:28.095 Service scanning
14:02:18.967 Modules scanning
14:02:18.976 Disk 0 trace - called modules:
14:02:18.998 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
14:02:19.004 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80031e63d0]
14:02:19.010 3 CLASSPNP.SYS[fffff8800198543f] -> nt!IofCallDriver -> [0xfffffa8003185770]
14:02:19.016 5 amdxata.sys[fffff8800115d7a8] -> nt!IofCallDriver -> \Device\00000059[0xfffffa8003182060]
14:02:19.620 AVAST engine scan C:\Windows
14:02:34.520 AVAST engine scan C:\Windows\system32
14:09:08.832 AVAST engine scan C:\Windows\system32\drivers
14:09:30.268 AVAST engine scan C:\Users\VIN2011
14:14:33.512 AVAST engine scan C:\ProgramData
14:16:30.584 Scan finished successfully
14:21:01.311 Disk 0 MBR has been saved successfully to "C:\Users\VIN2011\Downloads\MBR.dat"
14:21:01.531 The log file has been saved successfully to "C:\Users\VIN2011\Downloads\aswMBR-log 08122012.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:27 AM

Posted 12 August 2012 - 01:41 PM

After ESET scan completes ,run these scans too and post the logs

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

Rogue killer

right click on it and select run as administrator

Now,click on HOSTS FIX option on right side

A log should get generated after the fix ,post the log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 LowerRightCorner

LowerRightCorner
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 05:12 PM

ESET SCAN RESULT

C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEIPlug.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\2pEZSETP.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Program Files (x86)\CouponAlert_2pEI\Installr\1.bin\NP2pEISb.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Users\VIN2011\AppData\Local\Temp\ICReinstall\cnet2_rootalyz-0_3_4_47_zip (1).exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\VIN2011\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\7c88068a-7f10f1ca Java/Agent.BV trojan deleted - quarantined
C:\Users\VIN2011\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\35bb4b9c-2c2b7cf9 Java/TrojanDownloader.OpenStream.NCE trojan deleted - quarantined
C:\Users\VIN2011\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\38e63bec-69939724 Java/Agent.BV trojan deleted - quarantined
C:\Users\VIN2011\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55\5d844c37-6c6bed24 Java/TrojanDownloader.OpenStream.NCE trojan deleted - quarantined
C:\Users\VIN2011\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\5ad4b738-3a574b7d Java/Agent.BV trojan deleted - quarantined
C:\Users\VIN2011\Documents\VIN2008-DELL\Backup Set 2012-07-01 095723\Backup Files 2012-07-01 095723\Backup files 14.zip multiple threats deleted - quarantined
C:\Users\VIN2011\Downloads\cnet2_rootalyz-0_3_4_47_zip (1).exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Users\VIN2011\Downloads\cnet2_rootalyz-0_3_4_47_zip.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined

#7 LowerRightCorner

LowerRightCorner
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 06:17 PM

I got a clean scan as indicated below. I still see the pop up ..Going to reboot and rescan as you mentioned and follow rest of the instructions


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
VIN2011 :: VIN2011-HP [administrator]

8/12/2012 6:17:23 PM
mbam-log-2012-08-12 (18-17-23).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 389165
Time elapsed: 53 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:27 AM

Posted 12 August 2012 - 09:44 PM

Please go ahead with other scans :thumbup2:

#9 LowerRightCorner

LowerRightCorner
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 10:55 PM

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: VIN2011 [Admin rights]
Mode: HOSTSFix -- Date: 08/12/2012 23:53:47

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
::1 localhost
69.10.57.36 www.google-analytics.com.
69.10.57.36 ad-emea.doubleclick.net.
69.10.57.36 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.


¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

#10 LowerRightCorner

LowerRightCorner
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 11:05 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by VIN2011 (administrator) on 12-08-2012 at 23:59:26
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : VIN2011-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
Physical Address. . . . . . . . . : 5C-AC-4C-48-DD-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::493d:b980:fcd4:3a54%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, August 12, 2012 11:38:07 PM
Lease Expires . . . . . . . . . . : Monday, August 13, 2012 11:38:07 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 324840524
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-54-57-CC-64-31-50-5C-F3-09
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.fl.comcast.net.
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 64-31-50-5C-F3-09
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{430B675E-CA2A-4BC2-92CD-547A7EF711A4}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:cb7:31b:9d18:9327(Preferred)
Link-local IPv6 Address . . . . . : fe80::cb7:31b:9d18:9327%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.hsd1.fl.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2001:4860:800a::8a
74.125.137.100
74.125.137.113
74.125.137.139
74.125.137.102
74.125.137.138
74.125.137.101


Pinging google.com [173.194.37.64] with 32 bytes of data:
Reply from 173.194.37.64: bytes=32 time=57ms TTL=53
Reply from 173.194.37.64: bytes=32 time=38ms TTL=53

Ping statistics for 173.194.37.64:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 38ms, Maximum = 57ms, Average = 47ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [209.191.122.70] with 32 bytes of data:
Reply from 209.191.122.70: bytes=32 time=89ms TTL=49
Reply from 209.191.122.70: bytes=32 time=47ms TTL=49

Ping statistics for 209.191.122.70:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 47ms, Maximum = 89ms, Average = 68ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...5c ac 4c 48 dd 15 ......Atheros AR9285 802.11b/g/n WiFi Adapter
10...64 31 50 5c f3 09 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:953c:cb7:31b:9d18:9327/128
On-link
12 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::cb7:31b:9d18:9327/128
On-link
12 281 fe80::493d:b980:fcd4:3a54/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/12/2012 08:42:17 PM) (Source: Application Hang) (User: )
Description: The program HPSF.exe version 5.0.13.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 14e0

Start Time: 01cd78ec5617d745

Termination Time: 172

Application Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

Report Id: b1677eaa-e4df-11e1-bc72-6431505cf309

Error: (08/12/2012 07:54:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/12/2012 07:22:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: hpqwmiex.exe, version: 4.0.39.1, time stamp: 0x4c24f856
Faulting module name: OLEAUT32.dll, version: 6.1.7601.17676, time stamp: 0x4e58702a
Exception code: 0xc0000005
Fault offset: 0x00004660
Faulting process id: 0xe5c
Faulting application start time: 0xhpqwmiex.exe0
Faulting application path: hpqwmiex.exe1
Faulting module path: hpqwmiex.exe2
Report Id: hpqwmiex.exe3

Error: (08/12/2012 07:22:16 PM) (Source: Application Error) (User: )
Description: Faulting application name: HPWMISVC.exe, version: 2.0.14.0, time stamp: 0x4c175e63
Faulting module name: OLEAUT32.dll, version: 6.1.7601.17676, time stamp: 0x4e58702a
Exception code: 0xc0000005
Fault offset: 0x00004660
Faulting process id: 0x744
Faulting application start time: 0xHPWMISVC.exe0
Faulting application path: HPWMISVC.exe1
Faulting module path: HPWMISVC.exe2
Report Id: HPWMISVC.exe3

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (08/12/2012 07:21:18 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2012 07:21:18 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (08/12/2012 07:23:02 PM) (Source: DCOM) (User: )
Description: {F5539356-2F02-40D4-999E-FA61F45FE12E}

Error: (08/12/2012 07:22:48 PM) (Source: Service Control Manager) (User: )
Description: The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).

Error: (08/12/2012 07:22:47 PM) (Source: Service Control Manager) (User: )
Description: The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).

Error: (08/12/2012 07:22:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

Error: (08/12/2012 07:21:52 PM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (08/12/2012 07:21:22 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/12/2012 07:21:22 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.

Error: (08/12/2012 05:48:27 PM) (Source: Service Control Manager) (User: )
Description: The WD File Management Engine service terminated unexpectedly. It has done this 1 time(s).

Error: (08/11/2012 11:10:16 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/11/2012 11:10:16 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


Microsoft Office Sessions:
=========================
Error: (08/12/2012 08:42:17 PM) (Source: Application Hang)(User: )
Description: HPSF.exe5.0.13.214e001cd78ec5617d745172C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exeb1677eaa-e4df-11e1-bc72-6431505cf309

Error: (08/12/2012 07:54:01 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\VIN2011\Downloads\esetsmartinstaller_enu (1).exe

Error: (08/12/2012 07:22:38 PM) (Source: Application Error)(User: )
Description: hpqwmiex.exe4.0.39.14c24f856OLEAUT32.dll6.1.7601.176764e58702ac000000500004660e5c01cd78e156e0e33cC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\syswow64\OLEAUT32.dll9984ed23-e4d4-11e1-bc72-6431505cf309

Error: (08/12/2012 07:22:16 PM) (Source: Application Error)(User: )
Description: HPWMISVC.exe2.0.14.04c175e63OLEAUT32.dll6.1.7601.176764e58702ac00000050000466074401cd78e1279775f0C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Windows\syswow64\OLEAUT32.dll8d521e3f-e4d4-11e1-bc72-6431505cf309

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (08/12/2012 07:21:21 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (08/12/2012 07:21:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (08/12/2012 07:21:18 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.3)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Reader 9.5.1 MUI (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Akamai NetSession Interface
AMD USB Filter Driver (Version: 1.0.15.94)
Atheros Driver Installation Program (Version: 9.2)
ATI Catalyst Install Manager (Version: 3.0.765.0)
BlackBerry Desktop Software 6.0.2 (Version: 6.0.2.44)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full Existing (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full New (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Light (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Common (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0617.855.14122)
Catalyst Control Center InstallProxy (Version: 2010.0617.855.14122)
Catalyst Control Center Localization All (Version: 2010.0617.855.14122)
ccc-core-static (Version: 2010.0617.855.14122)
ccc-utility64 (Version: 2010.0617.855.14122)
CCC Help Chinese Standard (Version: 2010.0617.0854.14122)
CCC Help Chinese Traditional (Version: 2010.0617.0854.14122)
CCC Help Czech (Version: 2010.0617.0854.14122)
CCC Help Danish (Version: 2010.0617.0854.14122)
CCC Help Dutch (Version: 2010.0617.0854.14122)
CCC Help English (Version: 2010.0617.0854.14122)
CCC Help Finnish (Version: 2010.0617.0854.14122)
CCC Help French (Version: 2010.0617.0854.14122)
CCC Help German (Version: 2010.0617.0854.14122)
CCC Help Greek (Version: 2010.0617.0854.14122)
CCC Help Hungarian (Version: 2010.0617.0854.14122)
CCC Help Italian (Version: 2010.0617.0854.14122)
CCC Help Japanese (Version: 2010.0617.0854.14122)
CCC Help Korean (Version: 2010.0617.0854.14122)
CCC Help Norwegian (Version: 2010.0617.0854.14122)
CCC Help Polish (Version: 2010.0617.0854.14122)
CCC Help Portuguese (Version: 2010.0617.0854.14122)
CCC Help Russian (Version: 2010.0617.0854.14122)
CCC Help Spanish (Version: 2010.0617.0854.14122)
CCC Help Swedish (Version: 2010.0617.0854.14122)
CCC Help Thai (Version: 2010.0617.0854.14122)
CCC Help Turkish (Version: 2010.0617.0854.14122)
CCleaner (Version: 3.21)
CinemaNow Media Manager (Version: 1.9.1.105)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Coupon Printer for Windows (Version: 5.0.0.1)
CyberLink DVD Suite (Version: 7.0.3003)
CyberLink MediaShow (Version: 5.0.1616)
CyberLink PowerDVD 9 (Version: 9.0.1.4217)
CyberLink YouCam (Version: 3.0.2511)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dropbox (Version: 1.4.9)
Energy Star Digital Logo (Version: 1.0.1)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Google Chrome (Version: 21.0.1180.75)
Google Earth (Version: 6.1.0.5001)
Google Talk (remove only)
Google Talk Plugin (Version: 3.4.2.8800)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
HiJackThis (Version: 1.0.0)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Deskjet 3050A J611 series Basic Device Software (Version: 25.0.571.0)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2)
HP Deskjet 3050A J611 series Product Improvement Study (Version: 25.0.571.0)
HP Documentation (Version: 1.1.1.0)
HP MediaSmart CinemaNow 2.0 (Version: 2.0)
HP Photo Creations (Version: 1.0.0.3611)
HP Power Manager (Version: 1.0.3)
HP Quick Launch (Version: 2.1.5)
HP Setup (Version: 8.1.4186.3400)
HP Support Assistant (Version: 5.0.13.2)
HP Wireless Assistant (Version: 4.0.9.0)
HPAsset component for HP Active Support Library (Version: 3.0.0.7)
Investigations LogoPaths
iSEEK AnswerWorks English Runtime (Version: 010.000.0101)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 14.0.8117.416)
LabelPrint (Version: 2.5.2907)
LightScribe System Software (Version: 1.18.15.1)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Online Backup (Version: 2.1.17869)
OpenOffice.org 3.3 (Version: 3.3.9567)
PhotoNow! (Version: 1.1.6904)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
Quicken 2012 (Version: 21.1.4.22)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6122)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30120)
Recovery Manager (Version: 5.5.3023)
RegAlyzer (Version: 1.6.2.16)
Roxio CinemaNow 2.0 (Version: 1.0.278)
RtVOsd (Version: 1.0.3)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.18.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
WD SmartWare (Version: 1.3.0.16)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
YouTube Downloader 3.5

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 2810.9 MB
Available physical RAM: 1370.95 MB
Total Pagefile: 5620 MB
Available Pagefile: 3589.54 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.07 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:280.45 GB) (Free:72.66 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:17.35 GB) (Free:2.51 GB) NTFS

========================= Users: ========================================

User accounts for \\VIN2011-HP

Administrator Guest VIN2011


**** End of log ****

#11 LowerRightCorner

LowerRightCorner
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:27 AM

Posted 12 August 2012 - 11:14 PM

# AdwCleaner v1.800 - Logfile created 08/13/2012 at 00:06:54
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : VIN2011 - VIN2011-HP
# Running from : C:\Users\VIN2011\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Crawler
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.75

File : C:\Users\VIN2011\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",

*************************

AdwCleaner[S1].txt - [3057 octets] - [13/08/2012 00:06:54]

########## EOF - C:\AdwCleaner[S1].txt - [3185 octets] ##########

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:27 AM

Posted 12 August 2012 - 11:32 PM

FSS log?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users