Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan gen 2 and zero access B Virus Tring to Attack


  • Please log in to reply
36 replies to this topic

#1 christinaann7

christinaann7

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 13 August 2012 - 08:10 PM

Please help. I am constantly getting pop ups from Norton auto protect saying they are blocking virus Trojen Gen 2 and Zero B Access. My websites also keep getin redirected. When I checked the performance on Norton it said that There were over 500 attacks just today alone and this has been going on for 5 days. Please help me fix this, I'm not sure what else to do.

Below is what it keeps saying. Is my computer already infected with these viruses? I get hundreds of these.



Category: Resolved Security Risks
Date & Time,Risk,Activity,Status,Recommended Action,Path - Filename
2012-08-13 20:15:43,High,000000cb.@ (Trojan.Gen.2) detected by Auto-Protect,Blocked,Resolved - No Action Required,
2012-08-13 20:11:25,High,80000000.@ (Trojan.Zeroaccess.B ) detected by Auto-Protect,Blocked,Resolved - No Action Required
2012-08-13 8:22:14,High,80000064.@ (Trojan.Zeroaccess.C) detected by Auto-Protect,Blocked,Resolved - No Action Required


2012-08-13 7:43:50,High,00000004.@ (Trojan.Gen.2) detected by Auto-Protect,Blocked,Resolved - No Action Required

Edited by christinaann7, 13 August 2012 - 08:29 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:30 PM

Posted 13 August 2012 - 09:02 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 13 August 2012 - 09:33 PM

21:25:38.0919 13900 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
21:25:39.0422 13900 ============================================================
21:25:39.0422 13900 Current date / time: 2012/08/13 21:25:39.0422
21:25:39.0422 13900 SystemInfo:
21:25:39.0422 13900
21:25:39.0422 13900 OS Version: 6.0.6002 ServicePack: 2.0
21:25:39.0422 13900 Product type: Workstation
21:25:39.0422 13900 ComputerName: 1-PC
21:25:39.0423 13900 UserName: 1
21:25:39.0423 13900 Windows directory: C:\Windows
21:25:39.0423 13900 System windows directory: C:\Windows
21:25:39.0423 13900 Running under WOW64
21:25:39.0423 13900 Processor architecture: Intel x64
21:25:39.0423 13900 Number of processors: 2
21:25:39.0423 13900 Page size: 0x1000
21:25:39.0423 13900 Boot type: Normal boot
21:25:39.0423 13900 ============================================================
21:25:40.0103 13900 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:25:40.0114 13900 ============================================================
21:25:40.0114 13900 \Device\Harddisk0\DR0:
21:25:40.0115 13900 MBR partitions:
21:25:40.0115 13900 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23B3BFC1
21:25:40.0115 13900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23B3C000, BlocksNum 0x18F1000
21:25:40.0115 13900 ============================================================
21:25:40.0128 13900 C: <-> \Device\Harddisk0\DR0\Partition0
21:25:40.0190 13900 D: <-> \Device\Harddisk0\DR0\Partition1
21:25:40.0190 13900 ============================================================
21:25:40.0191 13900 Initialize success
21:25:40.0191 13900 ============================================================
21:26:11.0708 12636 ============================================================
21:26:11.0708 12636 Scan started
21:26:11.0708 12636 Mode: Manual; TDLFS;
21:26:11.0708 12636 ============================================================
21:26:17.0529 12636 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys
21:26:17.0533 12636 Accelerometer - ok
21:26:17.0596 12636 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
21:26:17.0602 12636 ACPI - ok
21:26:17.0746 12636 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:26:17.0750 12636 AdobeFlashPlayerUpdateSvc - ok
21:26:17.0833 12636 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
21:26:17.0860 12636 adp94xx - ok
21:26:17.0925 12636 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
21:26:17.0967 12636 adpahci - ok
21:26:17.0999 12636 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
21:26:18.0005 12636 adpu160m - ok
21:26:18.0055 12636 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
21:26:18.0069 12636 adpu320 - ok
21:26:18.0120 12636 AeLookupSvc (0f421175574bfe0bf2f4d8e910a253bb) C:\Windows\System32\aelupsvc.dll
21:26:18.0121 12636 AeLookupSvc - ok
21:26:18.0222 12636 AESTFilters (7f66523a27754afcfecae2f5eb643a4a) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
21:26:18.0225 12636 AESTFilters - ok
21:26:18.0338 12636 AFD (c4f6ce6087760ad70960c9eb130e7943) C:\Windows\system32\drivers\afd.sys
21:26:18.0379 12636 AFD - ok
21:26:18.0455 12636 AgereModemAudio (8b0d8b5bafd4c9d57b41426bc68b32f9) C:\Windows\system32\agr64svc.exe
21:26:18.0458 12636 AgereModemAudio - ok
21:26:18.0618 12636 AgereSoftModem (3627a62b10284ffbf862bfd49928edf4) C:\Windows\system32\DRIVERS\agrsm64.sys
21:26:18.0665 12636 AgereSoftModem - ok
21:26:18.0713 12636 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
21:26:18.0721 12636 agp440 - ok
21:26:18.0755 12636 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
21:26:18.0758 12636 aic78xx - ok
21:26:18.0785 12636 ALG (5922f4f59b7868f3d74bbbbeb7b825a3) C:\Windows\System32\alg.exe
21:26:18.0788 12636 ALG - ok
21:26:18.0828 12636 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
21:26:18.0830 12636 aliide - ok
21:26:18.0837 12636 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
21:26:18.0839 12636 amdide - ok
21:26:18.0884 12636 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
21:26:18.0888 12636 AmdK8 - ok
21:26:18.0991 12636 Appinfo (9c37b3fd5615477cb9a0cd116cf43f5c) C:\Windows\System32\appinfo.dll
21:26:18.0993 12636 Appinfo - ok
21:26:19.0108 12636 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:26:19.0111 12636 Apple Mobile Device - ok
21:26:19.0132 12636 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
21:26:19.0136 12636 arc - ok
21:26:19.0169 12636 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
21:26:19.0173 12636 arcsas - ok
21:26:19.0211 12636 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
21:26:19.0214 12636 AsyncMac - ok
21:26:19.0241 12636 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
21:26:19.0244 12636 atapi - ok
21:26:19.0326 12636 AudioEndpointBuilder (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
21:26:19.0333 12636 AudioEndpointBuilder - ok
21:26:19.0342 12636 AudioSrv (79318c744693ec983d20e9337a2f8196) C:\Windows\System32\Audiosrv.dll
21:26:19.0347 12636 AudioSrv - ok
21:26:19.0505 12636 BCM43XX (a4815907b039121d8d9221695cdc35f7) C:\Windows\system32\DRIVERS\bcmwl664.sys
21:26:19.0610 12636 BCM43XX - ok
21:26:19.0847 12636 BHDrvx64 (c8ab71a5102d0fc103f6dfc750005137) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Definitions\BASHDefs\20120804.001\BHDrvx64.sys
21:26:19.0896 12636 BHDrvx64 - ok
21:26:20.0124 12636 BITS (6d316f4859634071cc25c4fd4589ad2c) C:\Windows\System32\qmgr.dll
21:26:20.0156 12636 BITS - ok
21:26:20.0200 12636 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
21:26:20.0204 12636 blbdrive - ok
21:26:20.0315 12636 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
21:26:20.0324 12636 Bonjour Service - ok
21:26:20.0376 12636 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
21:26:20.0379 12636 bowser - ok
21:26:20.0440 12636 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
21:26:20.0443 12636 BrFiltLo - ok
21:26:20.0457 12636 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
21:26:20.0460 12636 BrFiltUp - ok
21:26:20.0507 12636 Browser (a1b39de453433b115b4ea69ee0343816) C:\Windows\System32\browser.dll
21:26:20.0509 12636 Browser - ok
21:26:20.0585 12636 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
21:26:20.0589 12636 Brserid - ok
21:26:20.0611 12636 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
21:26:20.0613 12636 BrSerWdm - ok
21:26:20.0640 12636 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
21:26:20.0642 12636 BrUsbMdm - ok
21:26:20.0663 12636 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
21:26:20.0666 12636 BrUsbSer - ok
21:26:20.0716 12636 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
21:26:20.0720 12636 BTHMODEM - ok
21:26:20.0838 12636 ccSet_NAV (0e1737a63aec0f6de231bb59836c0a11) C:\Windows\system32\drivers\NAVx64\1307010.005\ccSetx64.sys
21:26:20.0853 12636 ccSet_NAV - ok
21:26:20.0896 12636 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
21:26:20.0897 12636 cdfs - ok
21:26:20.0955 12636 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
21:26:20.0959 12636 cdrom - ok
21:26:20.0997 12636 CertPropSvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
21:26:21.0000 12636 CertPropSvc - ok
21:26:21.0028 12636 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
21:26:21.0030 12636 circlass - ok
21:26:21.0074 12636 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
21:26:21.0104 12636 CLFS - ok
21:26:21.0181 12636 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:26:21.0185 12636 clr_optimization_v2.0.50727_32 - ok
21:26:21.0248 12636 clr_optimization_v2.0.50727_64 (ce07a466201096f021cd09d631b21540) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:26:21.0253 12636 clr_optimization_v2.0.50727_64 - ok
21:26:21.0340 12636 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:26:21.0343 12636 clr_optimization_v4.0.30319_32 - ok
21:26:21.0398 12636 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:26:21.0401 12636 clr_optimization_v4.0.30319_64 - ok
21:26:21.0463 12636 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
21:26:21.0465 12636 CmBatt - ok
21:26:21.0499 12636 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
21:26:21.0501 12636 cmdide - ok
21:26:21.0646 12636 Com4QLBEx (7795f8cebc284a426b53f541e538695f) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:26:21.0650 12636 Com4QLBEx - ok
21:26:21.0699 12636 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
21:26:21.0702 12636 Compbatt - ok
21:26:21.0707 12636 COMSysApp - ok
21:26:21.0722 12636 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
21:26:21.0724 12636 crcdisk - ok
21:26:21.0804 12636 CryptSvc (62740b9d2a137e8ced41a9e4239a7a31) C:\Windows\system32\cryptsvc.dll
21:26:21.0807 12636 CryptSvc - ok
21:26:21.0884 12636 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
21:26:21.0888 12636 ctxusbm - ok
21:26:21.0992 12636 DcomLaunch (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
21:26:22.0005 12636 DcomLaunch - ok
21:26:22.0046 12636 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
21:26:22.0049 12636 DfsC - ok
21:26:22.0307 12636 DFSR (c647f468f7de343df8c143655c5557d4) C:\Windows\system32\DFSR.exe
21:26:22.0419 12636 DFSR - ok
21:26:22.0592 12636 Dhcp (3ed0321127ce70acdaabbf77e157c2a7) C:\Windows\System32\dhcpcsvc.dll
21:26:22.0597 12636 Dhcp - ok
21:26:22.0668 12636 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
21:26:22.0671 12636 disk - ok
21:26:22.0736 12636 Dnscache (06230f1b721494a6df8d47fd395bb1b0) C:\Windows\System32\dnsrslvr.dll
21:26:22.0738 12636 Dnscache - ok
21:26:22.0779 12636 dot3svc (1a7156dd1e850e9914e5e991e3225b94) C:\Windows\System32\dot3svc.dll
21:26:22.0784 12636 dot3svc - ok
21:26:22.0853 12636 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
21:26:22.0868 12636 Dot4 - ok
21:26:22.0947 12636 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
21:26:22.0950 12636 Dot4Print - ok
21:26:22.0985 12636 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
21:26:22.0988 12636 dot4usb - ok
21:26:23.0052 12636 DPS (1583b39790db3eaec7edb0cb0140c708) C:\Windows\system32\dps.dll
21:26:23.0055 12636 DPS - ok
21:26:23.0104 12636 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
21:26:23.0107 12636 drmkaud - ok
21:26:23.0211 12636 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
21:26:23.0302 12636 DXGKrnl - ok
21:26:23.0385 12636 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
21:26:23.0399 12636 E1G60 - ok
21:26:23.0444 12636 EapHost (c2303883fd9be49dc36a6400643002ea) C:\Windows\System32\eapsvc.dll
21:26:23.0447 12636 EapHost - ok
21:26:23.0502 12636 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
21:26:23.0538 12636 Ecache - ok
21:26:23.0692 12636 eeCtrl (4353ff94d47a0a9d52b89eccf0cdb013) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:26:23.0730 12636 eeCtrl - ok
21:26:23.0828 12636 ehRecvr (14ce384d2e27b64c256bda4dc39c312d) C:\Windows\ehome\ehRecvr.exe
21:26:23.0889 12636 ehRecvr - ok
21:26:23.0933 12636 ehSched (b93159c1313d66fdfbbe876f5189cd52) C:\Windows\ehome\ehsched.exe
21:26:23.0948 12636 ehSched - ok
21:26:23.0977 12636 ehstart (f5ee2527d74449868e3c3227a59bcd28) C:\Windows\ehome\ehstart.dll
21:26:23.0979 12636 ehstart - ok
21:26:24.0031 12636 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
21:26:24.0039 12636 elxstor - ok
21:26:24.0114 12636 EMDMgmt (a9b18b63a4fd6baab83326706d857fab) C:\Windows\system32\emdmgmt.dll
21:26:24.0119 12636 EMDMgmt - ok
21:26:24.0170 12636 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys
21:26:24.0172 12636 enecir - ok
21:26:24.0321 12636 EraserUtilRebootDrv (c5bccb378d0a896304a3e71be7215983) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
21:26:24.0348 12636 EraserUtilRebootDrv - ok
21:26:24.0375 12636 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
21:26:24.0378 12636 ErrDev - ok
21:26:24.0501 12636 EventSystem (e12f22b73f153dece721cd45ec05b4af) C:\Windows\system32\es.dll
21:26:24.0507 12636 EventSystem - ok
21:26:24.0589 12636 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
21:26:24.0603 12636 exfat - ok
21:26:24.0648 12636 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
21:26:24.0652 12636 fastfat - ok
21:26:24.0691 12636 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
21:26:24.0694 12636 fdc - ok
21:26:24.0724 12636 fdPHost (bb9267acacd8b7533dd936c34a0cba5e) C:\Windows\system32\fdPHost.dll
21:26:24.0726 12636 fdPHost - ok
21:26:24.0743 12636 FDResPub (300c80931eabbe1db7591c516efe8d0f) C:\Windows\system32\fdrespub.dll
21:26:24.0745 12636 FDResPub - ok
21:26:24.0778 12636 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
21:26:24.0781 12636 FileInfo - ok
21:26:24.0805 12636 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
21:26:24.0808 12636 Filetrace - ok
21:26:24.0864 12636 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
21:26:24.0867 12636 flpydisk - ok
21:26:24.0914 12636 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
21:26:24.0919 12636 FltMgr - ok
21:26:25.0459 12636 FontCache (be1c5bd1ca7ed015bc6fa1ae67e592c8) C:\Windows\system32\FntCache.dll
21:26:25.0502 12636 FontCache - ok
21:26:25.0604 12636 FontCache3.0.0.0 (bc5b0be5af3510b0fd8c140ee42c6d3e) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:26:25.0606 12636 FontCache3.0.0.0 - ok
21:26:25.0651 12636 Fs_Rec (5779b86cd8b32519fbecb136394d946a) C:\Windows\system32\drivers\Fs_Rec.sys
21:26:25.0653 12636 Fs_Rec - ok
21:26:25.0676 12636 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
21:26:25.0680 12636 gagp30kx - ok
21:26:25.0864 12636 GameConsoleService (23a13fce5480e0637b7514961b8cfe14) C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
21:26:25.0876 12636 GameConsoleService - ok
21:26:25.0926 12636 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:26:25.0929 12636 GEARAspiWDM - ok
21:26:26.0062 12636 gpsvc (a0e1b575ba8f504968cd40c0faeb2384) C:\Windows\System32\gpsvc.dll
21:26:26.0075 12636 gpsvc - ok
21:26:26.0248 12636 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:26:26.0251 12636 gupdate - ok
21:26:26.0257 12636 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:26:26.0259 12636 gupdatem - ok
21:26:26.0316 12636 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:26:26.0318 12636 gusvc - ok
21:26:26.0384 12636 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
21:26:26.0393 12636 HdAudAddService - ok
21:26:26.0640 12636 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:26:26.0674 12636 HDAudBus - ok
21:26:26.0698 12636 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
21:26:26.0701 12636 HidBth - ok
21:26:26.0732 12636 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
21:26:26.0734 12636 HidIr - ok
21:26:26.0763 12636 hidserv (59361d38a297755d46a540e450202b2a) C:\Windows\system32\hidserv.dll
21:26:26.0765 12636 hidserv - ok
21:26:26.0834 12636 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
21:26:26.0837 12636 HidUsb - ok
21:26:26.0881 12636 hkmsvc (b12f367ea39c0795fd57e31242ce1a5a) C:\Windows\system32\kmsvc.dll
21:26:26.0885 12636 hkmsvc - ok
21:26:27.0031 12636 HP Health Check Service (a19b0bb5a7eb6df2dd4a0711d36955ee) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
21:26:27.0034 12636 HP Health Check Service - ok
21:26:27.0133 12636 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
21:26:27.0136 12636 HpCISSs - ok
21:26:27.0151 12636 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys
21:26:27.0154 12636 hpdskflt - ok
21:26:27.0290 12636 hpqcxs08 (5da42d24712e00728cea2342a65009b2) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:26:27.0293 12636 hpqcxs08 - ok
21:26:27.0332 12636 hpqddsvc (d86a39bf100069444d026d22d9a6e555) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:26:27.0335 12636 hpqddsvc - ok
21:26:27.0369 12636 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:26:27.0371 12636 HpqKbFiltr - ok
21:26:27.0434 12636 hpqwmiex (1665c7121a026df10c903db9bc5e9d43) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:26:27.0436 12636 hpqwmiex - ok
21:26:27.0616 12636 HPSLPSVC (d4f91cf4de215d6f14a06087d46725e4) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:26:27.0660 12636 HPSLPSVC - ok
21:26:27.0754 12636 hpsrv (6bf024ea61d7894bf4af0b10a90b546e) C:\Windows\system32\Hpservice.exe
21:26:27.0757 12636 hpsrv - ok
21:26:27.0840 12636 HTCAND64 (894a75a3d6bfd97d73bf60d3022b567a) C:\Windows\system32\Drivers\ANDROIDUSB.sys
21:26:27.0843 12636 HTCAND64 - ok
21:26:27.0912 12636 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
21:26:27.0955 12636 HTTP - ok
21:26:28.0001 12636 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
21:26:28.0008 12636 i2omp - ok
21:26:28.0051 12636 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
21:26:28.0055 12636 i8042prt - ok
21:26:28.0196 12636 IAANTMON (cb686f44bf955ea02520710a56874fa4) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:26:28.0203 12636 IAANTMON - ok
21:26:28.0268 12636 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
21:26:28.0272 12636 iaStor - ok
21:26:28.0330 12636 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
21:26:28.0340 12636 iaStorV - ok
21:26:28.0445 12636 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:26:28.0450 12636 IDriverT - ok
21:26:28.0595 12636 idsvc (749f5f8cedca70f2a512945325fc489d) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:26:28.0765 12636 idsvc - ok
21:26:28.0969 12636 IDSVia64 (ce0bf35c79e03bb89da6b14fac838605) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Definitions\IPSDefs\20120810.001\IDSvia64.sys
21:26:29.0027 12636 IDSVia64 - ok
21:26:30.0329 12636 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:26:30.0618 12636 igfx - ok
21:26:30.0748 12636 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
21:26:30.0751 12636 iirsp - ok
21:26:30.0839 12636 IKEEXT (0c9ea6e654e7b0471741e343a6c671af) C:\Windows\System32\ikeext.dll
21:26:30.0848 12636 IKEEXT - ok
21:26:30.0920 12636 IntcHdmiAddService (dea2ab452b4fa773187369c4b6517320) C:\Windows\system32\drivers\IntcHdmi.sys
21:26:30.0926 12636 IntcHdmiAddService - ok
21:26:30.0992 12636 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
21:26:30.0995 12636 intelide - ok
21:26:31.0014 12636 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
21:26:31.0017 12636 intelppm - ok
21:26:31.0093 12636 IPBusEnum (5624bc1bc5eeb49c0ab76a8114f05ea3) C:\Windows\system32\ipbusenum.dll
21:26:31.0151 12636 IPBusEnum - ok
21:26:31.0283 12636 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:26:31.0286 12636 IpFilterDriver - ok
21:26:31.0293 12636 IpInIp - ok
21:26:31.0351 12636 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
21:26:31.0355 12636 IPMIDRV - ok
21:26:31.0401 12636 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
21:26:31.0406 12636 IPNAT - ok
21:26:31.0650 12636 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
21:26:31.0734 12636 iPod Service - ok
21:26:31.0815 12636 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
21:26:31.0817 12636 IRENUM - ok
21:26:31.0858 12636 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
21:26:31.0861 12636 isapnp - ok
21:26:31.0907 12636 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
21:26:31.0912 12636 iScsiPrt - ok
21:26:31.0932 12636 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
21:26:31.0934 12636 iteatapi - ok
21:26:31.0966 12636 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
21:26:31.0969 12636 iteraid - ok
21:26:32.0007 12636 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
21:26:32.0010 12636 kbdclass - ok
21:26:32.0111 12636 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
21:26:32.0114 12636 kbdhid - ok
21:26:32.0148 12636 KeyIso (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:26:32.0151 12636 KeyIso - ok
21:26:32.0215 12636 KSecDD (88956ad9fa510848ad176777a6c6c1f5) C:\Windows\system32\Drivers\ksecdd.sys
21:26:32.0239 12636 KSecDD - ok
21:26:32.0277 12636 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
21:26:32.0280 12636 ksthunk - ok
21:26:32.0414 12636 KtmRm (1faf6926f3416d3da05c5b265491bdae) C:\Windows\system32\msdtckrm.dll
21:26:32.0424 12636 KtmRm - ok
21:26:32.0476 12636 LanmanServer (50c7a3cb427e9bb5ed0708a669956ab5) C:\Windows\system32\srvsvc.dll
21:26:32.0482 12636 LanmanServer - ok
21:26:32.0537 12636 LanmanWorkstation (caf86fc1388be1e470f1a7b43e348adb) C:\Windows\System32\wkssvc.dll
21:26:32.0543 12636 LanmanWorkstation - ok
21:26:32.0671 12636 LightScribeService (abf90fc5a127f481219b873c1b8dfc1c) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:26:32.0673 12636 LightScribeService - ok
21:26:32.0697 12636 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
21:26:32.0699 12636 lltdio - ok
21:26:32.0756 12636 lltdsvc (961ccbd0b1ccb5675d64976fae37d092) C:\Windows\System32\lltdsvc.dll
21:26:32.0775 12636 lltdsvc - ok
21:26:32.0785 12636 lmhosts (a47f8080cacc23c91fe823ad19aa5612) C:\Windows\System32\lmhsvc.dll
21:26:32.0788 12636 lmhosts - ok
21:26:32.0830 12636 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
21:26:32.0837 12636 LSI_FC - ok
21:26:32.0848 12636 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
21:26:32.0851 12636 LSI_SAS - ok
21:26:32.0866 12636 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
21:26:32.0869 12636 LSI_SCSI - ok
21:26:32.0892 12636 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
21:26:32.0895 12636 luafv - ok
21:26:32.0918 12636 Mcx2Svc (76a58df02bd4ea29f189b82d0bef17f8) C:\Windows\system32\Mcx2Svc.dll
21:26:32.0925 12636 Mcx2Svc - ok
21:26:32.0970 12636 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
21:26:32.0972 12636 megasas - ok
21:26:33.0024 12636 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
21:26:33.0041 12636 MegaSR - ok
21:26:33.0062 12636 MMCSS (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
21:26:33.0066 12636 MMCSS - ok
21:26:33.0081 12636 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
21:26:33.0085 12636 Modem - ok
21:26:33.0126 12636 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
21:26:33.0127 12636 monitor - ok
21:26:33.0145 12636 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
21:26:33.0149 12636 mouclass - ok
21:26:33.0188 12636 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
21:26:33.0191 12636 mouhid - ok
21:26:33.0206 12636 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
21:26:33.0209 12636 MountMgr - ok
21:26:33.0253 12636 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
21:26:33.0257 12636 mpio - ok
21:26:33.0282 12636 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
21:26:33.0285 12636 mpsdrv - ok
21:26:33.0296 12636 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
21:26:33.0299 12636 Mraid35x - ok
21:26:33.0345 12636 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
21:26:33.0361 12636 MRxDAV - ok
21:26:33.0392 12636 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:26:33.0409 12636 mrxsmb - ok
21:26:33.0459 12636 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:26:33.0471 12636 mrxsmb10 - ok
21:26:33.0489 12636 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:26:33.0495 12636 mrxsmb20 - ok
21:26:33.0533 12636 msahci (aa459f2ab3ab603c357ff117cae3d818) C:\Windows\system32\drivers\msahci.sys
21:26:33.0536 12636 msahci - ok
21:26:33.0561 12636 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
21:26:33.0565 12636 msdsm - ok
21:26:33.0596 12636 MSDTC (7ec02ce772f068ed0beafa3da341a9bc) C:\Windows\System32\msdtc.exe
21:26:33.0601 12636 MSDTC - ok
21:26:33.0644 12636 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
21:26:33.0646 12636 Msfs - ok
21:26:33.0682 12636 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
21:26:33.0684 12636 msisadrv - ok
21:26:33.0715 12636 MSiSCSI (366b0c1f4478b519c181e37d43dcda32) C:\Windows\system32\iscsiexe.dll
21:26:33.0731 12636 MSiSCSI - ok
21:26:33.0737 12636 msiserver - ok
21:26:33.0792 12636 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
21:26:33.0795 12636 MSKSSRV - ok
21:26:33.0815 12636 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
21:26:33.0817 12636 MSPCLOCK - ok
21:26:33.0854 12636 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
21:26:33.0857 12636 MSPQM - ok
21:26:33.0895 12636 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
21:26:33.0905 12636 MsRPC - ok
21:26:33.0945 12636 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
21:26:33.0947 12636 mssmbios - ok
21:26:33.0976 12636 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
21:26:33.0979 12636 MSTEE - ok
21:26:34.0004 12636 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
21:26:34.0006 12636 Mup - ok
21:26:34.0097 12636 napagent (a5b10c845e7538c60c0f5d87a57cb3f5) C:\Windows\system32\qagentRT.dll
21:26:34.0107 12636 napagent - ok
21:26:34.0193 12636 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
21:26:34.0208 12636 NativeWifiP - ok
21:26:34.0331 12636 NAV (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files (x86)\Norton AntiVirus\Engine\19.7.1.5\ccSvcHst.exe
21:26:34.0334 12636 NAV - ok
21:26:34.0492 12636 NAVENG (8043d41f881d6ace40b854ad6e32217f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Definitions\VirusDefs\20120813.003\ENG64.SYS
21:26:34.0510 12636 NAVENG - ok
21:26:34.0698 12636 NAVEX15 (9a9ab2fc45d701daed465d14980f1305) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.5.1.2\Definitions\VirusDefs\20120813.003\EX64.SYS
21:26:34.0780 12636 NAVEX15 - ok
21:26:34.0966 12636 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
21:26:34.0981 12636 NDIS - ok
21:26:35.0019 12636 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
21:26:35.0022 12636 NdisTapi - ok
21:26:35.0082 12636 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
21:26:35.0083 12636 Ndisuio - ok
21:26:35.0129 12636 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
21:26:35.0144 12636 NdisWan - ok
21:26:35.0194 12636 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
21:26:35.0197 12636 NDProxy - ok
21:26:35.0244 12636 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
21:26:35.0247 12636 Net Driver HPZ12 - ok
21:26:35.0279 12636 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
21:26:35.0281 12636 NetBIOS - ok
21:26:35.0319 12636 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
21:26:35.0352 12636 netbt - ok
21:26:35.0506 12636 Netlogon (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:26:35.0508 12636 Netlogon - ok
21:26:35.0602 12636 Netman (9b63b29defc0f3115a559d2597bf5d75) C:\Windows\System32\netman.dll
21:26:35.0610 12636 Netman - ok
21:26:35.0665 12636 netprofm (7846d0136cc2b264926a73047ba7688a) C:\Windows\System32\netprofm.dll
21:26:35.0672 12636 netprofm - ok
21:26:35.0736 12636 NetTcpPortSharing (74751dda198165947fd7454d83f49825) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:26:35.0740 12636 NetTcpPortSharing - ok
21:26:36.0197 12636 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
21:26:36.0338 12636 NETw3v64 - ok
21:26:36.0572 12636 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
21:26:36.0575 12636 nfrd960 - ok
21:26:36.0640 12636 NlaSvc (f145bf4c4668e7e312069f81ef847cfc) C:\Windows\System32\nlasvc.dll
21:26:36.0646 12636 NlaSvc - ok
21:26:36.0683 12636 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
21:26:36.0685 12636 Npfs - ok
21:26:36.0698 12636 nsi (acb62baa1c319b17752553df3026eeeb) C:\Windows\system32\nsisvc.dll
21:26:36.0701 12636 nsi - ok
21:26:36.0726 12636 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
21:26:36.0728 12636 nsiproxy - ok
21:26:36.0859 12636 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
21:26:36.0938 12636 Ntfs - ok
21:26:37.0033 12636 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
21:26:37.0035 12636 Null - ok
21:26:37.0063 12636 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
21:26:37.0067 12636 nvraid - ok
21:26:37.0111 12636 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
21:26:37.0114 12636 nvstor - ok
21:26:37.0142 12636 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
21:26:37.0159 12636 nv_agp - ok
21:26:37.0165 12636 NwlnkFlt - ok
21:26:37.0173 12636 NwlnkFwd - ok
21:26:37.0283 12636 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:26:37.0298 12636 odserv - ok
21:26:37.0373 12636 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
21:26:37.0377 12636 ohci1394 - ok
21:26:37.0425 12636 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:26:37.0429 12636 ose - ok
21:26:37.0551 12636 p2pimsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:26:37.0578 12636 p2pimsvc - ok
21:26:37.0593 12636 p2psvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:26:37.0604 12636 p2psvc - ok
21:26:37.0631 12636 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
21:26:37.0636 12636 Parport - ok
21:26:37.0671 12636 partmgr (b43751085e2abe389da466bc62a4b987) C:\Windows\system32\drivers\partmgr.sys
21:26:37.0674 12636 partmgr - ok
21:26:37.0741 12636 PcaSvc (9ab157b374192ff276c1628fbdba2b0e) C:\Windows\System32\pcasvc.dll
21:26:37.0747 12636 PcaSvc - ok
21:26:37.0784 12636 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
21:26:37.0797 12636 pci - ok
21:26:37.0829 12636 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
21:26:37.0832 12636 pciide - ok
21:26:37.0873 12636 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
21:26:37.0887 12636 pcmcia - ok
21:26:37.0975 12636 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
21:26:37.0990 12636 PEAUTH - ok
21:26:38.0059 12636 PerfHost (0ed8727ea0172860f47258456c06caea) C:\Windows\SysWow64\perfhost.exe
21:26:38.0062 12636 PerfHost - ok
21:26:38.0330 12636 pla (e9e68c1a0f25cf4a7ac966eea74ee89e) C:\Windows\system32\pla.dll
21:26:38.0371 12636 pla - ok
21:26:38.0448 12636 PlugPlay (fe6b0f59215c9fd9f9d26539c58c8b82) C:\Windows\system32\umpnpmgr.dll
21:26:38.0456 12636 PlugPlay - ok
21:26:38.0486 12636 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
21:26:38.0488 12636 Pml Driver HPZ12 - ok
21:26:38.0584 12636 PNRPAutoReg (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:26:38.0595 12636 PNRPAutoReg - ok
21:26:38.0609 12636 PNRPsvc (9ae31d2e1d15c10d91318e0ec149ceac) C:\Windows\system32\p2psvc.dll
21:26:38.0621 12636 PNRPsvc - ok
21:26:38.0705 12636 PolicyAgent (89a5560671c2d8b4a4b51f3e1aa069d8) C:\Windows\System32\ipsecsvc.dll
21:26:38.0718 12636 PolicyAgent - ok
21:26:38.0860 12636 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
21:26:38.0863 12636 PptpMiniport - ok
21:26:38.0889 12636 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
21:26:38.0893 12636 Processor - ok
21:26:38.0943 12636 ProfSvc (e058ce4fc2449d8bfa14739c83b7ff2a) C:\Windows\system32\profsvc.dll
21:26:38.0948 12636 ProfSvc - ok
21:26:38.0986 12636 ProtectedStorage (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:26:38.0988 12636 ProtectedStorage - ok
21:26:39.0024 12636 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
21:26:39.0025 12636 PSched - ok
21:26:39.0111 12636 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
21:26:39.0153 12636 ql2300 - ok
21:26:39.0169 12636 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
21:26:39.0175 12636 ql40xx - ok
21:26:39.0227 12636 QWAVE (90574842c3da781e279061a3eff91f07) C:\Windows\system32\qwave.dll
21:26:39.0247 12636 QWAVE - ok
21:26:39.0261 12636 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
21:26:39.0263 12636 QWAVEdrv - ok
21:26:39.0409 12636 RapiMgr (a55e7d0d873b2c97585b3b5926ac6ade) C:\Windows\WindowsMobile\rapimgr.dll
21:26:39.0413 12636 RapiMgr - ok
21:26:39.0439 12636 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
21:26:39.0441 12636 RasAcd - ok
21:26:39.0489 12636 RasAuto (b2ae18f847d07f0044404ddf7cb04497) C:\Windows\System32\rasauto.dll
21:26:39.0494 12636 RasAuto - ok
21:26:39.0575 12636 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:26:39.0603 12636 Rasl2tp - ok
21:26:39.0678 12636 RasMan (3ad83e4046c43be510de681588acb8af) C:\Windows\System32\rasmans.dll
21:26:39.0685 12636 RasMan - ok
21:26:39.0723 12636 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
21:26:39.0726 12636 RasPppoe - ok
21:26:39.0807 12636 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
21:26:39.0851 12636 RasSstp - ok
21:26:39.0974 12636 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
21:26:40.0006 12636 rdbss - ok
21:26:40.0069 12636 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:26:40.0071 12636 RDPCDD - ok
21:26:40.0153 12636 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
21:26:40.0175 12636 rdpdr - ok
21:26:40.0184 12636 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
21:26:40.0186 12636 RDPENCDD - ok
21:26:40.0239 12636 RDPWD (ae4bd9e1c33d351d8e607fc81f15160c) C:\Windows\system32\drivers\RDPWD.sys
21:26:40.0349 12636 RDPWD - ok
21:26:40.0478 12636 Recovery Service for Windows (d5f08cc3d19b1c7f49619b9dad43c0ce) C:\Program Files (x86)\SMINST\BLService.exe
21:26:40.0485 12636 Recovery Service for Windows - ok
21:26:40.0533 12636 RemoteAccess (c612b9557da73f70d41f8a6fbc8e5344) C:\Windows\System32\mprdim.dll
21:26:40.0538 12636 RemoteAccess - ok
21:26:40.0596 12636 RemoteRegistry (44b9d8ec2f3ef3a0efb00857af70d861) C:\Windows\system32\regsvc.dll
21:26:40.0619 12636 RemoteRegistry - ok
21:26:40.0728 12636 RichVideo (805ae1f90c64758d19aaa001cf8cba12) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:26:40.0732 12636 RichVideo - ok
21:26:40.0815 12636 RosettaStoneDaemon (182deb193d2f7b785086af4f081540fc) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
21:26:40.0860 12636 RosettaStoneDaemon - ok
21:26:40.0935 12636 RpcLocator (f46c457840d4b7a4daafee739ce04102) C:\Windows\system32\locator.exe
21:26:40.0939 12636 RpcLocator - ok
21:26:41.0059 12636 RpcSs (cf8b9a3a5e7dc57724a89d0c3e8cf9ef) C:\Windows\system32\rpcss.dll
21:26:41.0069 12636 RpcSs - ok
21:26:41.0148 12636 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
21:26:41.0150 12636 rspndr - ok
21:26:41.0236 12636 RTL8169 (af7074e1d6a8a66204067ee8b2a8327a) C:\Windows\system32\DRIVERS\Rtlh64.sys
21:26:41.0251 12636 RTL8169 - ok
21:26:41.0309 12636 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS
21:26:41.0313 12636 RTSTOR - ok
21:26:41.0387 12636 SamSs (260bf9c43ee12c6898a9f5aab0fb0e5d) C:\Windows\system32\lsass.exe
21:26:41.0389 12636 SamSs - ok
21:26:41.0455 12636 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
21:26:41.0458 12636 sbp2port - ok
21:26:41.0518 12636 SCardSvr (fd1cdcf108d5ef3366f00d18b70fb89b) C:\Windows\System32\SCardSvr.dll
21:26:41.0533 12636 SCardSvr - ok
21:26:41.0646 12636 Schedule (0f838c811ad295d2a4489b9993096c63) C:\Windows\system32\schedsvc.dll
21:26:41.0662 12636 Schedule - ok
21:26:41.0698 12636 SCPolicySvc (5a268127633c7ee2a7fb87f39d748d56) C:\Windows\System32\certprop.dll
21:26:41.0700 12636 SCPolicySvc - ok
21:26:41.0749 12636 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
21:26:41.0754 12636 sdbus - ok
21:26:41.0800 12636 SDRSVC (4ff71b076a7760fe75ea5ae2d0ee0018) C:\Windows\System32\SDRSVC.dll
21:26:41.0805 12636 SDRSVC - ok
21:26:41.0827 12636 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:26:41.0829 12636 secdrv - ok
21:26:41.0854 12636 seclogon (5acdcbc67fcf894a1815b9f96d704490) C:\Windows\system32\seclogon.dll
21:26:41.0858 12636 seclogon - ok
21:26:41.0875 12636 SENS (90973a64b96cd647ff81c79443618eed) C:\Windows\System32\sens.dll
21:26:41.0878 12636 SENS - ok
21:26:41.0949 12636 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
21:26:41.0952 12636 Serenum - ok
21:26:42.0018 12636 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
21:26:42.0023 12636 Serial - ok
21:26:42.0051 12636 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
21:26:42.0054 12636 sermouse - ok
21:26:42.0118 12636 SessionEnv (a8e4a4407a09f35dccc3771af590b0c4) C:\Windows\system32\sessenv.dll
21:26:42.0123 12636 SessionEnv - ok
21:26:42.0146 12636 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
21:26:42.0150 12636 sffdisk - ok
21:26:42.0167 12636 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
21:26:42.0170 12636 sffp_mmc - ok
21:26:42.0203 12636 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
21:26:42.0247 12636 sffp_sd - ok
21:26:42.0285 12636 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
21:26:42.0289 12636 sfloppy - ok
21:26:42.0379 12636 ShellHWDetection (56793271ecdedd350c5add305603e963) C:\Windows\System32\shsvcs.dll
21:26:42.0386 12636 ShellHWDetection - ok
21:26:42.0413 12636 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
21:26:42.0416 12636 SiSRaid2 - ok
21:26:42.0457 12636 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
21:26:42.0460 12636 SiSRaid4 - ok
21:26:42.0692 12636 slsvc (a9a27a8e257b45a604fdad4f26fe7241) C:\Windows\system32\SLsvc.exe
21:26:42.0781 12636 slsvc - ok
21:26:42.0995 12636 SLUINotify (fd74b4b7c2088e390a30c85a896fc3af) C:\Windows\system32\SLUINotify.dll
21:26:43.0000 12636 SLUINotify - ok
21:26:43.0059 12636 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
21:26:43.0063 12636 Smb - ok
21:26:43.0116 12636 SMR300 (10bc9f077fc149e4e0a40bae1d42a259) C:\Windows\system32\drivers\SMR300.SYS
21:26:43.0120 12636 SMR300 - ok
21:26:43.0193 12636 SNMPTRAP (f8f47f38909823b1af28d60b96340cff) C:\Windows\System32\snmptrap.exe
21:26:43.0197 12636 SNMPTRAP - ok
21:26:43.0223 12636 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
21:26:43.0225 12636 spldr - ok
21:26:43.0277 12636 Spooler (f66ff751e7efc816d266977939ef5dc3) C:\Windows\System32\spoolsv.exe
21:26:43.0283 12636 Spooler - ok
21:26:43.0412 12636 SRTSP (06b9a7ba94356ec5207c5ddb59540378) C:\Windows\System32\Drivers\NAVx64\1307010.005\SRTSP64.SYS
21:26:43.0442 12636 SRTSP - ok
21:26:43.0474 12636 SRTSPX (fbb8945a61e55a2345d12487c74a9d76) C:\Windows\system32\drivers\NAVx64\1307010.005\SRTSPX64.SYS
21:26:43.0478 12636 SRTSPX - ok
21:26:43.0572 12636 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
21:26:43.0623 12636 srv - ok
21:26:43.0684 12636 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
21:26:43.0699 12636 srv2 - ok
21:26:43.0782 12636 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
21:26:43.0798 12636 srvnet - ok
21:26:43.0853 12636 SSDPSRV (192c74646ec5725aef3f80d19ff75f6a) C:\Windows\System32\ssdpsrv.dll
21:26:43.0860 12636 SSDPSRV - ok
21:26:43.0921 12636 SstpSvc (2ee3fa0308e6185ba64a9a7f2e74332b) C:\Windows\system32\sstpsvc.dll
21:26:43.0926 12636 SstpSvc - ok
21:26:44.0048 12636 STacSV (3fb66e86ba667d627a613e1d677469b0) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe
21:26:44.0054 12636 STacSV - ok
21:26:44.0155 12636 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys
21:26:44.0165 12636 STHDA - ok
21:26:44.0245 12636 StillCam (14b4db4381e4a55f570d8bb699b791d6) C:\Windows\system32\DRIVERS\serscan.sys
21:26:44.0248 12636 StillCam - ok
21:26:44.0312 12636 stisvc (15825c1fbfb8779992cb65087f316af5) C:\Windows\System32\wiaservc.dll
21:26:44.0325 12636 stisvc - ok
21:26:44.0362 12636 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
21:26:44.0365 12636 swenum - ok
21:26:44.0424 12636 swprv (6de37f4de19d4efd9c48c43addbc949a) C:\Windows\System32\swprv.dll
21:26:44.0436 12636 swprv - ok
21:26:44.0467 12636 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
21:26:44.0470 12636 Symc8xx - ok
21:26:44.0576 12636 SymDS (8b2430762099598da40686f754632efd) C:\Windows\system32\drivers\NAVx64\1307010.005\SYMDS64.SYS
21:26:44.0638 12636 SymDS - ok
21:26:44.0799 12636 SymEFA (f90c7a190399165d3ab2245048d34786) C:\Windows\system32\drivers\NAVx64\1307010.005\SYMEFA64.SYS
21:26:44.0852 12636 SymEFA - ok
21:26:44.0924 12636 SymEvent (898bb48c797483420df523b2bbc1ecdb) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:26:44.0929 12636 SymEvent - ok
21:26:45.0040 12636 SymIRON (5013a76caaa1d7cf1c55214b490b4e35) C:\Windows\system32\drivers\NAVx64\1307010.005\Ironx64.SYS
21:26:45.0045 12636 SymIRON - ok
21:26:45.0101 12636 SYMTDIv (a25fee245c78804601d83431386a0bee) C:\Windows\System32\Drivers\NAVx64\1307010.005\SYMTDIV.SYS
21:26:45.0140 12636 SYMTDIv - ok
21:26:45.0193 12636 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
21:26:45.0196 12636 Sym_hi - ok
21:26:45.0235 12636 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
21:26:45.0238 12636 Sym_u3 - ok
21:26:45.0286 12636 SynTP (c851305e2bcfce8aaa53342f912ddd7f) C:\Windows\system32\DRIVERS\SynTP.sys
21:26:45.0346 12636 SynTP - ok
21:26:45.0484 12636 SysMain (92d7a8b0f87b036f17d25885937897a6) C:\Windows\system32\sysmain.dll
21:26:45.0503 12636 SysMain - ok
21:26:45.0561 12636 TabletInputService (005ce42567f9113a3bccb3b20073b029) C:\Windows\System32\TabSvc.dll
21:26:45.0566 12636 TabletInputService - ok
21:26:45.0615 12636 TapiSrv (cc2562b4d55e0b6a4758c65407f63b79) C:\Windows\System32\tapisrv.dll
21:26:45.0622 12636 TapiSrv - ok
21:26:45.0644 12636 TBS (cdbe8d7c1e201b911cdc346d06617fb5) C:\Windows\System32\tbssvc.dll
21:26:45.0648 12636 TBS - ok
21:26:45.0809 12636 Tcpip (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\drivers\tcpip.sys
21:26:45.0877 12636 Tcpip - ok
21:26:46.0042 12636 Tcpip6 (46d448e9117464e4d3bbf36d7e3fa48e) C:\Windows\system32\DRIVERS\tcpip.sys
21:26:46.0057 12636 Tcpip6 - ok
21:26:46.0160 12636 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
21:26:46.0163 12636 tcpipreg - ok
21:26:46.0245 12636 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
21:26:46.0248 12636 TDPIPE - ok
21:26:46.0267 12636 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
21:26:46.0270 12636 TDTCP - ok
21:26:46.0319 12636 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
21:26:46.0323 12636 tdx - ok
21:26:46.0362 12636 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
21:26:46.0366 12636 TermDD - ok
21:26:46.0424 12636 TermService (5cdd30bc217082dac71a9878d9bfd566) C:\Windows\System32\termsrv.dll
21:26:46.0436 12636 TermService - ok
21:26:46.0490 12636 Themes (56793271ecdedd350c5add305603e963) C:\Windows\system32\shsvcs.dll
21:26:46.0495 12636 Themes - ok
21:26:46.0515 12636 THREADORDER (3cbe4995e80e13ccfbc42e5dcf3ac81a) C:\Windows\system32\mmcss.dll
21:26:46.0517 12636 THREADORDER - ok
21:26:46.0549 12636 TrkWks (f4689f05af472a651a7b1b7b02d200e7) C:\Windows\System32\trkwks.dll
21:26:46.0553 12636 TrkWks - ok
21:26:46.0597 12636 TrustedInstaller (66328b08ef5a9305d8ede36b93930369) C:\Windows\servicing\TrustedInstaller.exe
21:26:46.0599 12636 TrustedInstaller - ok
21:26:46.0636 12636 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:26:46.0639 12636 tssecsrv - ok
21:26:46.0678 12636 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
21:26:46.0680 12636 tunmp - ok
21:26:46.0705 12636 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
21:26:46.0708 12636 tunnel - ok
21:26:46.0736 12636 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
21:26:46.0753 12636 uagp35 - ok
21:26:46.0805 12636 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
21:26:46.0838 12636 udfs - ok
21:26:46.0877 12636 UI0Detect (060507c4113391394478f6953a79eedc) C:\Windows\system32\UI0Detect.exe
21:26:46.0881 12636 UI0Detect - ok
21:26:46.0911 12636 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
21:26:46.0915 12636 uliagpkx - ok
21:26:46.0960 12636 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
21:26:46.0993 12636 uliahci - ok
21:26:47.0022 12636 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
21:26:47.0026 12636 UlSata - ok
21:26:47.0041 12636 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
21:26:47.0046 12636 ulsata2 - ok
21:26:47.0070 12636 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
21:26:47.0074 12636 umbus - ok
21:26:47.0188 12636 Updater Service for StartNow Toolbar (7ccf424450af71461ca5aca14fb45b72) C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
21:26:47.0191 12636 Updater Service for StartNow Toolbar - ok
21:26:47.0251 12636 upnphost (7093799ff80e9deca0680d2e3535be60) C:\Windows\System32\upnphost.dll
21:26:47.0261 12636 upnphost - ok
21:26:47.0303 12636 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
21:26:47.0306 12636 USBAAPL64 - ok
21:26:47.0361 12636 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
21:26:47.0366 12636 usbaudio - ok
21:26:47.0409 12636 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
21:26:47.0413 12636 usbccgp - ok
21:26:47.0490 12636 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
21:26:47.0494 12636 usbcir - ok
21:26:47.0611 12636 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
21:26:47.0615 12636 usbehci - ok
21:26:47.0643 12636 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
21:26:47.0698 12636 usbhub - ok
21:26:47.0714 12636 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
21:26:47.0717 12636 usbohci - ok
21:26:47.0750 12636 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
21:26:47.0753 12636 usbprint - ok
21:26:47.0790 12636 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
21:26:47.0793 12636 usbscan - ok
21:26:47.0836 12636 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:26:47.0841 12636 USBSTOR - ok
21:26:47.0856 12636 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
21:26:47.0859 12636 usbuhci - ok
21:26:47.0911 12636 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
21:26:47.0925 12636 usbvideo - ok
21:26:47.0973 12636 usb_rndisx (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
21:26:47.0977 12636 usb_rndisx - ok
21:26:48.0014 12636 UxSms (d76e231e4850bb3f88a3d9a78df191e3) C:\Windows\System32\uxsms.dll
21:26:48.0018 12636 UxSms - ok
21:26:48.0073 12636 vds (294945381dfa7ce58cecf0a9896af327) C:\Windows\System32\vds.exe
21:26:48.0100 12636 vds - ok
21:26:48.0166 12636 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
21:26:48.0170 12636 vga - ok
21:26:48.0191 12636 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
21:26:48.0193 12636 VgaSave - ok
21:26:48.0226 12636 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
21:26:48.0228 12636 viaide - ok
21:26:48.0262 12636 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
21:26:48.0266 12636 volmgr - ok
21:26:48.0324 12636 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
21:26:48.0354 12636 volmgrx - ok
21:26:48.0403 12636 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
21:26:48.0427 12636 volsnap - ok
21:26:48.0461 12636 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
21:26:48.0477 12636 vsmraid - ok
21:26:48.0595 12636 VSS (b75232dad33bfd95bf6f0a3e6bff51e1) C:\Windows\system32\vssvc.exe
21:26:48.0645 12636 VSS - ok
21:26:48.0765 12636 W32Time (f14a7de2ea41883e250892e1e5230a9a) C:\Windows\system32\w32time.dll
21:26:48.0773 12636 W32Time - ok
21:26:48.0823 12636 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
21:26:48.0826 12636 WacomPen - ok
21:26:48.0867 12636 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:26:48.0870 12636 Wanarp - ok
21:26:48.0876 12636 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
21:26:48.0878 12636 Wanarpv6 - ok
21:26:48.0974 12636 WcesComm (8bda6db43aa54e8bb5e0794541ddc209) C:\Windows\WindowsMobile\wcescomm.dll
21:26:48.0981 12636 WcesComm - ok
21:26:49.0035 12636 wcncsvc (b4e4c37d0aa6100090a53213ee2bf1c1) C:\Windows\System32\wcncsvc.dll
21:26:49.0069 12636 wcncsvc - ok
21:26:49.0108 12636 WcsPlugInService (ea4b369560e986f19d93f45a881484ac) C:\Windows\System32\WcsPlugInService.dll
21:26:49.0113 12636 WcsPlugInService - ok
21:26:49.0132 12636 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
21:26:49.0135 12636 Wd - ok
21:26:49.0214 12636 Wdf01000 (8d6811e168f047b674d6aa2daccfa180) C:\Windows\system32\drivers\Wdf01000.sys
21:26:49.0257 12636 Wdf01000 - ok
21:26:49.0299 12636 WdiServiceHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
21:26:49.0303 12636 WdiServiceHost - ok
21:26:49.0308 12636 WdiSystemHost (c5efda73ebfca8b02a094898de0a9276) C:\Windows\system32\wdi.dll
21:26:49.0312 12636 WdiSystemHost - ok
21:26:49.0364 12636 WebClient (3e6d05381cf35f75ebb055544a8ed9ac) C:\Windows\System32\webclnt.dll
21:26:49.0371 12636 WebClient - ok
21:26:49.0445 12636 Wecsvc (8d40bc587993f876658bf9fb0f7d3462) C:\Windows\system32\wecsvc.dll
21:26:49.0452 12636 Wecsvc - ok
21:26:49.0486 12636 wercplsupport (9c980351d7e96288ea0c23ae232bd065) C:\Windows\System32\wercplsupport.dll
21:26:49.0490 12636 wercplsupport - ok
21:26:49.0538 12636 WerSvc (66b9ecebc46683f47edc06333c075fef) C:\Windows\System32\WerSvc.dll
21:26:49.0543 12636 WerSvc - ok
21:26:49.0551 12636 WinHttpAutoProxySvc - ok
21:26:49.0636 12636 Winmgmt (d2e7296ed1bd26d8db2799770c077a02) C:\Windows\system32\wbem\WMIsvc.dll
21:26:49.0641 12636 Winmgmt - ok
21:26:49.0813 12636 WinRM (6cbb0c68f13b9c2ec1b16f5fa5e7c869) C:\Windows\system32\WsmSvc.dll
21:26:49.0874 12636 WinRM - ok
21:26:50.0028 12636 WinUSB (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.sys
21:26:50.0031 12636 WinUSB - ok
21:26:50.0101 12636 Wlansvc (ec339c8115e91baed835957e9a677f16) C:\Windows\System32\wlansvc.dll
21:26:50.0115 12636 Wlansvc - ok
21:26:50.0135 12636 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
21:26:50.0138 12636 WmiAcpi - ok
21:26:50.0212 12636 wmiApSrv (21fa389e65a852698b6a1341f36ee02d) C:\Windows\system32\wbem\WmiApSrv.exe
21:26:50.0224 12636 wmiApSrv - ok
21:26:50.0267 12636 WMPNetworkSvc - ok
21:26:50.0361 12636 WMZuneComm (45de51db0950a4b8595520ef0bafcff1) c:\Program Files\Zune\WMZuneComm.exe
21:26:50.0404 12636 WMZuneComm - ok
21:26:50.0470 12636 WPCSvc (cbc156c913f099e6680d1df9307db7a8) C:\Windows\System32\wpcsvc.dll
21:26:50.0517 12636 WPCSvc - ok
21:26:50.0586 12636 WPDBusEnum (490a18b4e4d53dc10879deaa8e8b70d9) C:\Windows\system32\wpdbusenum.dll
21:26:50.0592 12636 WPDBusEnum - ok
21:26:50.0667 12636 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
21:26:50.0670 12636 WpdUsb - ok
21:26:50.0867 12636 WPFFontCache_v0400 (991e2c2cf3bc204c2bb2ee1476149e4e) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:26:50.0895 12636 WPFFontCache_v0400 - ok
21:26:50.0942 12636 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
21:26:50.0945 12636 ws2ifsl - ok
21:26:50.0953 12636 WSearch - ok
21:26:51.0170 12636 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
21:26:51.0218 12636 wuauserv - ok
21:26:51.0404 12636 WudfPf (ebd12de99c553f41f6a3b29d89978ac8) C:\Windows\system32\drivers\WudfPf.sys
21:26:51.0409 12636 WudfPf - ok
21:26:51.0458 12636 WUDFRd (85e41d1fb0e40a0ab06e5039d70268d4) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:26:51.0473 12636 WUDFRd - ok
21:26:51.0530 12636 wudfsvc (ade1f9afab86d966747629309d59d51a) C:\Windows\System32\WUDFSvc.dll
21:26:51.0536 12636 wudfsvc - ok
21:26:51.0642 12636 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
21:26:51.0653 12636 yukonx64 - ok
21:26:52.0278 12636 ZuneNetworkSvc (b79c2ce5340a5eca38ca1f74aa445d2b) c:\Program Files\Zune\ZuneNss.exe
21:26:52.0548 12636 ZuneNetworkSvc - ok
21:26:52.0710 12636 ZuneWlanCfgSvc (e2859aea054422fe40517179ae867c2d) c:\Windows\system32\ZuneWlanCfgSvc.exe
21:26:52.0721 12636 ZuneWlanCfgSvc - ok
21:26:52.0800 12636 {55662437-DA8C-40c0-AADA-2C816A897A49} (15cc7077d2dc28776cd430ecabbffd66) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
21:26:52.0802 12636 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
21:26:52.0857 12636 MBR (0x1B8) (588ae8f0c685c02ba11f30d9cd7e61a0) \Device\Harddisk0\DR0
21:26:53.0011 12636 \Device\Harddisk0\DR0 - ok
21:26:53.0017 12636 Boot (0x1200) (cead4ce2578bee1165dd63076e3b8c55) \Device\Harddisk0\DR0\Partition0
21:26:53.0019 12636 \Device\Harddisk0\DR0\Partition0 - ok
21:26:53.0029 12636 Boot (0x1200) (61e72d7b6b11db6ab9160a793100bfe4) \Device\Harddisk0\DR0\Partition1
21:26:53.0032 12636 \Device\Harddisk0\DR0\Partition1 - ok
21:26:53.0033 12636 ============================================================
21:26:53.0034 12636 Scan finished
21:26:53.0034 12636 ============================================================
21:26:53.0069 17236 Detected object count: 0
21:26:53.0069 17236 Actual detected object count: 0
21:30:58.0301 17256 Deinitialize success

#4 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 13 August 2012 - 09:39 PM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-13 21:34:22
-----------------------------
21:34:22.359 OS Version: Windows x64 6.0.6002 Service Pack 2
21:34:22.360 Number of processors: 2 586 0x170A
21:34:22.361 ComputerName: 1-PC UserName: 1
21:34:25.490 Initialize success
21:36:29.579 AVAST engine defs: 12081301
21:38:14.053 The log file has been saved successfully to "C:\Users\1\Desktop\aswMBR.txt"

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:30 PM

Posted 13 August 2012 - 09:42 PM

ASWMBR log is incomplete.Please run the scan again and post the log

#6 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 14 August 2012 - 06:45 AM

Here are the found threat. I will run the ASWMBRagai.



C:\Program Files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe Win32/Toolbar.Zugo application
C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll a variant of Win32/Toolbar.Zugo application
C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe a variant of Win32/Toolbar.Zugo application
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll probably a variant of Win32/Toolbar.SearchSuite application
C:\Program Files (x86)\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\1\Desktop\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application
C:\Users\1\Downloads\fbdownloader_1238.exe a variant of Win32/InstallIQ application
C:\Users\1\Downloads\Setup(1).exe Win32/Adware.Bundlore application
C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Users\All Users\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\00000008.@ Win64/Agent.BA trojan
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CIZU3Y12\cat-and-dolphin-playing-together[1].htm HTML/ScrInject.B.Gen virus
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CIZU3Y12\cat-and-dolphin-playing-together[1].htm HTML/ScrInject.B.Gen virus
Operating memory multiple threats

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:30 PM

Posted 14 August 2012 - 06:50 AM

ESET log shows that infections were not removed.Please run ESET scan again and make sure to remove them.

#8 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 14 August 2012 - 07:19 AM

I am running the aswmbr right now but am about to have to leave for work. I will post the log when I get home this afternoon.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:30 PM

Posted 14 August 2012 - 07:21 AM

:thumbup2:

#10 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 14 August 2012 - 08:05 AM

OK, I'm sorry. I will rerun the ESET Log right when I get home. Thank you so much for your help!

#11 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 14 August 2012 - 06:22 PM

When I got home my computor was off so I had to run this scan again.

Also now Norton is saying my pc is not protected by sonar advanced protection and is at risk.


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-14 16:55:44
-----------------------------
16:55:44.419 OS Version: Windows x64 6.0.6002 Service Pack 2
16:55:44.419 Number of processors: 2 586 0x170A
16:55:44.420 ComputerName: 1-PC UserName: 1
16:55:48.541 Initialize success
16:56:10.687 AVAST engine defs: 12081301
16:56:20.352 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:56:20.355 Disk 0 Vendor: WDC_WD32 13.0 Size: 305245MB BusType: 3
16:56:20.372 Disk 0 MBR read successfully
16:56:20.377 Disk 0 MBR scan
16:56:20.384 Disk 0 unknown MBR code
16:56:20.388 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 292471 MB offset 63
16:56:20.428 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 12770 MB offset 598982656
16:56:20.490 Disk 0 scanning C:\Windows\system32\drivers
16:56:38.865 Service scanning
16:57:12.570 Modules scanning
16:57:12.579 Disk 0 trace - called modules:
16:57:12.597 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
16:57:12.607 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004fd6660]
16:57:12.616 3 CLASSPNP.SYS[fffffa6000a24c33] -> nt!IofCallDriver -> [0xfffffa8004fa3440]
16:57:12.627 5 hpdskflt.sys[fffffa6001c020ee] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004c7c050]
16:57:16.245 AVAST engine scan C:\Windows
16:57:21.905 AVAST engine scan C:\Windows\system32
17:07:59.229 AVAST engine scan C:\Windows\system32\drivers
17:08:50.613 AVAST engine scan C:\Users\1
17:44:16.167 AVAST engine scan C:\ProgramData
18:03:44.043 Scan finished successfully
18:04:37.382 Disk 0 MBR has been saved successfully to "C:\Users\1\Desktop\MBR.dat"
18:04:37.393 The log file has been saved successfully to "C:\Users\1\Desktop\aswMBR.txt"

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:30 PM

Posted 14 August 2012 - 06:30 PM

TDSSkiller has been updated.Please download the updated version and post the logs along with ESET scan

#13 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 14 August 2012 - 06:40 PM

Does it matter in which order these scans are ran? When I ran the aswmbr scan this morning before I had to leave for work it showed one or more of the files infected and then when I got home the computor must have shut down so I turned it back on and had to run it again and it did not show file to be infected.

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:11:30 PM

Posted 14 August 2012 - 06:43 PM

No problem,go ahead with ESET

#15 christinaann7

christinaann7
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:10:30 PM

Posted 14 August 2012 - 10:30 PM

It only detected 4 this time...



C:\Users\1\AppData\Local\Temp\NOD6285.tmp probably a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\NOD75B8.tmp a variant of Win32/Toolbar.Zugo application cleaned by deleting (after the next restart) - quarantined
C:\Users\1\AppData\Local\Temp\NOD7C1F.tmp a variant of Win32/Adware.Yontoo.A application cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Temp\NOD83BE.tmp a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users