Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

bProtect


  • Please log in to reply
24 replies to this topic

#1 areia

areia

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 August 2012 - 12:35 PM

Hi im totally new to here and a novice to the pc world, i noticed a while back the bProtector thing attaching to my photos every time i try to delite it then empty recycle bin, and my homepage changed which i managed to get back to google,
My son who claims hes a dab hand clearly isnt, im not sure when this started but ive had it a while and it must of been some videos hes watched.

I have AVG that found nothing, tried deliting in programs and features, ( i have vista)

I have no idea on how to remove, if this has been mentioned before i dont mind a link, but hopefully its in plain english :blink:

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 AM

Posted 17 August 2012 - 12:59 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 August 2012 - 02:13 PM

this what you want ??? forgot its avast i areadly have not avg sorry :S

20:06:18.0708 4184 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
20:06:19.0417 4184 ============================================================
20:06:19.0417 4184 Current date / time: 2012/08/17 20:06:19.0417
20:06:19.0417 4184 SystemInfo:
20:06:19.0417 4184
20:06:19.0417 4184 OS Version: 6.0.6002 ServicePack: 2.0
20:06:19.0417 4184 Windows directory: C:\Windows
20:06:19.0417 4184 System windows directory: C:\Windows
20:06:19.0417 4184 Processor architecture: Intel x86
20:06:19.0417 4184 Number of processors: 2
20:06:19.0417 4184 Page size: 0x1000
20:06:19.0417 4184 Boot type: Normal boot
20:06:19.0417 4184 ============================================================
20:06:23.0121 4184 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x50C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
20:06:23.0232 4184 ============================================================
20:06:23.0232 4184 \Device\Harddisk0\DR0:
20:06:23.0253 4184 MBR partitions:
20:06:23.0253 4184 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xDAF250, BlocksNum 0x11C694C0
20:06:23.0253 4184 ============================================================
20:06:23.0467 4184 C: <-> \Device\Harddisk0\DR0\Partition1
20:06:24.0006 4184 ============================================================
20:06:24.0006 4184 Initialize success
20:06:24.0006 4184 ============================================================
20:06:28.0921 5712 ============================================================
20:06:28.0921 5712 Scan started
20:06:28.0921 5712 Mode: Manual;
20:06:28.0921 5712 ============================================================
20:06:30.0966 5712 ================ Scan services =============================
20:06:31.0264 5712 [ 82b296ae1892fe3dbee00c9cf92f8ac7 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:06:31.0286 5712 ACPI - ok
20:06:31.0341 5712 [ f35b5d0cc142b87e687fc504baa69d82 ] ActionReplayDS C:\Windows\system32\Drivers\ActionReplayDS.sys
20:06:31.0343 5712 ActionReplayDS - ok
20:06:31.0604 5712 [ d19c4ee2ac7c47b8f5f84fff1a789d8a ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:06:31.0638 5712 AdobeARMservice - ok
20:06:31.0733 5712 [ a9d3b95e8466bd58eeb8a1154654e162 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:06:31.0738 5712 AdobeFlashPlayerUpdateSvc - ok
20:06:31.0796 5712 [ 04f0fcac69c7c71a3ac4eb97fafc8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:06:31.0804 5712 adp94xx - ok
20:06:31.0833 5712 [ 60505e0041f7751bdbb80f88bf45c2ce ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:06:31.0839 5712 adpahci - ok
20:06:31.0902 5712 [ 8a42779b02aec986eab64ecfc98f8bd7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:06:31.0918 5712 adpu160m - ok
20:06:31.0947 5712 [ 241c9e37f8ce45ef51c3de27515ca4e5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:06:31.0951 5712 adpu320 - ok
20:06:32.0010 5712 [ 9d1fda9e086ba64e3c93c9de32461bcf ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:06:32.0012 5712 AeLookupSvc - ok
20:06:32.0063 5712 [ 3911b972b55fea0478476b2e777b29fa ] AFD C:\Windows\system32\drivers\afd.sys
20:06:32.0068 5712 AFD - ok
20:06:32.0105 5712 [ 13f9e33747e6b41a3ff305c37db0d360 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:06:32.0108 5712 agp440 - ok
20:06:32.0129 5712 [ ae1fdf7bf7bb6c6a70f67699d880592a ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:06:32.0133 5712 aic78xx - ok
20:06:32.0160 5712 [ a1545b731579895d8cc44fc0481c1192 ] ALG C:\Windows\System32\alg.exe
20:06:32.0163 5712 ALG - ok
20:06:32.0181 5712 [ 9eaef5fc9b8e351afa7e78a6fae91f91 ] aliide C:\Windows\system32\drivers\aliide.sys
20:06:32.0183 5712 aliide - ok
20:06:32.0298 5712 [ 39e9b1f0340404a363d9fb52d4764af8 ] AlotService C:\Users\zoe\AppData\LocalLow\alotservice\alotservice.exe
20:06:32.0303 5712 AlotService - ok
20:06:32.0329 5712 [ c47344bc706e5f0b9dce369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:06:32.0332 5712 amdagp - ok
20:06:32.0351 5712 [ 9b78a39a4c173fdbc1321e0dd659b34c ] amdide C:\Windows\system32\drivers\amdide.sys
20:06:32.0353 5712 amdide - ok
20:06:32.0376 5712 [ 18f29b49ad23ecee3d2a826c725c8d48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:06:32.0380 5712 AmdK7 - ok
20:06:32.0401 5712 [ 93ae7f7dd54ab986a6f1a1b37be7442d ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:06:32.0404 5712 AmdK8 - ok
20:06:32.0445 5712 [ c6d704c7f0434dc791aac37cac4b6e14 ] Appinfo C:\Windows\System32\appinfo.dll
20:06:32.0447 5712 Appinfo - ok
20:06:32.0533 5712 [ 43dc4fc662df064535e30b17c8b5ab00 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
20:06:32.0538 5712 Apple Mobile Device - ok
20:06:32.0572 5712 [ 5d2888182fb46632511acee92fdad522 ] arc C:\Windows\system32\drivers\arc.sys
20:06:32.0575 5712 arc - ok
20:06:32.0611 5712 [ 5e2a321bd7c8b3624e41fdec3e244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:06:32.0614 5712 arcsas - ok
20:06:32.0662 5712 [ 1c1f3d6dddc046c920c493a779649f66 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
20:06:32.0663 5712 aswFsBlk - ok
20:06:32.0722 5712 [ 81e695913fefd4e23360a69c0f151797 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
20:06:32.0724 5712 aswKbd - ok
20:06:32.0775 5712 [ a48d8015af2a0d8b4937613ffbfd28de ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
20:06:32.0778 5712 aswMonFlt - ok
20:06:32.0797 5712 [ 982e275d1c5801042fe94209fb0160fb ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
20:06:32.0799 5712 aswRdr - ok
20:06:32.0854 5712 [ 73dbcf808e00580f2a47f93dd9b03876 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
20:06:32.0865 5712 aswSnx - ok
20:06:32.0899 5712 [ 6cbd7d3a33f498d09c831cdd732da2e0 ] aswSP C:\Windows\system32\drivers\aswSP.sys
20:06:32.0906 5712 aswSP - ok
20:06:32.0922 5712 [ 7109a9aa551f37cd168c02368465957e ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
20:06:32.0925 5712 aswTdi - ok
20:06:32.0940 5712 [ 53b202abee6455406254444303e87be1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:06:32.0946 5712 AsyncMac - ok
20:06:32.0980 5712 [ 1f05b78ab91c9075565a9d8a4b880bc4 ] atapi C:\Windows\system32\drivers\atapi.sys
20:06:32.0981 5712 atapi - ok
20:06:33.0033 5712 [ e612bf8f5e3466239c0e595dd70b5b9d ] atashost C:\Windows\system32\atashost.exe
20:06:33.0036 5712 atashost - ok
20:06:33.0101 5712 [ 68e2a1a0407a66cf50da0300852424ab ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:06:33.0108 5712 AudioEndpointBuilder - ok
20:06:33.0118 5712 [ 68e2a1a0407a66cf50da0300852424ab ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:06:33.0122 5712 Audiosrv - ok
20:06:33.0252 5712 [ 2f7c0f3e39c45e0127fb78b2f18a41f3 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
20:06:33.0254 5712 avast! Antivirus - ok
20:06:33.0290 5712 avast! Firewall - ok
20:06:33.0350 5712 [ 67e506b75bd5326a3ec7b70bd014dfb6 ] Beep C:\Windows\system32\drivers\Beep.sys
20:06:33.0351 5712 Beep - ok
20:06:33.0397 5712 [ c789af0f724fda5852fb9a7d3a432381 ] BFE C:\Windows\System32\bfe.dll
20:06:33.0404 5712 BFE - ok
20:06:33.0462 5712 [ 93952506c6d67330367f7e7934b6a02f ] BITS C:\Windows\System32\qmgr.dll
20:06:33.0481 5712 BITS - ok
20:06:33.0502 5712 [ d4df28447741fd3d953526e33a617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:06:33.0505 5712 blbdrive - ok
20:06:33.0565 5712 [ 3f56903e124e820aeece6d471583c6c1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:06:33.0571 5712 Bonjour Service - ok
20:06:33.0599 5712 [ 35f376253f687bde63976ccb3f2108ca ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:06:33.0602 5712 bowser - ok
20:06:33.0640 5712 [ 9f9acc7f7ccde8a15c282d3f88b43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:06:33.0642 5712 BrFiltLo - ok
20:06:33.0662 5712 [ 56801ad62213a41f6497f96dee83755a ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:06:33.0663 5712 BrFiltUp - ok
20:06:33.0698 5712 [ a3629a0c4226f9e9c72faaeebc3ad33c ] Browser C:\Windows\System32\browser.dll
20:06:33.0701 5712 Browser - ok
20:06:33.0732 5712 [ b304e75cff293029eddf094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:06:33.0735 5712 Brserid - ok
20:06:33.0763 5712 [ 203f0b1e73adadbbb7b7b1fabd901f6b ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:06:33.0766 5712 BrSerWdm - ok
20:06:33.0804 5712 [ bd456606156ba17e60a04e18016ae54b ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:06:33.0806 5712 BrUsbMdm - ok
20:06:33.0826 5712 [ af72ed54503f717a43268b3cc5faec2e ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:06:33.0829 5712 BrUsbSer - ok
20:06:33.0852 5712 [ ad07c1ec6665b8b35741ab91200c6b68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:06:33.0854 5712 BTHMODEM - ok
20:06:33.0907 5712 [ 7add03e75beb9e6dd102c3081d29840a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:06:33.0931 5712 cdfs - ok
20:06:34.0014 5712 [ 6b4bffb9becd728097024276430db314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:06:34.0073 5712 cdrom - ok
20:06:34.0203 5712 [ 312ec3e37a0a1f2006534913e37b4423 ] CertPropSvc C:\Windows\System32\certprop.dll
20:06:34.0230 5712 CertPropSvc - ok
20:06:34.0275 5712 [ e5d4133f37219dbcfe102bc61072589d ] circlass C:\Windows\system32\drivers\circlass.sys
20:06:34.0277 5712 circlass - ok
20:06:34.0317 5712 [ d7659d3b5b92c31e84e53c1431f35132 ] CLFS C:\Windows\system32\CLFS.sys
20:06:34.0323 5712 CLFS - ok
20:06:34.0375 5712 [ 8ee772032e2fe80a924f3b8dd5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:06:34.0380 5712 clr_optimization_v2.0.50727_32 - ok
20:06:34.0455 5712 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:06:34.0505 5712 clr_optimization_v4.0.30319_32 - ok
20:06:34.0539 5712 [ 0ca25e686a4928484e9fdabd168ab629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:06:34.0541 5712 cmdide - ok
20:06:34.0594 5712 [ e645c205d9332b52178c33038b46a6f5 ] CoachUsb C:\Windows\system32\DRIVERS\CoachUsb.sys
20:06:34.0597 5712 CoachUsb - ok
20:06:34.0631 5712 [ 7aefe82c02d4933cee4b7cb78c409845 ] CoachVid C:\Windows\system32\DRIVERS\CoachVid.sys
20:06:34.0634 5712 CoachVid - ok
20:06:34.0661 5712 [ 6afef0b60fa25de07c0968983ee4f60a ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:06:34.0663 5712 Compbatt - ok
20:06:34.0673 5712 COMSysApp - ok
20:06:34.0712 5712 [ 741e9dff4f42d2d8477d0fc1dc0df871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:06:34.0713 5712 crcdisk - ok
20:06:34.0736 5712 [ 1f07becdca750766a96cda811ba86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:06:34.0738 5712 Crusoe - ok
20:06:34.0805 5712 [ 75c6a297e364014840b48eccd7525e30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:06:34.0810 5712 CryptSvc - ok
20:06:34.0876 5712 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:06:34.0892 5712 DcomLaunch - ok
20:06:34.0922 5712 [ 622c41a07ca7e6dd91770f50d532cb6c ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:06:34.0925 5712 DfsC - ok
20:06:35.0018 5712 [ 2cc3dcfb533a1035b13dcab6160ab38b ] DFSR C:\Windows\system32\DFSR.exe
20:06:35.0053 5712 DFSR - ok
20:06:35.0118 5712 [ 9028559c132146fb75eb7acf384b086a ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:06:35.0124 5712 Dhcp - ok
20:06:35.0173 5712 [ 5d4aefc3386920236a548271f8f1af6a ] disk C:\Windows\system32\drivers\disk.sys
20:06:35.0175 5712 disk - ok
20:06:35.0222 5712 [ 57d762f6f5974af0da2be88a3349baaa ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:06:35.0246 5712 Dnscache - ok
20:06:35.0284 5712 [ 324fd74686b1ef5e7c19a8af49e748f6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:06:35.0290 5712 dot3svc - ok
20:06:35.0326 5712 [ a622e888f8aa2f6b49e9bc466f0e5def ] DPS C:\Windows\system32\dps.dll
20:06:35.0331 5712 DPS - ok
20:06:35.0388 5712 [ 97fef831ab90bee128c9af390e243f80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:06:35.0390 5712 drmkaud - ok
20:06:35.0430 5712 [ c68ac676b0ef30cfbb1080adce49eb1f ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:06:35.0440 5712 DXGKrnl - ok
20:06:35.0478 5712 [ 5425f74ac0c1dbd96a1e04f17d63f94c ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:06:35.0482 5712 E1G60 - ok
20:06:35.0549 5712 [ c0b95e40d85cd807d614e264248a45b9 ] EapHost C:\Windows\System32\eapsvc.dll
20:06:35.0552 5712 EapHost - ok
20:06:35.0611 5712 [ 7f64ea048dcfac7acf8b4d7b4e6fe371 ] Ecache C:\Windows\system32\drivers\ecache.sys
20:06:35.0615 5712 Ecache - ok
20:06:35.0673 5712 [ 9be3744d295a7701eb425332014f0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:06:35.0680 5712 ehRecvr - ok
20:06:35.0694 5712 [ ad1870c8e5d6dd340c829e6074bf3c3f ] ehSched C:\Windows\ehome\ehsched.exe
20:06:35.0698 5712 ehSched - ok
20:06:35.0709 5712 [ c27c4ee8926e74aa72efcab24c5242c3 ] ehstart C:\Windows\ehome\ehstart.dll
20:06:35.0712 5712 ehstart - ok
20:06:35.0756 5712 [ 23b62471681a124889978f6295b3f4c6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:06:35.0763 5712 elxstor - ok
20:06:35.0814 5712 [ 4e6b23dfc917ea39306b529b773950f4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:06:35.0826 5712 EMDMgmt - ok
20:06:35.0859 5712 [ 3db974f3935483555d7148663f726c61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:06:35.0861 5712 ErrDev - ok
20:06:35.0899 5712 [ 67058c46504bc12d821f38cf99b7b28f ] EventSystem C:\Windows\system32\es.dll
20:06:35.0906 5712 EventSystem - ok
20:06:35.0965 5712 [ 22b408651f9123527bcee54b4f6c5cae ] exfat C:\Windows\system32\drivers\exfat.sys
20:06:35.0969 5712 exfat - ok
20:06:36.0009 5712 [ 1e9b9a70d332103c52995e957dc09ef8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:06:36.0013 5712 fastfat - ok
20:06:36.0040 5712 [ afe1e8b9782a0dd7fb46bbd88e43f89a ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:06:36.0042 5712 fdc - ok
20:06:36.0079 5712 [ 6629b5f0e98151f4afdd87567ea32ba3 ] fdPHost C:\Windows\system32\fdPHost.dll
20:06:36.0082 5712 fdPHost - ok
20:06:36.0102 5712 [ 89ed56dce8e47af40892778a5bd31fd2 ] FDResPub C:\Windows\system32\fdrespub.dll
20:06:36.0106 5712 FDResPub - ok
20:06:36.0153 5712 [ a8c0139a884861e3aae9cfe73b208a9f ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:06:36.0155 5712 FileInfo - ok
20:06:36.0174 5712 [ 0ae429a696aecbc5970e3cf2c62635ae ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:06:36.0177 5712 Filetrace - ok
20:06:36.0197 5712 [ 85b7cf99d532820495d68d747fda9ebd ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:06:36.0199 5712 flpydisk - ok
20:06:36.0239 5712 [ 01334f9ea68e6877c4ef05d3ea8abb05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:06:36.0244 5712 FltMgr - ok
20:06:36.0348 5712 [ 8ce364388c8eca59b14b539179276d44 ] FontCache C:\Windows\system32\FntCache.dll
20:06:36.0363 5712 FontCache - ok
20:06:36.0424 5712 [ c7fbdd1ed42f82bfa35167a5c9803ea3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:06:36.0428 5712 FontCache3.0.0.0 - ok
20:06:36.0471 5712 [ b0082808a6856a252f7cdd939892ce50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:06:36.0475 5712 fssfltr - ok
20:06:36.0564 5712 [ 28ddeeec44e988657b732cf404d504cb ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:06:36.0589 5712 fsssvc - ok
20:06:36.0620 5712 [ b972a66758577e0bfd1de0f91aaa27b5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:06:36.0622 5712 Fs_Rec - ok
20:06:36.0643 5712 FXDrv32 - ok
20:06:36.0696 5712 [ 34582a6e6573d54a07ece5fe24a126b5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:06:36.0699 5712 gagp30kx - ok
20:06:36.0746 5712 [ f2f431d1573ee632975c524418655b84 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:06:36.0748 5712 GEARAspiWDM - ok
20:06:36.0797 5712 [ cd5d0aeee35dfd4e986a5aa1500a6e66 ] gpsvc C:\Windows\System32\gpsvc.dll
20:06:36.0810 5712 gpsvc - ok
20:06:36.0885 5712 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:06:36.0890 5712 gupdate - ok
20:06:36.0898 5712 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:06:36.0900 5712 gupdatem - ok
20:06:37.0040 5712 [ cc839e8d766cc31a7710c9f38cf3e375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:06:37.0069 5712 gusvc - ok
20:06:37.0203 5712 [ cb04c744be0a61b1d648faed182c3b59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:06:37.0228 5712 HdAudAddService - ok
20:06:37.0414 5712 [ 062452b7ffd68c8c042a6261fe8dff4a ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:06:37.0435 5712 HDAudBus - ok
20:06:37.0489 5712 [ 1338520e78d90154ed6be8f84de5fceb ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:06:37.0491 5712 HidBth - ok
20:06:37.0513 5712 [ ff3160c3a2445128c5a6d9b076da519e ] HidIr C:\Windows\system32\drivers\hidir.sys
20:06:37.0515 5712 HidIr - ok
20:06:37.0543 5712 [ 84067081f3318162797385e11a8f0582 ] hidserv C:\Windows\system32\hidserv.dll
20:06:37.0547 5712 hidserv - ok
20:06:37.0576 5712 [ cca4b519b17e23a00b826c55716809cc ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:06:37.0578 5712 HidUsb - ok
20:06:37.0607 5712 [ d8ad255b37da92434c26e4876db7d418 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:06:37.0613 5712 hkmsvc - ok
20:06:37.0634 5712 [ 16ee7b23a009e00d835cdb79574a91a6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:06:37.0637 5712 HpCISSs - ok
20:06:37.0677 5712 [ f870aa3e254628ebeafe754108d664de ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:06:37.0684 5712 HTTP - ok
20:06:37.0715 5712 [ c6b032d69650985468160fc9937cf5b4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:06:37.0717 5712 i2omp - ok
20:06:37.0769 5712 [ 22d56c8184586b7a1f6fa60be5f5a2bd ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:06:37.0771 5712 i8042prt - ok
20:06:37.0808 5712 [ 54155ea1b0df185878e0fc9ec3ac3a14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:06:37.0812 5712 iaStorV - ok
20:06:37.0915 5712 [ 98477b08e61945f974ed9fdc4cb6bdab ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:06:37.0928 5712 idsvc - ok
20:06:38.0021 5712 [ 9378d57e2b96c0a185d844770ad49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:06:38.0049 5712 igfx - ok
20:06:38.0073 5712 [ 2d077bf86e843f901d8db709c95b49a5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:06:38.0075 5712 iirsp - ok
20:06:38.0129 5712 [ a06efd4965f8a3f97a8c9a291d032678 ] IJPLMSVC C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:06:38.0132 5712 IJPLMSVC - ok
20:06:38.0176 5712 [ 9908d8a397b76cd8d31d0d383c5773c9 ] IKEEXT C:\Windows\System32\ikeext.dll
20:06:38.0184 5712 IKEEXT - ok
20:06:38.0254 5712 [ ffd2b3bc042596abe785d3c15f51ab46 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:06:38.0288 5712 IntcAzAudAddService - ok
20:06:38.0341 5712 [ 83aa759f3189e6370c30de5dc5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
20:06:38.0343 5712 intelide - ok
20:06:38.0378 5712 [ 224191001e78c89dfa78924c3ea595ff ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:06:38.0380 5712 intelppm - ok
20:06:38.0429 5712 [ 9ac218c6e6105477484c6fdbe7d409a4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:06:38.0433 5712 IPBusEnum - ok
20:06:38.0444 5712 [ 62c265c38769b864cb25b4bcf62df6c3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:06:38.0446 5712 IpFilterDriver - ok
20:06:38.0480 5712 [ 1998bd97f950680bb55f55a7244679c2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:06:38.0485 5712 iphlpsvc - ok
20:06:38.0497 5712 IpInIp - ok
20:06:38.0528 5712 [ b25aaf203552b7b3491139d582b39ad1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:06:38.0531 5712 IPMIDRV - ok
20:06:38.0553 5712 [ 8793643a67b42cec66490b2a0cf92d68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:06:38.0558 5712 IPNAT - ok
20:06:38.0599 5712 [ f055c1760abfa52b159985e551ea0edc ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:06:38.0611 5712 iPod Service - ok
20:06:38.0648 5712 [ e50a95179211b12946f7e035d60af560 ] irda C:\Windows\system32\DRIVERS\irda.sys
20:06:38.0651 5712 irda - ok
20:06:38.0664 5712 [ 109c0dfb82c3632fbd11949b73aeeac9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:06:38.0666 5712 IRENUM - ok
20:06:38.0684 5712 [ cbb0d940221a281bcfeaea695bd1cda5 ] Irmon C:\Windows\System32\irmon.dll
20:06:38.0689 5712 Irmon - ok
20:06:38.0717 5712 [ 5896b5ff6332ab2be1582523e9656a67 ] irsir C:\Windows\system32\DRIVERS\irsir.sys
20:06:38.0720 5712 irsir - ok
20:06:38.0738 5712 [ 6c70698a3e5c4376c6ab5c7c17fb0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:06:38.0741 5712 isapnp - ok
20:06:38.0789 5712 [ 232fa340531d940aac623b121a595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:06:38.0793 5712 iScsiPrt - ok
20:06:38.0818 5712 [ bced60d16156e428f8df8cf27b0df150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:06:38.0822 5712 iteatapi - ok
20:06:38.0865 5712 [ 06fa654504a498c30adca8bec4e87e7e ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:06:38.0867 5712 iteraid - ok
20:06:38.0893 5712 [ 37605e0a8cf00cbba538e753e4344c6e ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:06:38.0895 5712 kbdclass - ok
20:06:38.0924 5712 [ 18247836959ba67e3511b62846b9c2e0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:06:38.0926 5712 kbdhid - ok
20:06:38.0949 5712 [ a3e186b4b935905b829219502557314e ] KeyIso C:\Windows\system32\lsass.exe
20:06:38.0955 5712 KeyIso - ok
20:06:38.0994 5712 [ 4a1445efa932a3baf5bdb02d7131ee20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:06:39.0002 5712 KSecDD - ok
20:06:39.0033 5712 [ 8078f8f8f7a79e2e6b494523a828c585 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:06:39.0043 5712 KtmRm - ok
20:06:39.0072 5712 [ 1bf5eebfd518dd7298434d8c862f825d ] LanmanServer C:\Windows\system32\srvsvc.dll
20:06:39.0082 5712 LanmanServer - ok
20:06:39.0131 5712 [ 1db69705b695b987082c8baec0c6b34f ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:06:39.0142 5712 LanmanWorkstation - ok
20:06:39.0161 5712 [ d1c5883087a0c3f1344d9d55a44901f6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:06:39.0164 5712 lltdio - ok
20:06:39.0203 5712 [ 2d5a428872f1442631d0959a34abff63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:06:39.0210 5712 lltdsvc - ok
20:06:39.0237 5712 [ 35d40113e4a5b961b6ce5c5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:06:39.0242 5712 lmhosts - ok
20:06:39.0282 5712 [ 4f69faaabb7db0d43e327c0b6aab40fc ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
20:06:39.0284 5712 LMIInfo - ok
20:06:39.0315 5712 [ 500f1e4461075d602ce77109a9a3d634 ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
20:06:39.0319 5712 LMIMaint - ok
20:06:39.0361 5712 [ 4477689e2d8ae6b78ba34c9af4cc1ed1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
20:06:39.0363 5712 lmimirr - ok
20:06:39.0390 5712 LMIRfsClientNP - ok
20:06:39.0413 5712 [ 3faa563ddf853320f90259d455a01d79 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
20:06:39.0415 5712 LMIRfsDriver - ok
20:06:39.0436 5712 [ 9015122d04c195bdab88febcbae229db ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
20:06:39.0439 5712 LogMeIn - ok
20:06:39.0472 5712 [ c7e15e82879bf3235b559563d4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:06:39.0476 5712 LSI_FC - ok
20:06:39.0507 5712 [ ee01ebae8c9bf0fa072e0ff68718920a ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:06:39.0510 5712 LSI_SAS - ok
20:06:39.0539 5712 [ 912a04696e9ca30146a62afa1463dd5c ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:06:39.0543 5712 LSI_SCSI - ok
20:06:39.0557 5712 [ 8f5c7426567798e62a3b3614965d62cc ] luafv C:\Windows\system32\drivers\luafv.sys
20:06:39.0560 5712 luafv - ok
20:06:39.0658 5712 [ 67b6f4e0db57dd2020a2415294ba4ed8 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
20:06:39.0663 5712 McciCMService - ok
20:06:39.0693 5712 [ aef9babb8a506bc4ce0451a64aaded46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:06:39.0696 5712 Mcx2Svc - ok
20:06:39.0734 5712 [ 0001ce609d66632fa17b84705f658879 ] megasas C:\Windows\system32\drivers\megasas.sys
20:06:39.0737 5712 megasas - ok
20:06:39.0774 5712 [ c252f32cd9a49dbfc25ecf26ebd51a99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
20:06:39.0780 5712 MegaSR - ok
20:06:39.0816 5712 [ 1076ffcffaae8385fd62dfcb25ac4708 ] MMCSS C:\Windows\system32\mmcss.dll
20:06:39.0819 5712 MMCSS - ok
20:06:39.0840 5712 [ e13b5ea0f51ba5b1512ec671393d09ba ] Modem C:\Windows\system32\drivers\modem.sys
20:06:39.0841 5712 Modem - ok
20:06:39.0881 5712 [ 0a9bb33b56e294f686abb7c1e4e2d8a8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:06:39.0885 5712 monitor - ok
20:06:39.0900 5712 [ 5bf6a1326a335c5298477754a506d263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:06:39.0901 5712 mouclass - ok
20:06:39.0959 5712 [ baa4ed3c323bee7ebc144c7d232220a8 ] moufiltr C:\Windows\system32\DRIVERS\moufiltr.sys
20:06:39.0960 5712 moufiltr - ok
20:06:39.0980 5712 [ 93b8d4869e12cfbe663915502900876f ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:06:39.0981 5712 mouhid - ok
20:06:39.0999 5712 [ bdafc88aa6b92f7842416ea6a48e1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:06:40.0002 5712 MountMgr - ok
20:06:40.0027 5712 [ 511d011289755dd9f9a7579fb0b064e6 ] mpio C:\Windows\system32\drivers\mpio.sys
20:06:40.0030 5712 mpio - ok
20:06:40.0051 5712 [ 22241feba9b2defa669c8cb0a8dd7d2e ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:06:40.0054 5712 mpsdrv - ok
20:06:40.0261 5712 [ 5de62c6e9108f14f6794060a9bdecaec ] MpsSvc C:\Windows\system32\mpssvc.dll
20:06:40.0440 5712 MpsSvc - ok
20:06:40.0510 5712 [ 4fbbb70d30fd20ec51f80061703b001e ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:06:40.0522 5712 Mraid35x - ok
20:06:40.0645 5712 [ 9bd4dcb5412921864a7aacdedfbd1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
20:06:40.0672 5712 MREMP50 - ok
20:06:40.0678 5712 MREMP50a64 - ok
20:06:40.0691 5712 MREMPR5 - ok
20:06:40.0704 5712 MRENDIS5 - ok
20:06:40.0773 5712 [ 07c02c892e8e1a72d6bf35004f0e9c5e ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
20:06:40.0795 5712 MRESP50 - ok
20:06:40.0802 5712 MRESP50a64 - ok
20:06:40.0873 5712 [ 82cea0395524aacfeb58ba1448e8325c ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:06:40.0905 5712 MRxDAV - ok
20:06:40.0940 5712 [ 1e94971c4b446ab2290deb71d01cf0c2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:06:40.0979 5712 mrxsmb - ok
20:06:41.0069 5712 [ 4fccb34d793b116423209c0f8b7a3b03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:06:41.0099 5712 mrxsmb10 - ok
20:06:41.0125 5712 [ c3cb1b40ad4a0124d617a1199b0b9d7c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:06:41.0149 5712 mrxsmb20 - ok
20:06:41.0223 5712 [ 28023e86f17001f7cd9b15a5bc9ae07d ] msahci C:\Windows\system32\drivers\msahci.sys
20:06:41.0253 5712 msahci - ok
20:06:41.0452 5712 [ a5fe164169e82e446d717511b390d5d2 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
20:06:41.0669 5712 MSCSPTISRV - ok
20:06:41.0715 5712 [ 4468b0f385a86ecddaf8d3ca662ec0e7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:06:41.0749 5712 msdsm - ok
20:06:41.0810 5712 [ fd7520cc3a80c5fc8c48852bb24c6ded ] MSDTC C:\Windows\System32\msdtc.exe
20:06:41.0861 5712 MSDTC - ok
20:06:41.0909 5712 [ a9927f4a46b816c92f461acb90cf8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:06:41.0912 5712 Msfs - ok
20:06:41.0973 5712 [ 0f400e306f385c56317357d6dea56f62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:06:41.0985 5712 msisadrv - ok
20:06:42.0029 5712 [ 85466c0757a23d9a9aecdc0755203cb2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:06:42.0059 5712 MSiSCSI - ok
20:06:42.0072 5712 msiserver - ok
20:06:42.0132 5712 [ d8c63d34d9c9e56c059e24ec7185cc07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:06:42.0153 5712 MSKSSRV - ok
20:06:42.0191 5712 [ 1d373c90d62ddb641d50e55b9e78d65e ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:06:42.0216 5712 MSPCLOCK - ok
20:06:42.0238 5712 [ b572da05bf4e098d4bba3a4734fb505b ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:06:42.0261 5712 MSPQM - ok
20:06:42.0308 5712 [ b49456d70555de905c311bcda6ec6adb ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:06:42.0339 5712 MsRPC - ok
20:06:42.0387 5712 [ e384487cb84be41d09711c30ca79646c ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:06:42.0408 5712 mssmbios - ok
20:06:42.0456 5712 [ 7199c1eec1e4993caf96b8c0a26bd58a ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:06:42.0481 5712 MSTEE - ok
20:06:42.0509 5712 [ 6a57b5733d4cb702c8ea4542e836b96c ] Mup C:\Windows\system32\Drivers\mup.sys
20:06:42.0563 5712 Mup - ok
20:06:42.0699 5712 [ e4eaf0c5c1b41b5c83386cf212ca9584 ] napagent C:\Windows\system32\qagentRT.dll
20:06:42.0734 5712 napagent - ok
20:06:42.0827 5712 [ 85c44fdff9cf7e72a40dcb7ec06a4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:06:42.0850 5712 NativeWifiP - ok
20:06:42.0931 5712 [ 1357274d1883f68300aeadd15d7bbb42 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:06:42.0941 5712 NDIS - ok
20:06:42.0973 5712 [ 0e186e90404980569fb449ba7519ae61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:06:42.0975 5712 NdisTapi - ok
20:06:42.0995 5712 [ d6973aa34c4d5d76c0430b181c3cd389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:06:42.0997 5712 Ndisuio - ok
20:06:43.0035 5712 [ 818f648618ae34f729fdb47ec68345c3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:06:43.0038 5712 NdisWan - ok
20:06:43.0058 5712 [ 71dab552b41936358f3b541ae5997fb3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:06:43.0061 5712 NDProxy - ok
20:06:43.0081 5712 [ bcd093a5a6777cf626434568dc7dba78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:06:43.0085 5712 NetBIOS - ok
20:06:43.0145 5712 [ ecd64230a59cbd93c85f1cd1cab9f3f6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:06:43.0150 5712 netbt - ok
20:06:43.0163 5712 [ a3e186b4b935905b829219502557314e ] Netlogon C:\Windows\system32\lsass.exe
20:06:43.0169 5712 Netlogon - ok
20:06:43.0198 5712 [ c8052711daecc48b982434c5116ca401 ] Netman C:\Windows\System32\netman.dll
20:06:43.0209 5712 Netman - ok
20:06:43.0226 5712 [ 2ef3bbe22e5a5acd1428ee387a0d0172 ] netprofm C:\Windows\System32\netprofm.dll
20:06:43.0238 5712 netprofm - ok
20:06:43.0262 5712 [ d6c4e4a39a36029ac0813d476fbd0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:06:43.0266 5712 NetTcpPortSharing - ok
20:06:43.0285 5712 [ 2e7fb731d4790a1bc6270accefacb36e ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:06:43.0288 5712 nfrd960 - ok
20:06:43.0323 5712 [ 2997b15415f9bbe05b5a4c1c85e0c6a2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:06:43.0331 5712 NlaSvc - ok
20:06:43.0352 5712 [ d36f239d7cce1931598e8fb90a0dbc26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:06:43.0355 5712 Npfs - ok
20:06:43.0378 5712 [ 8bb86f0c7eea2bded6fe095d0b4ca9bd ] nsi C:\Windows\system32\nsisvc.dll
20:06:43.0385 5712 nsi - ok
20:06:43.0400 5712 [ 609773e344a97410ce4ebf74a8914fcf ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:06:43.0402 5712 nsiproxy - ok
20:06:43.0462 5712 [ 6a4a98cee84cf9e99564510dda4baa47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:06:43.0481 5712 Ntfs - ok
20:06:43.0503 5712 [ e875c093aec0c978a90f30c9e0dfbb72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:06:43.0505 5712 ntrigdigi - ok
20:06:43.0526 5712 [ c5dbbcda07d780bda9b685df333bb41e ] Null C:\Windows\system32\drivers\Null.sys
20:06:43.0528 5712 Null - ok
20:06:43.0556 5712 [ 2edf9e7751554b42cbb60116de727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:06:43.0560 5712 nvraid - ok
20:06:43.0569 5712 [ abed0c09758d1d97db0042dbb2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:06:43.0572 5712 nvstor - ok
20:06:43.0596 5712 [ 18bbdf913916b71bd54575bdb6eeac0b ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:06:43.0600 5712 nv_agp - ok
20:06:43.0609 5712 NwlnkFlt - ok
20:06:43.0621 5712 NwlnkFwd - ok
20:06:43.0657 5712 [ be32da025a0be1878f0ee8d6d9386cd5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:06:43.0660 5712 ohci1394 - ok
20:06:43.0698 5712 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:06:43.0714 5712 p2pimsvc - ok
20:06:43.0731 5712 [ 0c8e8e61ad1eb0b250b846712c917506 ] p2psvc C:\Windows\system32\p2psvc.dll
20:06:43.0746 5712 p2psvc - ok
20:06:43.0773 5712 [ 2aacb80f75a0683e32cf350b0c60a17f ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
20:06:43.0793 5712 PACSPTISVR - ok
20:06:43.0848 5712 [ 8a79fdf04a73428597e2caf9d0d67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:06:43.0852 5712 Parport - ok
20:06:43.0876 5712 [ b9c2b89f08670e159f7181891e449cd9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:06:43.0879 5712 partmgr - ok
20:06:43.0897 5712 [ 6c580025c81caf3ae9e3617c22cad00e ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:06:43.0900 5712 Parvdm - ok
20:06:43.0933 5712 [ c6276ad11f4bb49b58aa1ed88537f14a ] PcaSvc C:\Windows\System32\pcasvc.dll
20:06:43.0941 5712 PcaSvc - ok
20:06:43.0972 5712 [ 941dc1d19e7e8620f40bbc206981efdb ] pci C:\Windows\system32\drivers\pci.sys
20:06:43.0976 5712 pci - ok
20:06:44.0010 5712 [ fc175f5ddab666d7f4d17449a547626f ] pciide C:\Windows\system32\drivers\pciide.sys
20:06:44.0012 5712 pciide - ok
20:06:44.0037 5712 [ e6f3fb1b86aa519e7698ad05e58b04e5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:06:44.0042 5712 pcmcia - ok
20:06:44.0106 5712 [ 6349f6ed9c623b44b52ea3c63c831a92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:06:44.0120 5712 PEAUTH - ok
20:06:44.0195 5712 [ b1689df169143f57053f795390c99db3 ] pla C:\Windows\system32\pla.dll
20:06:44.0227 5712 pla - ok
20:06:44.0256 5712 [ c5e7f8a996ec0a82d508fd9064a5569e ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:06:44.0267 5712 PlugPlay - ok
20:06:44.0299 5712 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:06:44.0314 5712 PNRPAutoReg - ok
20:06:44.0331 5712 [ 0c8e8e61ad1eb0b250b846712c917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:06:44.0344 5712 PNRPsvc - ok
20:06:44.0458 5712 [ d0494460421a03cd5225cca0059aa146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:06:44.0493 5712 PolicyAgent - ok
20:06:44.0574 5712 [ ecfffaec0c1ecd8dbc77f39070ea1db1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:06:44.0577 5712 PptpMiniport - ok
20:06:44.0605 5712 [ 2027293619dd0f047c584cf2e7df4ffd ] Processor C:\Windows\system32\drivers\processr.sys
20:06:44.0608 5712 Processor - ok
20:06:44.0635 5712 [ 0508faa222d28835310b7bfca7a77346 ] ProfSvc C:\Windows\system32\profsvc.dll
20:06:44.0645 5712 ProfSvc - ok
20:06:44.0659 5712 [ a3e186b4b935905b829219502557314e ] ProtectedStorage C:\Windows\system32\lsass.exe
20:06:44.0667 5712 ProtectedStorage - ok
20:06:44.0705 5712 [ 99514faa8df93d34b5589187db3aa0ba ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:06:44.0708 5712 PSched - ok
20:06:44.0738 5712 [ 49452bfcec22f36a7a9b9c2181bc3042 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:06:44.0741 5712 PxHelp20 - ok
20:06:44.0815 5712 [ 0a6db55afb7820c99aa1f3a1d270f4f6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:06:44.0834 5712 ql2300 - ok
20:06:44.0855 5712 [ 81a7e5c076e59995d54bc1ed3a16e60b ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:06:44.0859 5712 ql40xx - ok
20:06:44.0907 5712 [ e9ecae663f47e6cb43962d18ab18890f ] QWAVE C:\Windows\system32\qwave.dll
20:06:44.0918 5712 QWAVE - ok
20:06:44.0934 5712 [ 9f5e0e1926014d17486901c88eca2db7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:06:44.0936 5712 QWAVEdrv - ok
20:06:44.0948 5712 [ 147d7f9c556d259924351feb0de606c3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:06:44.0951 5712 RasAcd - ok
20:06:45.0005 5712 [ f6a452eb4ceadbb51c9e0ee6b3ecef0f ] RasAuto C:\Windows\System32\rasauto.dll
20:06:45.0014 5712 RasAuto - ok
20:06:45.0043 5712 [ a214adbaf4cb47dd2728859ef31f26b0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:06:45.0046 5712 Rasl2tp - ok
20:06:45.0090 5712 [ 75d47445d70ca6f9f894b032fbc64fcf ] RasMan C:\Windows\System32\rasmans.dll
20:06:45.0101 5712 RasMan - ok
20:06:45.0133 5712 [ 509a98dd18af4375e1fc40bc175f1def ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:06:45.0136 5712 RasPppoe - ok
20:06:45.0169 5712 [ 2005f4a1e05fa09389ac85840f0a9e4d ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:06:45.0172 5712 RasSstp - ok
20:06:45.0208 5712 [ b14c9d5b9add2f84f70570bbbfaa7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:06:45.0213 5712 rdbss - ok
20:06:45.0230 5712 [ 89e59be9a564262a3fb6c4f4f1cd9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:06:45.0232 5712 RDPCDD - ok
20:06:45.0263 5712 [ fbc0bacd9c3d7f6956853f64a66e252d ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:06:45.0269 5712 rdpdr - ok
20:06:45.0289 5712 [ 9d91fe5286f748862ecffa05f8a0710c ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:06:45.0291 5712 RDPENCDD - ok
20:06:45.0324 5712 [ c127ebd5afab31524662c48dfceb773a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:06:45.0328 5712 RDPWD - ok
20:06:45.0387 5712 [ bcdd6b4804d06b1f7ebf29e53a57ece9 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:06:45.0394 5712 RemoteAccess - ok
20:06:45.0418 5712 [ 9e6894ea18daff37b63e1005f83ae4ab ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:06:45.0427 5712 RemoteRegistry - ok
20:06:45.0435 5712 [ 5123f83cbc4349d065534eeb6bbdc42b ] RpcLocator C:\Windows\system32\locator.exe
20:06:45.0441 5712 RpcLocator - ok
20:06:45.0473 5712 [ 3b5b4d53fec14f7476ca29a20cc31ac9 ] RpcSs C:\Windows\system32\rpcss.dll
20:06:45.0486 5712 RpcSs - ok
20:06:45.0501 5712 [ 9c508f4074a39e8b4b31d27198146fad ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:06:45.0504 5712 rspndr - ok
20:06:45.0565 5712 [ 2d19a7469ea19993d0c12e627f4530bc ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
20:06:45.0571 5712 RTL8169 - ok
20:06:45.0590 5712 [ a3e186b4b935905b829219502557314e ] SamSs C:\Windows\system32\lsass.exe
20:06:45.0595 5712 SamSs - ok
20:06:45.0619 5712 [ 3ce8f073a557e172b330109436984e30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:06:45.0623 5712 sbp2port - ok
20:06:45.0664 5712 [ 77b7a11a0c3d78d3386398fbbea1b632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:06:45.0673 5712 SCardSvr - ok
20:06:45.0719 5712 [ 1a58069db21d05eb2ab58ee5753ebe8d ] Schedule C:\Windows\system32\schedsvc.dll
20:06:45.0737 5712 Schedule - ok
20:06:45.0756 5712 [ 312ec3e37a0a1f2006534913e37b4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:06:45.0757 5712 SCPolicySvc - ok
20:06:45.0785 5712 [ 716313d9f6b0529d03f726d5aaf6f191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:06:45.0793 5712 SDRSVC - ok
20:06:45.0844 5712 [ 16a252022535b680046f6e34e136d378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:06:45.0848 5712 SeaPort - ok
20:06:45.0867 5712 [ 90a3935d05b494a5a39d37e71f09a677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:06:45.0869 5712 secdrv - ok
20:06:45.0887 5712 [ fd5199d4d8a521005e4b5ee7fe00fa9b ] seclogon C:\Windows\system32\seclogon.dll
20:06:45.0892 5712 seclogon - ok
20:06:45.0906 5712 [ a9bbab5759771e523f55563d6cbe140f ] SENS C:\Windows\System32\sens.dll
20:06:45.0911 5712 SENS - ok
20:06:45.0941 5712 [ ce9ec966638ef0b10b864ddedf62a099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:06:45.0943 5712 Serenum - ok
20:06:45.0958 5712 [ 6d663022db3e7058907784ae14b69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:06:45.0960 5712 Serial - ok
20:06:45.0991 5712 [ 8af3d28a879bf75db53a0ee7a4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:06:45.0993 5712 sermouse - ok
20:06:46.0029 5712 [ d2193326f729b163125610dbf3e17d57 ] SessionEnv C:\Windows\system32\sessenv.dll
20:06:46.0035 5712 SessionEnv - ok
20:06:46.0051 5712 [ 3efa810bdca87f6ecc24f9832243fe86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:06:46.0053 5712 sffdisk - ok
20:06:46.0066 5712 [ e95d451f7ea3e583aec75f3b3ee42dc5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:06:46.0067 5712 sffp_mmc - ok
20:06:46.0085 5712 [ 3d0ea348784b7ac9ea9bd9f317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:06:46.0087 5712 sffp_sd - ok
20:06:46.0125 5712 [ 46ed8e91793b2e6f848015445a0ac188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:06:46.0127 5712 sfloppy - ok
20:06:46.0162 5712 [ e1499bd0ff76b1b2fbbf1af339d91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:06:46.0168 5712 SharedAccess - ok
20:06:46.0202 5712 [ c7230fbee14437716701c15be02c27b8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:06:46.0209 5712 ShellHWDetection - ok
20:06:46.0227 5712 [ 1d76624a09a054f682d746b924e2dbc3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:06:46.0230 5712 sisagp - ok
20:06:46.0251 5712 [ 43cb7aa756c7db280d01da9b676cfde2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:06:46.0253 5712 SiSRaid2 - ok
20:06:46.0282 5712 [ a99c6c8b0baa970d8aa59ddc50b57f94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:06:46.0284 5712 SiSRaid4 - ok
20:06:46.0382 5712 [ 862bb4cbc05d80c5b45be430e5ef872f ] slsvc C:\Windows\system32\SLsvc.exe
20:06:46.0441 5712 slsvc - ok
20:06:46.0494 5712 [ 6edc422215cd78aa8a9cde6b30abbd35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:06:46.0500 5712 SLUINotify - ok
20:06:46.0528 5712 [ 7b75299a4d201d6a6533603d6914ab04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:06:46.0531 5712 Smb - ok
20:06:46.0570 5712 [ 2a146a055b4401c16ee62d18b8e2a032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:06:46.0574 5712 SNMPTRAP - ok
20:06:47.0066 5712 [ f8e7411b26530e34d1ddc82f8a6b741a ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
20:06:47.0521 5712 SNP2UVC - ok
20:06:47.0721 5712 [ 7aebdeef071fe28b0eef2cdd69102bff ] spldr C:\Windows\system32\drivers\spldr.sys
20:06:47.0804 5712 spldr - ok
20:06:48.0053 5712 [ 8554097e5136c3bf9f69fe578a1b35f4 ] Spooler C:\Windows\System32\spoolsv.exe
20:06:48.0319 5712 Spooler - ok
20:06:48.0444 5712 [ b451765e79957d651fb4b7abb2dd804f ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
20:06:48.0627 5712 SPTISRV - ok
20:06:48.0942 5712 [ 41987f9fc0e61adf54f581e15029ad91 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:06:49.0325 5712 srv - ok
20:06:49.0528 5712 [ ff33aff99564b1aa534f58868cbe41ef ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:06:49.0777 5712 srv2 - ok
20:06:49.0925 5712 [ 7605c0e1d01a08f3ecd743f38b834a44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:06:50.0175 5712 srvnet - ok
20:06:50.0394 5712 [ 03d50b37234967433a5ea5ba72bc0b62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:06:50.0561 5712 SSDPSRV - ok
20:06:50.0853 5712 [ 6f1a32e7b7b30f004d9a20afadb14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:06:50.0989 5712 SstpSvc - ok
20:06:51.0358 5712 [ 5de7d67e49b88f5f07f3e53c4b92a352 ] stisvc C:\Windows\System32\wiaservc.dll
20:06:51.0857 5712 stisvc - ok
20:06:52.0031 5712 [ 7ba58ecf0c0a9a69d44b3dca62becf56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:06:52.0374 5712 swenum - ok
20:06:52.0691 5712 [ f21fd248040681cca1fb6c9a03aaa93d ] swprv C:\Windows\System32\swprv.dll
20:06:52.0749 5712 swprv - ok
20:06:52.0905 5712 [ 192aa3ac01df071b541094f251deed10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:06:52.0944 5712 Symc8xx - ok
20:06:53.0159 5712 [ 8c8eb8c76736ebaf3b13b633b2e64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:06:53.0225 5712 Sym_hi - ok
20:06:53.0295 5712 [ 8072af52b5fd103bbba387a1e49f62cb ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:06:53.0320 5712 Sym_u3 - ok
20:06:53.0480 5712 [ 9a51b04e9886aa4ee90093586b0ba88d ] SysMain C:\Windows\system32\sysmain.dll
20:06:53.0566 5712 SysMain - ok
20:06:53.0613 5712 [ 2dca225eae15f42c0933e998ee0231c3 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:06:53.0647 5712 TabletInputService - ok
20:06:53.0713 5712 [ d7673e4b38ce21ee54c59eeeb65e2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:06:53.0744 5712 TapiSrv - ok
20:06:53.0802 5712 [ cb05822cd9cc6c688168e113c603dbe7 ] TBS C:\Windows\System32\tbssvc.dll
20:06:53.0829 5712 TBS - ok
20:06:54.0138 5712 [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:06:54.0201 5712 Tcpip - ok
20:06:54.0295 5712 [ 27d470dabc77bc60d0a3b0e4deb6cb91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:06:54.0306 5712 Tcpip6 - ok
20:06:54.0396 5712 [ 608c345a255d82a6289c2d468eb41fd7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:06:54.0430 5712 tcpipreg - ok
20:06:54.0496 5712 [ 5dcf5e267be67a1ae926f2df77fbcc56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:06:54.0515 5712 TDPIPE - ok
20:06:54.0540 5712 [ 389c63e32b3cefed425b61ed92d3f021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:06:54.0570 5712 TDTCP - ok
20:06:54.0626 5712 [ 76b06eb8a01fc8624d699e7045303e54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:06:54.0666 5712 tdx - ok
20:06:54.0689 5712 [ 3cad38910468eab9a6479e2f01db43c7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:06:54.0717 5712 TermDD - ok
20:06:54.0888 5712 [ bb95da09bef6e7a131bff3ba5032090d ] TermService C:\Windows\System32\termsrv.dll
20:06:54.0968 5712 TermService - ok
20:06:55.0096 5712 [ c7230fbee14437716701c15be02c27b8 ] Themes C:\Windows\system32\shsvcs.dll
20:06:55.0165 5712 Themes - ok
20:06:55.0192 5712 [ 1076ffcffaae8385fd62dfcb25ac4708 ] THREADORDER C:\Windows\system32\mmcss.dll
20:06:55.0203 5712 THREADORDER - ok
20:06:55.0265 5712 [ ec74e77d0eb004bd3a809b5f8fb8c2ce ] TrkWks C:\Windows\System32\trkwks.dll
20:06:55.0295 5712 TrkWks - ok
20:06:55.0390 5712 [ 97d9d6a04e3ad9b6c626b9931db78dba ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:06:55.0437 5712 TrustedInstaller - ok
20:06:55.0474 5712 [ dcf0f056a2e4f52287264f5ab29cf206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:06:55.0488 5712 tssecsrv - ok
20:06:55.0505 5712 [ caecc0120ac49e3d2f758b9169872d38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:06:55.0507 5712 tunmp - ok
20:06:55.0559 5712 [ 300db877ac094feab0be7688c3454a9c ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:06:55.0562 5712 tunnel - ok
20:06:55.0577 5712 [ 7d33c4db2ce363c8518d2dfcf533941f ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:06:55.0581 5712 uagp35 - ok
20:06:55.0620 5712 [ d9728af68c4c7693cb100b8441cbdec6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:06:55.0625 5712 udfs - ok
20:06:55.0661 5712 [ ecef404f62863755951e09c802c94ad5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:06:55.0670 5712 UI0Detect - ok
20:06:55.0686 5712 [ b0acfdc9e4af279e9116c03e014b2b27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:06:55.0690 5712 uliagpkx - ok
20:06:55.0717 5712 [ 9224bb254f591de4ca8d572a5f0d635c ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:06:55.0723 5712 uliahci - ok
20:06:55.0755 5712 [ 8514d0e5cd0534467c5fc61be94a569f ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:06:55.0790 5712 UlSata - ok
20:06:55.0816 5712 [ 38c3c6e62b157a6bc46594fada45c62b ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:06:55.0839 5712 ulsata2 - ok
20:06:55.0866 5712 [ 32cff9f809ae9aed85464492bf3e32d2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:06:55.0869 5712 umbus - ok
20:06:55.0908 5712 [ 88bd96a1baeed33ee8bdf9499c07a841 ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
20:06:55.0910 5712 UMPass - ok
20:06:55.0940 5712 [ 68308183f4ae0be7bf8ecd07cb297999 ] upnphost C:\Windows\System32\upnphost.dll
20:06:55.0952 5712 upnphost - ok
20:06:56.0021 5712 [ 32db9517628ff0d070682aab61e688f0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:06:56.0025 5712 usbaudio - ok
20:06:56.0076 5712 [ caf811ae4c147ffcd5b51750c7f09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:06:56.0079 5712 usbccgp - ok
20:06:56.0100 5712 [ e9476e6c486e76bc4898074768fb7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:06:56.0104 5712 usbcir - ok
20:06:56.0131 5712 [ 79e96c23a97ce7b8f14d310da2db0c9b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:06:56.0135 5712 usbehci - ok
20:06:56.0159 5712 [ 4673bbcb006af60e7abddbe7a130ba42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:06:56.0164 5712 usbhub - ok
20:06:56.0184 5712 [ 38dbc7dd6cc5a72011f187425384388b ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:06:56.0187 5712 usbohci - ok
20:06:56.0221 5712 [ e75c4b5269091d15a2e7dc0b6d35f2f5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:06:56.0223 5712 usbprint - ok
20:06:56.0275 5712 [ a508c9bd8724980512136b039bba65e9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:06:56.0278 5712 usbscan - ok
20:06:56.0301 5712 [ be3da31c191bc222d9ad503c5224f2ad ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:06:56.0305 5712 USBSTOR - ok
20:06:56.0332 5712 [ 814d653efc4d48be3b04a307eceff56f ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:06:56.0336 5712 usbuhci - ok
20:06:56.0360 5712 [ 1509e705f3ac1d474c92454a5c2dd81f ] UxSms C:\Windows\System32\uxsms.dll
20:06:56.0369 5712 UxSms - ok
20:06:56.0400 5712 [ cd88d1b7776dc17a119049742ec07eb4 ] vds C:\Windows\System32\vds.exe
20:06:56.0414 5712 vds - ok
20:06:56.0466 5712 [ 87b06e1f30b749a114f74622d013f8d4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:06:56.0469 5712 vga - ok
20:06:56.0490 5712 [ 2e93ac0a1d8c79d019db6c51f036636c ] VgaSave C:\Windows\System32\drivers\vga.sys
20:06:56.0493 5712 VgaSave - ok
20:06:56.0513 5712 [ 5d7159def58a800d5781ba3a879627bc ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:06:56.0517 5712 viaagp - ok
20:06:56.0536 5712 [ c4f3a691b5bad343e6249bd8c2d45dee ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:06:56.0539 5712 ViaC7 - ok
20:06:56.0559 5712 [ aadf5587a4063f52c2c3fed7887426fc ] viaide C:\Windows\system32\drivers\viaide.sys
20:06:56.0562 5712 viaide - ok
20:06:56.0585 5712 [ 69503668ac66c77c6cd7af86fbdf8c43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:06:56.0588 5712 volmgr - ok
20:06:56.0619 5712 [ 23e41b834759917bfd6b9a0d625d0c28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:06:56.0625 5712 volmgrx - ok
20:06:56.0647 5712 [ 147281c01fcb1df9252de2a10d5e7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:06:56.0653 5712 volsnap - ok
20:06:56.0683 5712 [ 587253e09325e6bf226b299774b728a9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:06:56.0687 5712 vsmraid - ok
20:06:56.0737 5712 [ db3d19f850c6eb32bdcb9bc0836acddb ] VSS C:\Windows\system32\vssvc.exe
20:06:56.0762 5712 VSS - ok
20:06:56.0847 5712 [ b36fb5ab82abdeb53ffb821a2b0d6440 ] vToolbarUpdater11.1.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
20:06:56.0861 5712 vToolbarUpdater11.1.0 - ok
20:06:56.0919 5712 [ 96ea68b9eb310a69c25ebb0282b2b9de ] W32Time C:\Windows\system32\w32time.dll
20:06:56.0931 5712 W32Time - ok
20:06:56.0960 5712 [ 48dfee8f1af7c8235d4e626f0c4fe031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:06:56.0962 5712 WacomPen - ok
20:06:56.0982 5712 [ 55201897378cca7af8b5efd874374a26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:06:56.0986 5712 Wanarp - ok
20:06:56.0993 5712 [ 55201897378cca7af8b5efd874374a26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:06:56.0996 5712 Wanarpv6 - ok
20:06:57.0033 5712 [ a3cd60fd826381b49f03832590e069af ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:06:57.0051 5712 wcncsvc - ok
20:06:57.0082 5712 [ 11bcb7afcdd7aadacb5746f544d3a9c7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:06:57.0091 5712 WcsPlugInService - ok
20:06:57.0121 5712 [ 78fe9542363f297b18c027b2d7e7c07f ] Wd C:\Windows\system32\drivers\wd.sys
20:06:57.0123 5712 Wd - ok
20:06:57.0169 5712 [ d6efaf429fd30c5df613d220e344cce7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
20:06:57.0172 5712 WDC_SAM - ok
20:06:57.0203 5712 [ b6f0a7ad6d4bd325fbcd8bac96cd8d96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:06:57.0213 5712 Wdf01000 - ok
20:06:57.0233 5712 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:06:57.0243 5712 WdiServiceHost - ok
20:06:57.0250 5712 [ abfc76b48bb6c96e3338d8943c5d93b5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:06:57.0259 5712 WdiSystemHost - ok
20:06:57.0298 5712 [ 04c37d8107320312fbae09926103d5e2 ] WebClient C:\Windows\System32\webclnt.dll
20:06:57.0310 5712 WebClient - ok
20:06:57.0343 5712 [ ae3736e7e8892241c23e4ebbb7453b60 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:06:57.0354 5712 Wecsvc - ok
20:06:57.0403 5712 [ 670ff720071ed741206d69bd995ea453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:06:57.0412 5712 wercplsupport - ok
20:06:57.0442 5712 [ 32b88481d3b326da6deb07b1d03481e7 ] WerSvc C:\Windows\System32\WerSvc.dll
20:06:57.0452 5712 WerSvc - ok
20:06:57.0504 5712 [ 4575aa12561c5648483403541d0d7f2b ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:06:57.0510 5712 WinDefend - ok
20:06:57.0520 5712 WinHttpAutoProxySvc - ok
20:06:57.0597 5712 [ 6b2a1d0e80110e3d04e6863c6e62fd8a ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:06:57.0603 5712 Winmgmt - ok
20:06:57.0664 5712 [ 7cfe68bdc065e55aa5e8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
20:06:57.0693 5712 WinRM - ok
20:06:57.0742 5712 [ c008405e4feeb069e30da1d823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:06:57.0759 5712 Wlansvc - ok
20:06:57.0867 5712 [ fb01d4ae207b9efdbabfc55dc95c7e31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:06:57.0896 5712 wlidsvc - ok
20:06:57.0926 5712 [ 2e7255d172df0b8283cdfb7b433b864e ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:06:57.0928 5712 WmiAcpi - ok
20:06:57.0964 5712 [ 43be3875207dcb62a85c8c49970b66cc ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:06:57.0968 5712 wmiApSrv - ok
20:06:58.0053 5712 [ 3978704576a121a9204f8cc49a301a9b ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:06:58.0076 5712 WMPNetworkSvc - ok
20:06:58.0094 5712 [ cfc5a04558f5070cee3e3a7809f3ff52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:06:58.0105 5712 WPCSvc - ok
20:06:58.0141 5712 [ 801fbdb89d472b3c467eb112a0fc9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:06:58.0157 5712 WPDBusEnum - ok
20:06:58.0229 5712 [ de9d36f91a4df3d911626643debf11ea ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:06:58.0232 5712 WpdUsb - ok
20:06:58.0309 5712 [ dcf3e3edf5109ee8bc02fe6e1f045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:06:58.0324 5712 WPFFontCache_v0400 - ok
20:06:58.0356 5712 [ e3a3cb253c0ec2494d4a61f5e43a389c ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:06:58.0359 5712 ws2ifsl - ok
20:06:58.0385 5712 [ 1ca6c40261ddc0425987980d0cd2aaab ] wscsvc C:\Windows\System32\wscsvc.dll
20:06:58.0395 5712 wscsvc - ok
20:06:58.0403 5712 WSearch - ok
20:06:58.0502 5712 [ fc3ec24fce372c89423e015a2ac1a31e ] wuauserv C:\Windows\system32\wuaueng.dll
20:06:58.0540 5712 wuauserv - ok
20:06:58.0577 5712 [ ac13cb789d93412106b0fb6c7eb2bcb6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:06:58.0581 5712 WUDFRd - ok
20:06:58.0611 5712 [ 575a4190d989f64732119e4114045a4f ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:06:58.0621 5712 wudfsvc - ok
20:06:58.0643 5712 ================ Scan global ===============================
20:06:58.0679 5712 (f31eebc1a1c81fd04005489cc3dcdfe7) C:\Windows\system32\basesrv.dll
20:06:58.0714 5712 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
20:06:58.0738 5712 (d2293b069e4b63dc17b2f08d45e71124) C:\Windows\system32\winsrv.dll
20:06:58.0780 5712 (d4e6d91c1349b7bfb3599a6ada56851b) C:\Windows\system32\services.exe
20:06:58.0791 5712 [Global] - ok
20:06:58.0792 5712 ================ Scan MBR ==================================
20:06:58.0810 5712 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
20:06:58.0997 5712 \Device\Harddisk0\DR0 - ok
20:06:58.0997 5712 ================ Scan VBR ==================================
20:06:59.0002 5712 Boot (0x1200) (78c9229814f0a601625f7ee57633e989) \Device\Harddisk0\DR0\Partition1
20:06:59.0005 5712 \Device\Harddisk0\DR0\Partition1 - ok
20:06:59.0007 5712 ============================================================
20:06:59.0007 5712 Scan finished
20:06:59.0007 5712 ============================================================
20:06:59.0029 5556 Detected object count: 0
20:06:59.0029 5556 Actual detected object count: 0

Edited by areia, 17 August 2012 - 03:57 PM.


#4 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 August 2012 - 06:12 PM

scanned via avast twice first time found nothing at all to repot let alone copy second time i got C:\Users\zoe\Pictures\2012-05-16\bProtectorForWindows staus Error:The system cannot find the path specified(3)

during second scan was going through photos and deliting as well finding lots of bP files attatched to them so deliting them to as there was so many

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 AM

Posted 17 August 2012 - 06:15 PM

Post the logs

#6 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 August 2012 - 07:52 PM

result of last task eset scanner threats found and cleaned no mention of bP though

C:\Program Files\I Want This\I Want This.dll Win32/Toolbar.CrossRider application cleaned by deleting - quarantined
C:\Program Files\Pivot Stickfigure Toolbar\UninstallToolbar.exe Win32/Somoto application cleaned by deleting - quarantined
C:\ProgramData\IBUpdaterService\trz2828.tmp a variant of Win32/InstallBrain.A application cleaned by deleting - quarantined
C:\Users\zoe\AppData\Local\Temp\Pivot Stickfigure.exe Win32/Somoto application cleaned by deleting - quarantined
C:\Users\zoe\AppData\Local\Temp\is-LU64O.tmp\pivotstickfigure-hybrid.exe Win32/Somoto application cleaned by deleting - quarantined
C:\Users\zoe\AppData\LocalLow\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\UninstallToolbar.exe Win32/Somoto application cleaned by deleting - quarantined

Edited by areia, 17 August 2012 - 07:55 PM.


#7 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 17 August 2012 - 07:56 PM

couldnt see where the logs were to put on here for avast ?? :blink:

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 AM

Posted 17 August 2012 - 08:38 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 17 August 2012 - 08:38 PM.


#9 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 August 2012 - 04:25 PM

after 5 hrs of first run on avg then rebooting a running for 40 min second time round finaly start
mini tool box result
MiniToolBox by Farbar Version: 23-07-2012
Ran by zoe (administrator) on 18-08-2012 at 22:22:18
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : zoe-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-1F-E2-5D-D7-E0
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ec1b:b3d2:4c30:402f%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.67(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 18 August 2012 21:24:33
Lease Expires . . . . . . . . . . : 19 August 2012 21:24:32
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 268443618
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-3D-F0-DB-00-1F-E2-5D-D7-E0
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3ca5:2536:a952:d852(Preferred)
Link-local IPv6 Address . . . . . : fe80::3ca5:2536:a952:d852%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : isatap.home
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: BThomehub.home
Address: 192.168.1.254

Name: google.com
Addresses: 2a00:1450:4009:801::1007
74.125.230.97
74.125.230.99
74.125.230.102
74.125.230.96
74.125.230.103
74.125.230.98
74.125.230.110
74.125.230.105
74.125.230.104
74.125.230.101
74.125.230.100



Pinging google.com [74.125.230.104] with 32 bytes of data:

Reply from 74.125.230.104: bytes=32 time=13ms TTL=52

Reply from 74.125.230.104: bytes=32 time=13ms TTL=52



Ping statistics for 74.125.230.104:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 13ms, Maximum = 13ms, Average = 13ms

Server: BThomehub.home
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

Reply from 98.138.253.109: bytes=32 time=133ms TTL=44

Reply from 98.138.253.109: bytes=32 time=159ms TTL=43



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 133ms, Maximum = 159ms, Average = 146ms

Server: BThomehub.home
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 1f e2 5d d7 e0 ...... Realtek PCIe GBE Family Controller
1 ........................... Software Loopback Interface 1
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.home
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.67 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
169.254.0.0 255.255.0.0 On-link 192.168.1.67 296
169.254.255.255 255.255.255.255 On-link 192.168.1.67 276
192.168.1.0 255.255.255.0 On-link 192.168.1.67 276
192.168.1.67 255.255.255.255 On-link 192.168.1.67 276
192.168.1.255 255.255.255.255 On-link 192.168.1.67 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.67 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.67 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 18 ::/0 On-link
1 306 ::1/128 On-link
12 18 2001::/32 On-link
12 266 2001:0:5ef5:79fd:3ca5:2536:a952:d852/128
On-link
11 276 fe80::/64 On-link
12 266 fe80::/64 On-link
12 266 fe80::3ca5:2536:a952:d852/128
On-link
11 276 fe80::ec1b:b3d2:4c30:402f/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog5 06 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/18/2012 09:26:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2012 09:07:51 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012012081820120819> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/18/2012 08:53:51 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2012 11:16:44 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\2011-09-20.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/17/2012 11:16:44 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\2011-09-20.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\1-0-002.JPG> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\0-1-009.JPG> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\0-1-002.JPG> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\0-0-009.JPG> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\1-1-009.JPG> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)


System errors:
=============
Error: (08/18/2012 01:11:26 PM) (Source: Service Control Manager) (User: )
Description: AVGIDSAgent

Error: (08/18/2012 01:09:00 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/18/2012 02:13:58 AM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/17/2012 05:56:20 PM) (Source: DCOM) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}

Error: (08/17/2012 05:37:38 PM) (Source: Service Control Manager) (User: )
Description: 1Restart the serviceWindows Installer%%1056

Error: (08/17/2012 05:32:37 PM) (Source: Service Control Manager) (User: )
Description: Windows Installer23000001Restart the service

Error: (08/17/2012 05:32:07 PM) (Source: Service Control Manager) (User: )
Description: Windows Installer11200001Restart the service

Error: (08/17/2012 05:28:35 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (08/17/2012 05:28:35 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (08/17/2012 05:28:34 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================
Error: (08/18/2012 09:26:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2012 09:07:51 AM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\APPDATA\LOCAL\MICROSOFT\WINDOWS\HISTORY\HISTORY.IE5\MSHIST012012081820120819

Error: (08/18/2012 08:53:51 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2012 11:16:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\2011-09-20.LNK

Error: (08/17/2012 11:16:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\2011-09-20.LNK

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\1-0-002.JPG

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\0-1-009.JPG

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\0-1-002.JPG

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\0-0-009.JPG

Error: (08/17/2012 10:44:49 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\USERS\ZOE\PICTURES\2010-10-05\NEW FOLDER\1-1-009.JPG


=========================== Installed Programs ============================

Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
Apple Application Support (Version: 1.1.0)
Apple Mobile Device Support (Version: 2.4.1.7)
Apple Software Update (Version: 2.1.1.116)
ArcSoft PhotoStudio 5.5
avast! Free Antivirus (Version: 7.0.1456.0)
AVG 2012 (Version: 12.0.2197)
AVG 2012 (Version: 12.0.2437)
AVG 2012 (Version: 2012.0.2197)
Bonjour (Version: 1.0.106)
BT Broadband Desktop Help
BT Email Configuration Tool
BT Yahoo! Applications
BTHomeHub
Canon Easy-WebPrint EX
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 3.0
Canon MP490 series MP Drivers
Canon MP490 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Consumer Input Software (remove only) (Version: 2.7.0.7705)
Coupon Printer (Version: 2.0)
D3DX10 (Version: 15.4.2368.0902)
Doctor Who Experience Screensaver
ESET Online Scanner v3
ffdshow [rev 2844] [2009-03-30] (Version: 1.0)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
Intel® Graphics Media Accelerator Driver
iTunes (Version: 8.1.1.10)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
LEGO® Stop Animation Studio (Version: 1.0.0.14)
LogMeIn (Version: 4.0.784)
Manual CanoScan LiDE 25
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Windows Media Video 9 VCM
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OmniPage SE 2.0 (Version: 2.00.0004)
OpenMG Limited Patch 4.2-05-07-27-01
OpenMG Secure Module 4.2.00 (Version: 4.2.00.06070)
Picasa 3 (Version: 3.8)
PriceGong 2.6.4 (Version: 2.6.4)
QuickTime (Version: 7.65.17.80)
Realtek High Definition Audio Driver
Segoe UI (Version: 15.4.2271.0615)
Unity Web Player (Version: 2.5.0f5_21627)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Updater Service (Version: 14,1,1,3)
USB2.0 UVC Camera (Version: 5.8.29002.0)
Wajam (Version: 1.43)
WebEx
Windows Driver Package - Digital Blue (CoachUsb) Image (05/15/2009 4.75.1.0.32) (Version: 05/15/2009 4.75.1.0.32)
Windows Driver Package - Digital Blue (CoachVid) Image (05/15/2009 4.75.1.0.32) (Version: 05/15/2009 4.75.1.0.32)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 82%
Total physical RAM: 1012.45 MB
Available physical RAM: 179.16 MB
Total Pagefile: 2289.21 MB
Available Pagefile: 874.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.63 MB

========================= Partitions: =====================================

1 Drive c: (Vista) (Fixed) (Total:142.21 GB) (Free:31.07 GB) NTFS

========================= Users: ========================================

User accounts for \\ZOE-PC

Administrator Guest Mcx1
zoe


**** End of log ****

#10 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 August 2012 - 04:28 PM

Farbar Service Scanner Version: 06-08-2012
Ran by zoe (administrator) on 18-08-2012 at 22:27:07
Running from "C:\Users\zoe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3GXNCCJI"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-21 03:24] - [2008-01-21 03:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 AM

Posted 18 August 2012 - 04:28 PM

MBAM log?

#12 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 August 2012 - 04:39 PM

ok im doing somthing wrong here how do i get these logs things, as cant see how to pull them up,
curently got threat detected from avg while im trying to do the adwcleaner telling me to to either move to vault or allow ?????

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 AM

Posted 18 August 2012 - 04:41 PM

launch Malwarebytes-click on LOGS tab

Post the latest log

curently got threat detected from avg while im trying to do the adwcleaner telling me to to either move to vault or allow ?????


Allow

Edited by narenxp, 18 August 2012 - 04:41 PM.


#14 areia

areia
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:02:11 PM

Posted 18 August 2012 - 05:35 PM

how do i deal with the avg multiple threat detection while the malware is doing its scan

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:11 AM

Posted 18 August 2012 - 05:36 PM

how do i deal with the avg multiple threat detection while the malware is doing its scan


You just now started malwarebytes scan?

What did AVG detect




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users