Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

tr/rootkit.gen virus


  • Please log in to reply
18 replies to this topic

#1 tdb74

tdb74

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 12:24 AM

Avira says i have a tr/rootkit.gen virus. how do i remove it?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:41 PM

Posted 26 August 2012 - 12:29 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 12:36 AM

01:31:40.0142 5368 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
01:31:40.0367 5368 ============================================================
01:31:40.0367 5368 Current date / time: 2012/08/26 01:31:40.0367
01:31:40.0367 5368 SystemInfo:
01:31:40.0368 5368
01:31:40.0368 5368 OS Version: 6.1.7601 ServicePack: 1.0
01:31:40.0368 5368 Product type: Workstation
01:31:40.0368 5368 ComputerName: TDBERG-PC
01:31:40.0368 5368 UserName: tdberg
01:31:40.0368 5368 Windows directory: C:\Windows
01:31:40.0368 5368 System windows directory: C:\Windows
01:31:40.0368 5368 Running under WOW64
01:31:40.0368 5368 Processor architecture: Intel x64
01:31:40.0368 5368 Number of processors: 2
01:31:40.0368 5368 Page size: 0x1000
01:31:40.0368 5368 Boot type: Normal boot
01:31:40.0368 5368 ============================================================
01:31:41.0201 5368 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:31:41.0213 5368 ============================================================
01:31:41.0213 5368 \Device\Harddisk0\DR0:
01:31:41.0213 5368 MBR partitions:
01:31:41.0213 5368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1801F5F, BlocksNum 0x32FCD
01:31:41.0213 5368 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1834F2C, BlocksNum 0x1B990244
01:31:41.0213 5368 ============================================================
01:31:41.0258 5368 C: <-> \Device\Harddisk0\DR0\Partition2
01:31:41.0258 5368 ============================================================
01:31:41.0259 5368 Initialize success
01:31:41.0259 5368 ============================================================
01:31:51.0478 5704 ============================================================
01:31:51.0478 5704 Scan started
01:31:51.0478 5704 Mode: Manual; SigCheck; TDLFS;
01:31:51.0478 5704 ============================================================
01:31:52.0141 5704 ================ Scan system memory ========================
01:31:52.0141 5704 System memory - ok
01:31:52.0142 5704 ================ Scan services =============================
01:31:52.0408 5704 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
01:31:52.0543 5704 1394ohci - ok
01:31:52.0622 5704 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:31:52.0643 5704 ACPI - ok
01:31:52.0704 5704 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:31:53.0062 5704 AcpiPmi - ok
01:31:53.0263 5704 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:31:53.0286 5704 AdobeFlashPlayerUpdateSvc - ok
01:31:53.0377 5704 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
01:31:53.0402 5704 adp94xx - ok
01:31:53.0463 5704 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
01:31:53.0486 5704 adpahci - ok
01:31:53.0534 5704 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
01:31:53.0552 5704 adpu320 - ok
01:31:53.0603 5704 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:31:53.0754 5704 AeLookupSvc - ok
01:31:53.0851 5704 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
01:31:53.0915 5704 AFD - ok
01:31:53.0953 5704 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
01:31:53.0973 5704 agp440 - ok
01:31:54.0016 5704 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
01:31:54.0095 5704 ALG - ok
01:31:54.0147 5704 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
01:31:54.0161 5704 aliide - ok
01:31:54.0219 5704 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
01:31:54.0232 5704 amdide - ok
01:31:54.0272 5704 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
01:31:54.0347 5704 AmdK8 - ok
01:31:54.0389 5704 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
01:31:54.0434 5704 AmdPPM - ok
01:31:54.0488 5704 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:31:54.0511 5704 amdsata - ok
01:31:54.0579 5704 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
01:31:54.0597 5704 amdsbs - ok
01:31:54.0649 5704 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:31:54.0669 5704 amdxata - ok
01:31:54.0981 5704 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
01:31:55.0006 5704 AntiVirSchedulerService - ok
01:31:55.0090 5704 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
01:31:55.0110 5704 AntiVirService - ok
01:31:55.0252 5704 [ C79C86A0395689045710E24D64E5E086 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
01:31:55.0275 5704 ApfiltrService - ok
01:31:55.0365 5704 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
01:31:55.0600 5704 AppID - ok
01:31:55.0663 5704 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:31:55.0737 5704 AppIDSvc - ok
01:31:55.0847 5704 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
01:31:55.0908 5704 Appinfo - ok
01:31:56.0018 5704 [ 5AA788D5A2C6737BB9C45933985BC1B8 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:31:56.0028 5704 Apple Mobile Device - ok
01:31:56.0104 5704 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
01:31:56.0120 5704 arc - ok
01:31:56.0137 5704 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
01:31:56.0152 5704 arcsas - ok
01:31:56.0185 5704 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:31:56.0226 5704 AsyncMac - ok
01:31:56.0273 5704 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
01:31:56.0287 5704 atapi - ok
01:31:56.0348 5704 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:31:56.0427 5704 AudioEndpointBuilder - ok
01:31:56.0439 5704 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:31:56.0485 5704 AudioSrv - ok
01:31:56.0517 5704 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
01:31:56.0530 5704 avgntflt - ok
01:31:56.0562 5704 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
01:31:56.0578 5704 avipbb - ok
01:31:56.0623 5704 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
01:31:56.0636 5704 avkmgr - ok
01:31:56.0696 5704 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:31:56.0803 5704 AxInstSV - ok
01:31:56.0870 5704 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
01:31:56.0944 5704 b06bdrv - ok
01:31:56.0996 5704 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:31:57.0047 5704 b57nd60a - ok
01:31:57.0157 5704 [ B44879610F2DC4A046B14BEFA3AE72DE ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
01:31:57.0285 5704 BCM43XX - ok
01:31:57.0318 5704 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
01:31:57.0397 5704 BDESVC - ok
01:31:57.0461 5704 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
01:31:57.0550 5704 Beep - ok
01:31:57.0631 5704 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
01:31:57.0714 5704 BFE - ok
01:31:57.0776 5704 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:31:57.0816 5704 blbdrive - ok
01:31:57.0917 5704 [ F832F1505AD8B83474BD9A5B1B985E01 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
01:31:57.0935 5704 Bonjour Service - ok
01:31:57.0997 5704 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:31:58.0054 5704 bowser - ok
01:31:58.0097 5704 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:31:58.0187 5704 BrFiltLo - ok
01:31:58.0203 5704 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:31:58.0242 5704 BrFiltUp - ok
01:31:58.0293 5704 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
01:31:58.0359 5704 BridgeMP - ok
01:31:58.0417 5704 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
01:31:58.0483 5704 Browser - ok
01:31:58.0519 5704 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:31:58.0591 5704 Brserid - ok
01:31:58.0611 5704 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:31:58.0652 5704 BrSerWdm - ok
01:31:58.0690 5704 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:31:58.0734 5704 BrUsbMdm - ok
01:31:58.0758 5704 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:31:58.0776 5704 BrUsbSer - ok
01:31:58.0789 5704 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
01:31:58.0833 5704 BTHMODEM - ok
01:31:58.0889 5704 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
01:31:58.0958 5704 bthserv - ok
01:31:58.0986 5704 catchme - ok
01:31:59.0036 5704 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:31:59.0077 5704 cdfs - ok
01:31:59.0147 5704 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
01:31:59.0165 5704 cdrom - ok
01:31:59.0214 5704 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
01:31:59.0268 5704 CertPropSvc - ok
01:31:59.0324 5704 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
01:31:59.0366 5704 circlass - ok
01:31:59.0412 5704 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
01:31:59.0433 5704 CLFS - ok
01:31:59.0529 5704 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:31:59.0549 5704 clr_optimization_v2.0.50727_32 - ok
01:31:59.0638 5704 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:31:59.0659 5704 clr_optimization_v2.0.50727_64 - ok
01:31:59.0796 5704 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:31:59.0811 5704 clr_optimization_v4.0.30319_32 - ok
01:31:59.0846 5704 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:31:59.0859 5704 clr_optimization_v4.0.30319_64 - ok
01:31:59.0904 5704 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
01:31:59.0948 5704 CmBatt - ok
01:31:59.0987 5704 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:32:00.0001 5704 cmdide - ok
01:32:00.0054 5704 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
01:32:00.0156 5704 CNG - ok
01:32:00.0209 5704 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
01:32:00.0223 5704 Compbatt - ok
01:32:00.0286 5704 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
01:32:00.0337 5704 CompositeBus - ok
01:32:00.0371 5704 COMSysApp - ok
01:32:00.0401 5704 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
01:32:00.0414 5704 crcdisk - ok
01:32:00.0479 5704 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:32:00.0558 5704 CryptSvc - ok
01:32:00.0653 5704 [ BA8E5B2291C01EF71CA80E25F0C79D55 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
01:32:00.0674 5704 ctxusbm - ok
01:32:00.0739 5704 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:32:00.0813 5704 DcomLaunch - ok
01:32:00.0880 5704 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
01:32:00.0979 5704 defragsvc - ok
01:32:01.0029 5704 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:32:01.0089 5704 DfsC - ok
01:32:01.0143 5704 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
01:32:01.0213 5704 Dhcp - ok
01:32:01.0244 5704 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
01:32:01.0320 5704 discache - ok
01:32:01.0372 5704 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
01:32:01.0389 5704 Disk - ok
01:32:01.0480 5704 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\SysWOW64\Drivers\DKbFltr.sys
01:32:01.0492 5704 DKbFltr - ok
01:32:01.0552 5704 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:32:01.0629 5704 Dnscache - ok
01:32:01.0674 5704 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
01:32:01.0755 5704 dot3svc - ok
01:32:01.0804 5704 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
01:32:01.0866 5704 DPS - ok
01:32:01.0925 5704 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:32:01.0970 5704 drmkaud - ok
01:32:02.0039 5704 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:32:02.0098 5704 DXGKrnl - ok
01:32:02.0148 5704 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
01:32:02.0210 5704 EapHost - ok
01:32:02.0340 5704 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
01:32:02.0470 5704 ebdrv - ok
01:32:02.0513 5704 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
01:32:02.0590 5704 EFS - ok
01:32:02.0671 5704 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:32:02.0765 5704 ehRecvr - ok
01:32:02.0795 5704 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
01:32:02.0866 5704 ehSched - ok
01:32:02.0922 5704 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
01:32:02.0957 5704 elxstor - ok
01:32:03.0065 5704 [ 8E910F796F5F30281CDD24ABA47DDEA2 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
01:32:03.0100 5704 ePowerSvc - ok
01:32:03.0140 5704 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:32:03.0173 5704 ErrDev - ok
01:32:03.0226 5704 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
01:32:03.0294 5704 EventSystem - ok
01:32:03.0351 5704 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
01:32:03.0426 5704 exfat - ok
01:32:03.0460 5704 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:32:03.0532 5704 fastfat - ok
01:32:03.0598 5704 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
01:32:03.0686 5704 Fax - ok
01:32:03.0711 5704 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:32:03.0749 5704 fdc - ok
01:32:03.0780 5704 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
01:32:03.0844 5704 fdPHost - ok
01:32:03.0883 5704 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
01:32:03.0957 5704 FDResPub - ok
01:32:04.0015 5704 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:32:04.0030 5704 FileInfo - ok
01:32:04.0049 5704 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:32:04.0114 5704 Filetrace - ok
01:32:04.0140 5704 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:32:04.0181 5704 flpydisk - ok
01:32:04.0227 5704 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:32:04.0247 5704 FltMgr - ok
01:32:04.0318 5704 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
01:32:04.0441 5704 FontCache - ok
01:32:04.0509 5704 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:32:04.0526 5704 FontCache3.0.0.0 - ok
01:32:04.0562 5704 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:32:04.0577 5704 FsDepends - ok
01:32:04.0619 5704 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:32:04.0637 5704 Fs_Rec - ok
01:32:04.0705 5704 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:32:04.0737 5704 fvevol - ok
01:32:04.0780 5704 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
01:32:04.0800 5704 gagp30kx - ok
01:32:04.0857 5704 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:32:04.0869 5704 GEARAspiWDM - ok
01:32:04.0929 5704 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
01:32:05.0039 5704 gpsvc - ok
01:32:05.0132 5704 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
01:32:05.0165 5704 Greg_Service - ok
01:32:05.0281 5704 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:32:05.0303 5704 gupdate - ok
01:32:05.0403 5704 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:32:05.0422 5704 gupdatem - ok
01:32:05.0502 5704 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
01:32:05.0524 5704 gusvc - ok
01:32:05.0561 5704 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:32:05.0623 5704 hcw85cir - ok
01:32:05.0680 5704 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:32:05.0723 5704 HdAudAddService - ok
01:32:05.0765 5704 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
01:32:05.0808 5704 HDAudBus - ok
01:32:05.0849 5704 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
01:32:05.0887 5704 HidBatt - ok
01:32:05.0913 5704 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
01:32:05.0957 5704 HidBth - ok
01:32:05.0981 5704 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
01:32:06.0022 5704 HidIr - ok
01:32:06.0062 5704 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
01:32:06.0102 5704 hidserv - ok
01:32:06.0155 5704 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
01:32:06.0192 5704 HidUsb - ok
01:32:06.0242 5704 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:32:06.0325 5704 hkmsvc - ok
01:32:06.0366 5704 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:32:06.0442 5704 HomeGroupListener - ok
01:32:06.0482 5704 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:32:06.0529 5704 HomeGroupProvider - ok
01:32:06.0603 5704 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:32:06.0626 5704 HpSAMD - ok
01:32:06.0681 5704 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:32:06.0779 5704 HTTP - ok
01:32:06.0825 5704 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:32:06.0838 5704 hwpolicy - ok
01:32:06.0882 5704 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
01:32:06.0909 5704 i8042prt - ok
01:32:06.0981 5704 [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
01:32:07.0008 5704 IAANTMON - ok
01:32:07.0067 5704 [ BE7D72FCF442C26975942007E0831241 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
01:32:07.0095 5704 iaStor - ok
01:32:07.0160 5704 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:32:07.0183 5704 iaStorV - ok
01:32:07.0279 5704 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:32:07.0338 5704 idsvc - ok
01:32:07.0636 5704 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
01:32:08.0075 5704 igfx - ok
01:32:08.0159 5704 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
01:32:08.0206 5704 iirsp - ok
01:32:08.0364 5704 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
01:32:08.0507 5704 IKEEXT - ok
01:32:08.0622 5704 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:32:08.0723 5704 IntcAzAudAddService - ok
01:32:08.0759 5704 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
01:32:08.0775 5704 intelide - ok
01:32:08.0828 5704 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:32:08.0867 5704 intelppm - ok
01:32:08.0897 5704 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:32:08.0940 5704 IPBusEnum - ok
01:32:08.0986 5704 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:32:09.0051 5704 IpFilterDriver - ok
01:32:09.0386 5704 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:32:09.0487 5704 iphlpsvc - ok
01:32:09.0547 5704 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:32:09.0591 5704 IPMIDRV - ok
01:32:09.0665 5704 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:32:09.0731 5704 IPNAT - ok
01:32:09.0792 5704 [ 3D62FE4FEFE9C67DAFEC52B534DFA1FB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
01:32:09.0817 5704 iPod Service - ok
01:32:09.0894 5704 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:32:10.0004 5704 IRENUM - ok
01:32:10.0051 5704 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:32:10.0068 5704 isapnp - ok
01:32:10.0167 5704 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:32:10.0193 5704 iScsiPrt - ok
01:32:10.0232 5704 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
01:32:10.0250 5704 kbdclass - ok
01:32:10.0311 5704 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
01:32:10.0327 5704 kbdhid - ok
01:32:10.0369 5704 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
01:32:10.0385 5704 KeyIso - ok
01:32:10.0429 5704 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:32:10.0444 5704 KSecDD - ok
01:32:10.0476 5704 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:32:10.0494 5704 KSecPkg - ok
01:32:10.0562 5704 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:32:10.0645 5704 ksthunk - ok
01:32:10.0713 5704 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
01:32:10.0782 5704 KtmRm - ok
01:32:10.0838 5704 [ 2377EC4CC3E356655B996F39B43486B6 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
01:32:10.0903 5704 L1C - ok
01:32:10.0949 5704 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
01:32:11.0021 5704 LanmanServer - ok
01:32:11.0067 5704 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:32:11.0137 5704 LanmanWorkstation - ok
01:32:11.0184 5704 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:32:11.0253 5704 lltdio - ok
01:32:11.0305 5704 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:32:11.0381 5704 lltdsvc - ok
01:32:11.0412 5704 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:32:11.0474 5704 lmhosts - ok
01:32:11.0540 5704 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
01:32:11.0569 5704 LSI_FC - ok
01:32:11.0589 5704 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
01:32:11.0608 5704 LSI_SAS - ok
01:32:11.0626 5704 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:32:11.0643 5704 LSI_SAS2 - ok
01:32:11.0691 5704 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:32:11.0709 5704 LSI_SCSI - ok
01:32:11.0754 5704 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
01:32:11.0806 5704 luafv - ok
01:32:11.0920 5704 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
01:32:11.0948 5704 McComponentHostService - ok
01:32:11.0985 5704 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:32:12.0024 5704 Mcx2Svc - ok
01:32:12.0061 5704 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
01:32:12.0075 5704 megasas - ok
01:32:12.0102 5704 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
01:32:12.0130 5704 MegaSR - ok
01:32:12.0174 5704 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
01:32:12.0247 5704 MMCSS - ok
01:32:12.0277 5704 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
01:32:12.0338 5704 Modem - ok
01:32:12.0379 5704 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:32:12.0427 5704 monitor - ok
01:32:12.0494 5704 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
01:32:12.0512 5704 mouclass - ok
01:32:12.0551 5704 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:32:12.0590 5704 mouhid - ok
01:32:12.0650 5704 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:32:12.0666 5704 mountmgr - ok
01:32:12.0764 5704 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:32:12.0791 5704 MozillaMaintenance - ok
01:32:12.0841 5704 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
01:32:12.0858 5704 mpio - ok
01:32:12.0903 5704 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:32:13.0017 5704 mpsdrv - ok
01:32:13.0057 5704 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:32:13.0081 5704 MRxDAV - ok
01:32:13.0130 5704 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:32:13.0187 5704 mrxsmb - ok
01:32:13.0229 5704 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:32:13.0252 5704 mrxsmb10 - ok
01:32:13.0273 5704 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:32:13.0319 5704 mrxsmb20 - ok
01:32:13.0377 5704 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
01:32:13.0392 5704 msahci - ok
01:32:13.0441 5704 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:32:13.0462 5704 msdsm - ok
01:32:13.0492 5704 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
01:32:13.0535 5704 MSDTC - ok
01:32:13.0599 5704 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:32:13.0662 5704 Msfs - ok
01:32:13.0698 5704 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:32:13.0765 5704 mshidkmdf - ok
01:32:13.0814 5704 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:32:13.0829 5704 msisadrv - ok
01:32:13.0889 5704 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:32:13.0951 5704 MSiSCSI - ok
01:32:13.0958 5704 msiserver - ok
01:32:14.0000 5704 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:32:14.0042 5704 MSKSSRV - ok
01:32:14.0086 5704 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:32:14.0150 5704 MSPCLOCK - ok
01:32:14.0172 5704 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:32:14.0236 5704 MSPQM - ok
01:32:14.0288 5704 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:32:14.0321 5704 MsRPC - ok
01:32:14.0369 5704 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
01:32:14.0387 5704 mssmbios - ok
01:32:14.0434 5704 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:32:14.0502 5704 MSTEE - ok
01:32:14.0521 5704 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
01:32:14.0560 5704 MTConfig - ok
01:32:14.0590 5704 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
01:32:14.0610 5704 Mup - ok
01:32:14.0653 5704 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
01:32:14.0665 5704 mwlPSDFilter - ok
01:32:14.0690 5704 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
01:32:14.0700 5704 mwlPSDNServ - ok
01:32:14.0717 5704 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
01:32:14.0730 5704 mwlPSDVDisk - ok
01:32:14.0810 5704 [ 2F139207F618EC2933830227EEFFDDB4 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
01:32:14.0828 5704 MWLService - ok
01:32:14.0878 5704 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
01:32:14.0945 5704 napagent - ok
01:32:14.0998 5704 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:32:15.0047 5704 NativeWifiP - ok
01:32:15.0139 5704 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
01:32:15.0190 5704 NDIS - ok
01:32:15.0245 5704 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:32:15.0312 5704 NdisCap - ok
01:32:15.0355 5704 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:32:15.0424 5704 NdisTapi - ok
01:32:15.0468 5704 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:32:15.0533 5704 Ndisuio - ok
01:32:15.0565 5704 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:32:15.0633 5704 NdisWan - ok
01:32:15.0686 5704 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:32:15.0768 5704 NDProxy - ok
01:32:15.0842 5704 [ D53353EA2EDCEDBC24AD75F13AFA3C2C ] NEOFLTR_650_16789 C:\Windows\system32\Drivers\NEOFLTR_650_16789.SYS
01:32:15.0856 5704 NEOFLTR_650_16789 - ok
01:32:15.0929 5704 [ 59267D2F0328599AA3B5408C2E06126F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
01:32:15.0947 5704 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
01:32:15.0947 5704 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
01:32:15.0983 5704 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:32:16.0049 5704 NetBIOS - ok
01:32:16.0097 5704 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:32:16.0181 5704 NetBT - ok
01:32:16.0225 5704 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
01:32:16.0243 5704 Netlogon - ok
01:32:16.0301 5704 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
01:32:16.0382 5704 Netman - ok
01:32:16.0419 5704 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
01:32:16.0468 5704 netprofm - ok
01:32:16.0499 5704 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:32:16.0512 5704 NetTcpPortSharing - ok
01:32:16.0566 5704 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
01:32:16.0581 5704 nfrd960 - ok
01:32:16.0640 5704 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
01:32:16.0684 5704 NlaSvc - ok
01:32:16.0704 5704 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:32:16.0776 5704 Npfs - ok
01:32:16.0828 5704 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
01:32:16.0892 5704 nsi - ok
01:32:16.0921 5704 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:32:16.0985 5704 nsiproxy - ok
01:32:17.0296 5704 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:32:18.0012 5704 Ntfs - ok
01:32:18.0101 5704 [ FD324CCE1D4D5BB5AF65F8E55B462C7E ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
01:32:18.0116 5704 NTIBackupSvc - ok
01:32:18.0207 5704 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
01:32:18.0220 5704 NTIDrvr - ok
01:32:18.0271 5704 [ 3F6268A2EC33CD38CF75C880AF8DED42 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
01:32:18.0288 5704 NTISchedulerSvc - ok
01:32:18.0355 5704 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
01:32:18.0448 5704 Null - ok
01:32:18.0508 5704 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:32:18.0525 5704 nvraid - ok
01:32:18.0589 5704 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:32:18.0606 5704 nvstor - ok
01:32:18.0658 5704 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:32:18.0675 5704 nv_agp - ok
01:32:18.0766 5704 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
01:32:18.0793 5704 odserv - ok
01:32:18.0832 5704 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:32:18.0867 5704 ohci1394 - ok
01:32:18.0924 5704 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:32:18.0938 5704 ose - ok
01:32:18.0980 5704 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:32:19.0043 5704 p2pimsvc - ok
01:32:19.0092 5704 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
01:32:19.0137 5704 p2psvc - ok
01:32:19.0188 5704 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
01:32:19.0215 5704 Parport - ok
01:32:19.0251 5704 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:32:19.0266 5704 partmgr - ok
01:32:19.0289 5704 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:32:19.0312 5704 PcaSvc - ok
01:32:19.0357 5704 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
01:32:19.0375 5704 pci - ok
01:32:19.0417 5704 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
01:32:19.0431 5704 pciide - ok
01:32:19.0462 5704 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
01:32:19.0479 5704 pcmcia - ok
01:32:19.0526 5704 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
01:32:19.0541 5704 pcw - ok
01:32:19.0577 5704 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:32:19.0629 5704 PEAUTH - ok
01:32:19.0751 5704 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:32:19.0797 5704 PerfHost - ok
01:32:19.0897 5704 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
01:32:20.0036 5704 pla - ok
01:32:20.0110 5704 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:32:20.0188 5704 PlugPlay - ok
01:32:20.0242 5704 [ 5261A2FD55183AC6993145AB6662CDDF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:32:20.0264 5704 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
01:32:20.0264 5704 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
01:32:20.0316 5704 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:32:20.0354 5704 PNRPAutoReg - ok
01:32:20.0392 5704 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:32:20.0416 5704 PNRPsvc - ok
01:32:20.0463 5704 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:32:20.0528 5704 PolicyAgent - ok
01:32:20.0564 5704 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
01:32:20.0627 5704 Power - ok
01:32:20.0679 5704 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:32:20.0717 5704 PptpMiniport - ok
01:32:20.0747 5704 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
01:32:20.0778 5704 Processor - ok
01:32:20.0825 5704 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
01:32:20.0886 5704 ProfSvc - ok
01:32:20.0947 5704 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:32:20.0968 5704 ProtectedStorage - ok
01:32:21.0024 5704 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:32:21.0086 5704 Psched - ok
01:32:21.0147 5704 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
01:32:21.0225 5704 ql2300 - ok
01:32:21.0279 5704 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
01:32:21.0303 5704 ql40xx - ok
01:32:21.0351 5704 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
01:32:21.0384 5704 QWAVE - ok
01:32:21.0394 5704 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:32:21.0436 5704 QWAVEdrv - ok
01:32:21.0464 5704 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:32:21.0524 5704 RasAcd - ok
01:32:21.0579 5704 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:32:21.0662 5704 RasAgileVpn - ok
01:32:21.0685 5704 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
01:32:21.0727 5704 RasAuto - ok
01:32:21.0760 5704 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:32:21.0813 5704 Rasl2tp - ok
01:32:21.0854 5704 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
01:32:21.0899 5704 RasMan - ok
01:32:21.0938 5704 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:32:21.0999 5704 RasPppoe - ok
01:32:22.0055 5704 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:32:22.0118 5704 RasSstp - ok
01:32:22.0151 5704 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:32:22.0202 5704 rdbss - ok
01:32:22.0220 5704 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
01:32:22.0270 5704 rdpbus - ok
01:32:22.0301 5704 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:32:22.0368 5704 RDPCDD - ok
01:32:22.0442 5704 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:32:22.0487 5704 RDPENCDD - ok
01:32:22.0505 5704 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:32:22.0568 5704 RDPREFMP - ok
01:32:22.0623 5704 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:32:22.0706 5704 RDPWD - ok
01:32:22.0782 5704 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:32:22.0804 5704 rdyboost - ok
01:32:22.0885 5704 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:32:22.0956 5704 RemoteAccess - ok
01:32:23.0000 5704 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:32:23.0077 5704 RemoteRegistry - ok
01:32:23.0132 5704 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
01:32:23.0194 5704 RimUsb - ok
01:32:23.0230 5704 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:32:23.0298 5704 RpcEptMapper - ok
01:32:23.0334 5704 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
01:32:23.0351 5704 RpcLocator - ok
01:32:23.0395 5704 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
01:32:23.0442 5704 RpcSs - ok
01:32:23.0500 5704 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:32:23.0542 5704 rspndr - ok
01:32:23.0630 5704 [ DB30AA4DAA0D492FA5D7717D8181FFA1 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
01:32:23.0696 5704 RSUSBSTOR - ok
01:32:23.0713 5704 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
01:32:23.0734 5704 SamSs - ok
01:32:23.0774 5704 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:32:23.0790 5704 sbp2port - ok
01:32:23.0831 5704 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:32:23.0880 5704 SCardSvr - ok
01:32:23.0930 5704 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:32:24.0002 5704 scfilter - ok
01:32:24.0056 5704 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
01:32:24.0164 5704 Schedule - ok
01:32:24.0203 5704 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
01:32:24.0246 5704 SCPolicySvc - ok
01:32:24.0299 5704 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:32:24.0372 5704 SDRSVC - ok
01:32:24.0421 5704 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:32:24.0490 5704 secdrv - ok
01:32:24.0520 5704 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
01:32:24.0583 5704 seclogon - ok
01:32:24.0643 5704 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
01:32:24.0760 5704 SENS - ok
01:32:24.0789 5704 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:32:24.0909 5704 SensrSvc - ok
01:32:24.0958 5704 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:32:24.0999 5704 Serenum - ok
01:32:25.0055 5704 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:32:25.0094 5704 Serial - ok
01:32:25.0276 5704 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
01:32:25.0304 5704 sermouse - ok
01:32:25.0357 5704 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
01:32:25.0408 5704 SessionEnv - ok
01:32:25.0469 5704 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:32:25.0520 5704 sffdisk - ok
01:32:25.0545 5704 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:32:25.0594 5704 sffp_mmc - ok
01:32:25.0623 5704 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:32:25.0867 5704 sffp_sd - ok
01:32:25.0902 5704 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
01:32:25.0960 5704 sfloppy - ok
01:32:26.0215 5704 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:32:26.0285 5704 SharedAccess - ok
01:32:26.0448 5704 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:32:26.0524 5704 ShellHWDetection - ok
01:32:26.0584 5704 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:32:26.0609 5704 SiSRaid2 - ok
01:32:26.0678 5704 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
01:32:26.0701 5704 SiSRaid4 - ok
01:32:26.0728 5704 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:32:26.0794 5704 Smb - ok
01:32:26.0892 5704 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:32:26.0932 5704 SNMPTRAP - ok
01:32:26.0998 5704 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
01:32:27.0024 5704 spldr - ok
01:32:27.0262 5704 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
01:32:27.0318 5704 Spooler - ok
01:32:28.0506 5704 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
01:32:28.0720 5704 sppsvc - ok
01:32:28.0781 5704 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:32:28.0847 5704 sppuinotify - ok
01:32:29.0505 5704 [ CEF26D36CF0C8A2AE6AAC27767070308 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
01:32:29.0545 5704 SpyHunter 4 Service - ok
01:32:29.0731 5704 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
01:32:29.0805 5704 srv - ok
01:32:30.0008 5704 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:32:30.0050 5704 srv2 - ok
01:32:30.0166 5704 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:32:30.0201 5704 srvnet - ok
01:32:30.0358 5704 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:32:30.0444 5704 SSDPSRV - ok
01:32:30.0497 5704 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:32:30.0562 5704 SstpSvc - ok
01:32:30.0600 5704 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
01:32:30.0615 5704 stexstor - ok
01:32:30.0701 5704 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
01:32:30.0760 5704 StillCam - ok
01:32:30.0835 5704 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
01:32:30.0878 5704 stisvc - ok
01:32:30.0924 5704 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
01:32:30.0939 5704 swenum - ok
01:32:31.0109 5704 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
01:32:31.0206 5704 swprv - ok
01:32:31.0692 5704 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
01:32:31.0780 5704 SysMain - ok
01:32:31.0834 5704 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:32:31.0879 5704 TabletInputService - ok
01:32:31.0978 5704 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
01:32:32.0054 5704 TapiSrv - ok
01:32:32.0119 5704 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
01:32:32.0174 5704 TBS - ok
01:32:32.0289 5704 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:32:32.0778 5704 Tcpip - ok
01:32:32.0810 5704 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:32:32.0857 5704 TCPIP6 - ok
01:32:32.0934 5704 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:32:33.0006 5704 tcpipreg - ok
01:32:33.0084 5704 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:32:33.0123 5704 TDPIPE - ok
01:32:33.0165 5704 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:32:33.0211 5704 TDTCP - ok
01:32:33.0257 5704 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:32:33.0324 5704 tdx - ok
01:32:33.0369 5704 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
01:32:33.0392 5704 TermDD - ok
01:32:33.0455 5704 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
01:32:33.0550 5704 TermService - ok
01:32:33.0587 5704 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
01:32:33.0624 5704 Themes - ok
01:32:33.0674 5704 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
01:32:33.0726 5704 THREADORDER - ok
01:32:33.0742 5704 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
01:32:33.0806 5704 TrkWks - ok
01:32:33.0886 5704 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:32:33.0949 5704 TrustedInstaller - ok
01:32:33.0995 5704 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:32:34.0051 5704 tssecsrv - ok
01:32:34.0086 5704 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:32:34.0155 5704 TsUsbFlt - ok
01:32:34.0215 5704 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:32:34.0265 5704 tunnel - ok
01:32:34.0297 5704 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
01:32:34.0313 5704 uagp35 - ok
01:32:34.0340 5704 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
01:32:34.0352 5704 UBHelper - ok
01:32:34.0395 5704 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:32:34.0461 5704 udfs - ok
01:32:34.0506 5704 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:32:34.0546 5704 UI0Detect - ok
01:32:34.0603 5704 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:32:34.0628 5704 uliagpkx - ok
01:32:34.0693 5704 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
01:32:34.0719 5704 umbus - ok
01:32:34.0795 5704 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
01:32:34.0837 5704 UmPass - ok
01:32:34.0924 5704 [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
01:32:34.0939 5704 Updater Service - ok
01:32:35.0008 5704 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
01:32:35.0063 5704 upnphost - ok
01:32:35.0134 5704 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:32:35.0162 5704 usbccgp - ok
01:32:35.0199 5704 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:32:35.0243 5704 usbcir - ok
01:32:35.0283 5704 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:32:35.0298 5704 usbehci - ok
01:32:35.0324 5704 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:32:35.0368 5704 usbhub - ok
01:32:35.0399 5704 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:32:35.0414 5704 usbohci - ok
01:32:35.0443 5704 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:32:35.0491 5704 usbprint - ok
01:32:35.0520 5704 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
01:32:35.0585 5704 USBSTOR - ok
01:32:35.0627 5704 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:32:35.0652 5704 usbuhci - ok
01:32:35.0695 5704 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
01:32:35.0738 5704 usbvideo - ok
01:32:35.0761 5704 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
01:32:35.0819 5704 UxSms - ok
01:32:35.0847 5704 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
01:32:35.0863 5704 VaultSvc - ok
01:32:35.0909 5704 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:32:35.0923 5704 vdrvroot - ok
01:32:35.0976 5704 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
01:32:36.0052 5704 vds - ok
01:32:36.0115 5704 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:32:36.0145 5704 vga - ok
01:32:36.0174 5704 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
01:32:36.0235 5704 VgaSave - ok
01:32:36.0280 5704 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:32:36.0308 5704 vhdmp - ok
01:32:36.0344 5704 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
01:32:36.0368 5704 viaide - ok
01:32:36.0410 5704 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:32:36.0425 5704 volmgr - ok
01:32:36.0473 5704 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:32:36.0502 5704 volmgrx - ok
01:32:36.0544 5704 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:32:36.0564 5704 volsnap - ok
01:32:36.0621 5704 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
01:32:36.0638 5704 vsmraid - ok
01:32:36.0706 5704 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
01:32:36.0818 5704 VSS - ok
01:32:36.0855 5704 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
01:32:36.0900 5704 vwifibus - ok
01:32:36.0945 5704 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
01:32:36.0986 5704 vwififlt - ok
01:32:37.0030 5704 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
01:32:37.0066 5704 vwifimp - ok
01:32:37.0145 5704 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
01:32:37.0228 5704 W32Time - ok
01:32:37.0281 5704 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
01:32:37.0319 5704 WacomPen - ok
01:32:37.0377 5704 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:32:37.0439 5704 WANARP - ok
01:32:37.0459 5704 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:32:37.0500 5704 Wanarpv6 - ok
01:32:37.0595 5704 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:32:37.0682 5704 WatAdminSvc - ok
01:32:37.0748 5704 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
01:32:37.0843 5704 wbengine - ok
01:32:37.0875 5704 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:32:37.0920 5704 WbioSrvc - ok
01:32:37.0967 5704 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:32:37.0995 5704 wcncsvc - ok
01:32:38.0030 5704 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:32:38.0102 5704 WcsPlugInService - ok
01:32:38.0132 5704 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
01:32:38.0146 5704 Wd - ok
01:32:38.0191 5704 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:32:38.0224 5704 Wdf01000 - ok
01:32:38.0258 5704 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:32:38.0352 5704 WdiServiceHost - ok
01:32:38.0357 5704 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:32:38.0379 5704 WdiSystemHost - ok
01:32:38.0422 5704 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
01:32:38.0477 5704 WebClient - ok
01:32:38.0503 5704 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:32:38.0577 5704 Wecsvc - ok
01:32:38.0623 5704 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:32:38.0696 5704 wercplsupport - ok
01:32:38.0741 5704 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
01:32:38.0801 5704 WerSvc - ok
01:32:38.0854 5704 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:32:38.0914 5704 WfpLwf - ok
01:32:38.0955 5704 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:32:38.0982 5704 WIMMount - ok
01:32:39.0036 5704 WinDefend - ok
01:32:39.0043 5704 WinHttpAutoProxySvc - ok
01:32:39.0100 5704 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:32:39.0170 5704 Winmgmt - ok
01:32:39.0250 5704 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
01:32:39.0383 5704 WinRM - ok
01:32:39.0456 5704 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
01:32:39.0477 5704 WinUsb - ok
01:32:39.0544 5704 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
01:32:39.0586 5704 Wlansvc - ok
01:32:39.0725 5704 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:32:39.0831 5704 wlidsvc - ok
01:32:39.0922 5704 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:32:39.0968 5704 WmiAcpi - ok
01:32:40.0032 5704 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:32:40.0071 5704 wmiApSrv - ok
01:32:40.0150 5704 WMPNetworkSvc - ok
01:32:40.0201 5704 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:32:40.0232 5704 WPCSvc - ok
01:32:40.0285 5704 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:32:41.0197 5704 WPDBusEnum - ok
01:32:41.0247 5704 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:32:41.0316 5704 ws2ifsl - ok
01:32:41.0414 5704 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
01:32:41.0475 5704 wscsvc - ok
01:32:41.0528 5704 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
01:32:41.0546 5704 WSDPrintDevice - ok
01:32:41.0556 5704 WSearch - ok
01:32:41.0682 5704 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
01:32:41.0949 5704 wuauserv - ok
01:32:42.0024 5704 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:32:42.0079 5704 WudfPf - ok
01:32:42.0122 5704 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:32:42.0191 5704 WUDFRd - ok
01:32:42.0224 5704 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:32:42.0266 5704 wudfsvc - ok
01:32:42.0304 5704 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
01:32:42.0356 5704 WwanSvc - ok
01:32:42.0389 5704 ================ Scan global ===============================
01:32:42.0422 5704 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
01:32:42.0467 5704 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:32:42.0490 5704 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
01:32:42.0520 5704 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
01:32:42.0560 5704 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
01:32:42.0565 5704 [Global] - ok
01:32:42.0566 5704 ================ Scan MBR ==================================
01:32:42.0580 5704 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:32:42.0953 5704 \Device\Harddisk0\DR0 - ok
01:32:42.0954 5704 ================ Scan VBR ==================================
01:32:42.0961 5704 [ 78883B9BEFCD7F69C4399CBE2D1CA76F ] \Device\Harddisk0\DR0\Partition1
01:32:42.0963 5704 \Device\Harddisk0\DR0\Partition1 - ok
01:32:42.0995 5704 [ B11429A99DAEA1B3ECCFBB6CEEBA62E4 ] \Device\Harddisk0\DR0\Partition2
01:32:42.0998 5704 \Device\Harddisk0\DR0\Partition2 - ok
01:32:43.0000 5704 ============================================================
01:32:43.0000 5704 Scan finished
01:32:43.0000 5704 ============================================================
01:32:43.0021 5956 Detected object count: 2
01:32:43.0021 5956 Actual detected object count: 2
01:32:47.0177 5956 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
01:32:47.0177 5956 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:32:47.0178 5956 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
01:32:47.0178 5956 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:35:24.0229 2596 Deinitialize success

#4 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 12:49 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-26 01:32:25
-----------------------------
01:32:25.429 OS Version: Windows x64 6.1.7601 Service Pack 1
01:32:25.430 Number of processors: 2 586 0x170A
01:32:25.431 ComputerName: TDBERG-PC UserName: tdberg
01:32:30.763 Initialize success
01:36:43.504 AVAST engine defs: 12082501
01:37:48.797 The log file has been saved successfully to "C:\Users\tdberg\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-26 01:32:25
-----------------------------
01:32:25.429 OS Version: Windows x64 6.1.7601 Service Pack 1
01:32:25.430 Number of processors: 2 586 0x170A
01:32:25.431 ComputerName: TDBERG-PC UserName: tdberg
01:32:30.763 Initialize success
01:36:43.504 AVAST engine defs: 12082501
01:37:48.797 The log file has been saved successfully to "C:\Users\tdberg\Desktop\aswMBR.txt"
01:37:53.629 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:37:53.633 Disk 0 Vendor: Size: 0MB BusType: 0
01:37:53.716 Disk 0 MBR read successfully
01:37:53.721 Disk 0 MBR scan
01:37:53.765 Disk 0 Windows 7 default MBR code
01:37:53.771 Disk 0 MBR hidden
01:37:53.816 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
01:37:53.935 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
01:37:53.977 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226080 MB offset 25382700
01:37:54.070 Disk 0 scanning C:\Windows\system32\drivers
01:38:19.251 Service scanning
01:39:02.696 Modules scanning
01:39:03.061 Disk 0 trace - called modules:
01:39:03.110 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
01:39:03.117 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005779060]
01:39:03.124 3 CLASSPNP.SYS[fffff88001b4943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004762050]
01:39:04.887 AVAST engine scan C:\Windows
01:39:11.344 AVAST engine scan C:\Windows\system32
01:45:13.118 AVAST engine scan C:\Windows\system32\drivers
01:45:39.777 AVAST engine scan C:\Users\tdberg
01:48:28.936 Disk 0 MBR has been saved successfully to "C:\Users\tdberg\Desktop\MBR.dat"
01:48:28.938 The log file has been saved successfully to "C:\Users\tdberg\Desktop\aswMBR.txt"

#5 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 01:17 AM

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-26 01:32:25
-----------------------------
01:32:25.429 OS Version: Windows x64 6.1.7601 Service Pack 1
01:32:25.430 Number of processors: 2 586 0x170A
01:32:25.431 ComputerName: TDBERG-PC UserName: tdberg
01:32:30.763 Initialize success
01:36:43.504 AVAST engine defs: 12082501
01:37:48.797 The log file has been saved successfully to "C:\Users\tdberg\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-26 01:32:25
-----------------------------
01:32:25.429 OS Version: Windows x64 6.1.7601 Service Pack 1
01:32:25.430 Number of processors: 2 586 0x170A
01:32:25.431 ComputerName: TDBERG-PC UserName: tdberg
01:32:30.763 Initialize success
01:36:43.504 AVAST engine defs: 12082501
01:37:48.797 The log file has been saved successfully to "C:\Users\tdberg\Desktop\aswMBR.txt"
01:37:53.629 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:37:53.633 Disk 0 Vendor: Size: 0MB BusType: 0
01:37:53.716 Disk 0 MBR read successfully
01:37:53.721 Disk 0 MBR scan
01:37:53.765 Disk 0 Windows 7 default MBR code
01:37:53.771 Disk 0 MBR hidden
01:37:53.816 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
01:37:53.935 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
01:37:53.977 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226080 MB offset 25382700
01:37:54.070 Disk 0 scanning C:\Windows\system32\drivers
01:38:19.251 Service scanning
01:39:02.696 Modules scanning
01:39:03.061 Disk 0 trace - called modules:
01:39:03.110 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
01:39:03.117 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005779060]
01:39:03.124 3 CLASSPNP.SYS[fffff88001b4943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004762050]
01:39:04.887 AVAST engine scan C:\Windows
01:39:11.344 AVAST engine scan C:\Windows\system32
01:45:13.118 AVAST engine scan C:\Windows\system32\drivers
01:45:39.777 AVAST engine scan C:\Users\tdberg
01:48:28.936 Disk 0 MBR has been saved successfully to "C:\Users\tdberg\Desktop\MBR.dat"
01:48:28.938 The log file has been saved successfully to "C:\Users\tdberg\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-26 01:51:32
-----------------------------
01:51:32.207 OS Version: Windows x64 6.1.7601 Service Pack 1
01:51:32.208 Number of processors: 2 586 0x170A
01:51:32.208 ComputerName: TDBERG-PC UserName: tdberg
01:51:33.997 Initialize success
01:51:41.066 AVAST engine defs: 12082501
01:51:48.320 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:51:48.323 Disk 0 Vendor: Size: 0MB BusType: 0
01:51:48.360 Disk 0 MBR read successfully
01:51:48.363 Disk 0 MBR scan
01:51:48.368 Disk 0 Windows 7 default MBR code
01:51:48.371 Disk 0 MBR hidden
01:51:48.375 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12291 MB offset 63
01:51:48.446 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 25173855
01:51:48.464 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 226080 MB offset 25382700
01:51:48.541 Disk 0 scanning C:\Windows\system32\drivers
01:52:09.027 Service scanning
01:52:48.024 Modules scanning
01:52:48.033 Disk 0 trace - called modules:
01:52:48.072 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
01:52:48.077 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005779060]
01:52:48.082 3 CLASSPNP.SYS[fffff88001b4943f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004762050]
01:52:49.397 AVAST engine scan C:\Windows
01:52:56.598 AVAST engine scan C:\Windows\system32
01:58:10.962 AVAST engine scan C:\Windows\system32\drivers
01:58:35.360 AVAST engine scan C:\Users\tdberg
02:13:32.976 AVAST engine scan C:\ProgramData
02:15:34.874 Scan finished successfully
02:16:47.016 Disk 0 MBR has been saved successfully to "C:\Users\tdberg\Desktop\MBR.dat"
02:16:47.034 The log file has been saved successfully to "C:\Users\tdberg\Desktop\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:41 PM

Posted 26 August 2012 - 07:18 AM

ESET log?

#7 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 07:46 AM

its still scanning

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:41 PM

Posted 26 August 2012 - 07:48 AM

After ESET scan completes,run these scans too

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#9 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 10:09 AM

C:\Users\tdberg\AppData\Local\Google\Chrome\User Data\Default\Default\icbjencdphkacgdeglablafkoggacknb\contentscript.js Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined
C:\Users\tdberg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\tdberg\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\icbjencdphkacgdeglablafkoggacknb\contentscript.js Win32/TrojanDownloader.Tracur.F trojan cleaned by deleting - quarantined

#10 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 11:29 AM

MBAM showed a clean log on the first scan

#11 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 11:32 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by tdberg (administrator) on 26-08-2012 at 12:30:49
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Broadcom 802.11n Network Adapter = Wireless Network Connection 2 (Connected)
Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : tdberg-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : C4-17-FE-22-7B-7B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 802.11n Network Adapter
Physical Address. . . . . . . . . : C4-17-FE-22-7B-7B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7dbb:aee2:36e5:86f5%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.3(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, August 25, 2012 9:34:37 PM
Lease Expires . . . . . . . . . . : Monday, August 27, 2012 11:31:30 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 331618302
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-FA-F4-2A-70-5A-B6-24-B6-CA
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : 70-5A-B6-24-B6-CA
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0BB43D05-9AF1-4EC4-B060-D57F69FC5D6B}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CCCC0C80-F72F-4B61-BF88-403651BF16F0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F67B5C88-C6AF-4E07-B18C-A3326AB644E0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2cec:1a3a:3f57:fefc(Preferred)
Link-local IPv6 Address . . . . . : fe80::2cec:1a3a:3f57:fefc%22(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:803::1007
173.194.43.40
173.194.43.35
173.194.43.39
173.194.43.46
173.194.43.41
173.194.43.34
173.194.43.33
173.194.43.36
173.194.43.37
173.194.43.32
173.194.43.38


Pinging google.com [173.194.43.41] with 32 bytes of data:
Reply from 173.194.43.41: bytes=32 time=10ms TTL=55
Reply from 173.194.43.41: bytes=32 time=11ms TTL=55

Ping statistics for 173.194.43.41:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 10ms, Maximum = 11ms, Average = 10ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=758ms TTL=51
Reply from 72.30.38.140: bytes=32 time=782ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 758ms, Maximum = 782ms, Average = 770ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
13...c4 17 fe 22 7b 7b ......Microsoft Virtual WiFi Miniport Adapter
11...c4 17 fe 22 7b 7b ......Broadcom 802.11n Network Adapter
10...70 5a b6 24 b6 ca ......Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
22...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.3 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.3 281
192.168.1.3 255.255.255.255 On-link 192.168.1.3 281
192.168.1.255 255.255.255.255 On-link 192.168.1.3 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.3 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.3 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
22 58 ::/0 On-link
1 306 ::1/128 On-link
22 58 2001::/32 On-link
22 306 2001:0:9d38:953c:2cec:1a3a:3f57:fefc/128
On-link
11 281 fe80::/64 On-link
22 306 fe80::/64 On-link
22 306 fe80::2cec:1a3a:3f57:fefc/128
On-link
11 281 fe80::7dbb:aee2:36e5:86f5/128
On-link
1 306 ff00::/8 On-link
22 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 09 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 09 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/26/2012 09:23:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16879

Error: (08/26/2012 09:23:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16879

Error: (08/26/2012 09:23:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/26/2012 09:23:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15850

Error: (08/26/2012 09:23:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15850

Error: (08/26/2012 09:23:37 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/26/2012 09:23:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14789

Error: (08/26/2012 09:23:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14789

Error: (08/26/2012 09:23:36 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/26/2012 09:23:35 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13775


System errors:
=============
Error: (08/26/2012 09:50:35 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/26/2012 09:50:35 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/26/2012 08:38:15 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/26/2012 08:38:15 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/26/2012 01:43:21 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/26/2012 01:43:21 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/26/2012 01:42:22 AM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/26/2012 01:42:22 AM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (08/25/2012 09:35:38 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (08/25/2012 09:35:38 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP BiDi Channel Components Installer (Version: 1.2.0.2)
Acer Arcade Deluxe (Version: 3.0.7029)
Acer Assist
Acer Crystal Eye Webcam (Version: 5.2.5.3)
Acer ePower Management (Version: 4.05.3006)
Acer eRecovery Management (Version: 4.05.3006)
Acer GridVista (Version: 3.01.0730)
Acer Registration (Version: 1.02.3006)
Acer Updater (Version: 1.01.3017)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader 9.5.2 (Version: 9.5.2)
ALPS Touch Pad Driver (Version: Version 7.102.2002.209)
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 3.3.1.3)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.10)
Avira Free Antivirus (Version: 12.0.0.1167)
Bonjour (Version: 2.0.4.0)
Canon Easy-WebPrint EX
Canon iP2700 series Printer Driver
Canon iP2700 series User Registration
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities Solution Menu
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conduit Engine (Version: )
D3DX10 (Version: 15.4.2368.0902)
DivX Setup (Version: 2.6.1.5)
Dropbox (Version: 1.1.45)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
GameXN GO
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
GoToMeeting 4.8.0.722 (Version: 4.8.0.722)
Hardware Helper (Version: 10.0)
HiJackThis (Version: 1.0.0)
Identity Card (Version: 1.00.3003)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Matrix Storage Manager
iTunes (Version: 10.1.2.17)
Java Auto Updater (Version: 2.0.5.1)
Java™ 6 Update 26 (Version: 6.0.260)
Juniper Networks Secure Application Manager (Version: 6.5.0.16789)
Juniper Networks Setup Client (Version: 2.1.5.8537)
Junk Mail filter update (Version: 15.4.3502.0922)
Launch Manager (Version: 3.0.03)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyWinLocker (Version: 3.1.76.0)
NTI Backup Now 5 (Version: 5.1.2.627)
NTI Backup Now Standard (Version: 5.1.2.627)
NTI Media Maker 8 (Version: 8.0.12.6623)
Optimum App for Laptop 1.62 (Version: 1.62)
Outlook Setup Tool (Version: 2.0.14)
QuickTime (Version: 7.71.80.42)
RCA Detective™ 3.0.1.1
RCA easyRip 2.4.9.0
RCA Updater 2.0.5.0
Realtek High Definition Audio Driver (Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30104)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.169)
SpeedyPC Pro (Version: 3.1.4.0)
SpyHunter (Version: 4.9.12.4023)
TuneUp Companion 1.9.0 (Version: 1.9.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vuze Remote Toolbar (Version: 6.3.1.12)
Welcome Center (Version: 1.00.3008)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)

========================= Memory info: ===================================

Percentage of memory in use: 57%
Total physical RAM: 4025.98 MB
Available physical RAM: 1710.98 MB
Total Pagefile: 8050.14 MB
Available Pagefile: 5681.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3971.06 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:220.78 GB) (Free:151.23 GB) NTFS
2 Drive d: (New) (CDROM) (Total:1.18 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\TDBERG-PC

Administrator Guest tdberg


**** End of log ****

#12 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 11:33 AM

Farbar Service Scanner Version: 06-08-2012
Ran by tdberg (administrator) on 26-08-2012 at 12:32:35
Running from "C:\Users\tdberg\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 11:40 AM

# AdwCleaner v1.801 - Logfile created 08/26/2012 at 12:33:55
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : tdberg - TDBERG-PC
# Boot Mode : Normal
# Running from : C:\Users\tdberg\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\tdberg\AppData\Local\Conduit
Folder Deleted : C:\Users\tdberg\AppData\Local\SanctionedMedia
Folder Deleted : C:\Users\tdberg\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\tdberg\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\tdberg\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\tdberg\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\tdberg\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com.tmp
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\SanctionedMedia
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : HKLM\SOFTWARE\Vuze_Remote

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7B859F7-C93F-4C2A-A390-A1BA22C59D44}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD007CFE-5AA2-4884-BB52-CDDE4B060E9D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AD0198E-3044-444F-9E29-A6F465B3F3E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A9426D5-E4C8-40C5-A26F-F0B657E03BB7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F7B859F7-C93F-4C2A-A390-A1BA22C59D44}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Users\tdberg\AppData\Roaming\Mozilla\Firefox\Profiles\l91uw3aa.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\tdberg\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4540 octets] - [26/08/2012 12:33:55]

########## EOF - C:\AdwCleaner[S1].txt - [4668 octets] ##########

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:07:41 PM

Posted 26 August 2012 - 11:43 AM

Download

MpsSvc
BITS

Launch them ,click YES when you get UAC prompt

restart the PC


Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair hosts


Checkmark Restart System When Finished option
click the Start button

System should restart after repair

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#15 tdb74

tdb74
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:41 PM

Posted 26 August 2012 - 12:23 PM

Farbar Service Scanner Version: 06-08-2012
Ran by tdberg (administrator) on 26-08-2012 at 13:22:13
Running from "C:\Users\tdberg\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users