Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Logging into hotmail accesses an IP 46.17.97.109


  • Please log in to reply
9 replies to this topic

#1 SkylighterX

SkylighterX

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 26 August 2012 - 05:12 PM

Hi,

I have malwarebytes and everytime I log into hotmail it says it has blocked access to 46.17.97.109. I have run quickscan and it comes up with nothing. I also downloaded RogueKiller and it comes up with nothing, neither does my Panda Antivirus. But malwarebytes still blocks an attempt to access this IP address everytime I log in to hotmail.

Another time there was an attempted login to 173.241.240.153 but I'm not sure how that occurred or what the circumstances were.

I would appreciate any help with understanding this, is this the result of spyware or trojan?

Thanks.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum, due to the absence of any malware logs in the topic. ~ Animal

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 AM

Posted 26 August 2012 - 08:21 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 SkylighterX

SkylighterX
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 28 August 2012 - 11:34 PM

Thanks narenxp,

Posting the log files here.

03:00:05.0601 14304 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
03:00:07.0603 14304 ============================================================
03:00:07.0603 14304 Current date / time: 2012/08/29 03:00:07.0603
03:00:07.0603 14304 SystemInfo:
03:00:07.0603 14304
03:00:07.0603 14304 OS Version: 6.1.7601 ServicePack: 1.0
03:00:07.0603 14304 Product type: Workstation
03:00:07.0603 14304 ComputerName: ASHFAN-PC
03:00:07.0604 14304 UserName: Ashfan
03:00:07.0604 14304 Windows directory: C:\windows
03:00:07.0604 14304 System windows directory: C:\windows
03:00:07.0604 14304 Processor architecture: Intel x86
03:00:07.0604 14304 Number of processors: 4
03:00:07.0604 14304 Page size: 0x1000
03:00:07.0604 14304 Boot type: Normal boot
03:00:07.0604 14304 ============================================================
03:00:08.0345 14304 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
03:00:08.0347 14304 ============================================================
03:00:08.0347 14304 \Device\Harddisk0\DR0:
03:00:08.0347 14304 MBR partitions:
03:00:08.0347 14304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
03:00:08.0347 14304 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x1C2A9000
03:00:08.0347 14304 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E0DB800, BlocksNum 0x1C2AA000
03:00:08.0347 14304 ============================================================
03:00:08.0387 14304 C: <-> \Device\Harddisk0\DR0\Partition2
03:00:08.0431 14304 D: <-> \Device\Harddisk0\DR0\Partition3
03:00:08.0432 14304 ============================================================
03:00:08.0432 14304 Initialize success
03:00:08.0432 14304 ============================================================
03:00:26.0966 14444 ============================================================
03:00:26.0967 14444 Scan started
03:00:26.0967 14444 Mode: Manual; TDLFS;
03:00:26.0967 14444 ============================================================
03:00:27.0203 14444 ================ Scan system memory ========================
03:00:27.0203 14444 System memory - ok
03:00:27.0206 14444 ================ Scan services =============================
03:00:27.0382 14444 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
03:00:27.0387 14444 1394ohci - ok
03:00:27.0526 14444 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
03:00:27.0529 14444 ACDaemon - ok
03:00:27.0609 14444 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
03:00:27.0614 14444 ACPI - ok
03:00:27.0679 14444 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
03:00:27.0682 14444 AcpiPmi - ok
03:00:27.0754 14444 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
03:00:27.0760 14444 adp94xx - ok
03:00:27.0791 14444 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
03:00:27.0801 14444 adpahci - ok
03:00:27.0821 14444 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
03:00:27.0829 14444 adpu320 - ok
03:00:27.0879 14444 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
03:00:27.0880 14444 AeLookupSvc - ok
03:00:27.0964 14444 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
03:00:27.0971 14444 AFD - ok
03:00:28.0016 14444 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
03:00:28.0018 14444 agp440 - ok
03:00:28.0071 14444 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
03:00:28.0073 14444 aic78xx - ok
03:00:28.0116 14444 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
03:00:28.0118 14444 ALG - ok
03:00:28.0139 14444 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
03:00:28.0144 14444 aliide - ok
03:00:28.0163 14444 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
03:00:28.0168 14444 amdagp - ok
03:00:28.0203 14444 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
03:00:28.0217 14444 amdide - ok
03:00:28.0271 14444 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
03:00:28.0274 14444 AmdK8 - ok
03:00:28.0295 14444 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
03:00:28.0297 14444 AmdPPM - ok
03:00:28.0354 14444 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
03:00:28.0356 14444 amdsata - ok
03:00:28.0402 14444 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
03:00:28.0405 14444 amdsbs - ok
03:00:28.0426 14444 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
03:00:28.0427 14444 amdxata - ok
03:00:28.0464 14444 [ 36B58A8BAFE100DE90C87A3C0E56A3F2 ] AmFSM C:\windows\system32\DRIVERS\amm8660.sys
03:00:28.0466 14444 AmFSM - ok
03:00:28.0536 14444 [ 6B467E791EC470D010BD50E5E98BF467 ] APPFLT C:\windows\system32\Drivers\APPFLT.SYS
03:00:28.0538 14444 APPFLT - ok
03:00:28.0590 14444 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
03:00:28.0593 14444 AppID - ok
03:00:28.0643 14444 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
03:00:28.0644 14444 AppIDSvc - ok
03:00:28.0687 14444 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
03:00:28.0701 14444 Appinfo - ok
03:00:28.0747 14444 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
03:00:28.0752 14444 arc - ok
03:00:28.0785 14444 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
03:00:28.0787 14444 arcsas - ok
03:00:28.0869 14444 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
03:00:28.0871 14444 aspnet_state - ok
03:00:28.0899 14444 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
03:00:28.0902 14444 AsyncMac - ok
03:00:28.0951 14444 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
03:00:28.0953 14444 atapi - ok
03:00:29.0033 14444 [ 8EFA8E1C4C5EEA27951A8DD015FFE4CD ] athr C:\windows\system32\DRIVERS\athr.sys
03:00:29.0053 14444 athr - ok
03:00:29.0127 14444 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
03:00:29.0136 14444 AudioEndpointBuilder - ok
03:00:29.0147 14444 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
03:00:29.0153 14444 Audiosrv - ok
03:00:29.0178 14444 AvFlt - ok
03:00:29.0243 14444 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
03:00:29.0263 14444 AxInstSV - ok
03:00:29.0330 14444 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
03:00:29.0336 14444 b06bdrv - ok
03:00:29.0404 14444 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
03:00:29.0410 14444 b57nd60x - ok
03:00:29.0456 14444 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
03:00:29.0459 14444 BDESVC - ok
03:00:29.0476 14444 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
03:00:29.0479 14444 Beep - ok
03:00:29.0544 14444 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
03:00:29.0551 14444 BFE - ok
03:00:29.0599 14444 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
03:00:29.0715 14444 BITS - ok
03:00:29.0770 14444 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
03:00:29.0772 14444 blbdrive - ok
03:00:29.0814 14444 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
03:00:29.0816 14444 bowser - ok
03:00:29.0843 14444 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
03:00:29.0847 14444 BrFiltLo - ok
03:00:29.0872 14444 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
03:00:29.0873 14444 BrFiltUp - ok
03:00:29.0921 14444 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
03:00:29.0923 14444 Browser - ok
03:00:29.0948 14444 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
03:00:29.0960 14444 Brserid - ok
03:00:29.0991 14444 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
03:00:29.0994 14444 BrSerWdm - ok
03:00:30.0019 14444 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
03:00:30.0025 14444 BrUsbMdm - ok
03:00:30.0031 14444 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
03:00:30.0061 14444 BrUsbSer - ok
03:00:30.0121 14444 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
03:00:30.0124 14444 BthEnum - ok
03:00:30.0138 14444 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
03:00:30.0141 14444 BTHMODEM - ok
03:00:30.0190 14444 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
03:00:30.0193 14444 BthPan - ok
03:00:30.0229 14444 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
03:00:30.0258 14444 BTHPORT - ok
03:00:30.0302 14444 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
03:00:30.0304 14444 bthserv - ok
03:00:30.0326 14444 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
03:00:30.0329 14444 BTHUSB - ok
03:00:30.0369 14444 [ 92C5B845803F3662637EB691AC0B250F ] btusbflt C:\windows\system32\drivers\btusbflt.sys
03:00:30.0371 14444 btusbflt - ok
03:00:30.0431 14444 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
03:00:30.0688 14444 btwaudio - ok
03:00:30.0705 14444 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
03:00:30.0708 14444 btwavdt - ok
03:00:30.0764 14444 [ 0E3EE2BC0EC56BFE869FCDE3E5806684 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
03:00:30.0773 14444 btwdins - ok
03:00:30.0791 14444 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
03:00:30.0798 14444 btwl2cap - ok
03:00:30.0838 14444 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
03:00:30.0840 14444 btwrchid - ok
03:00:30.0897 14444 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
03:00:30.0900 14444 cdfs - ok
03:00:30.0952 14444 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
03:00:30.0956 14444 cdrom - ok
03:00:31.0001 14444 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
03:00:31.0004 14444 CertPropSvc - ok
03:00:31.0020 14444 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
03:00:31.0023 14444 circlass - ok
03:00:31.0056 14444 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
03:00:31.0061 14444 CLFS - ok
03:00:31.0088 14444 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
03:00:31.0091 14444 clr_optimization_v2.0.50727_32 - ok
03:00:31.0192 14444 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
03:00:31.0223 14444 clr_optimization_v4.0.30319_32 - ok
03:00:31.0258 14444 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
03:00:31.0260 14444 CmBatt - ok
03:00:31.0300 14444 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
03:00:31.0303 14444 cmdide - ok
03:00:31.0352 14444 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
03:00:31.0358 14444 CNG - ok
03:00:31.0405 14444 [ D9C33E68F61F27D8206F65B0190DC5CF ] ComFiltr C:\windows\system32\DRIVERS\COMFiltr.sys
03:00:31.0416 14444 ComFiltr - ok
03:00:31.0442 14444 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
03:00:31.0447 14444 Compbatt - ok
03:00:31.0494 14444 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
03:00:31.0496 14444 CompositeBus - ok
03:00:31.0510 14444 COMSysApp - ok
03:00:31.0528 14444 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
03:00:31.0560 14444 crcdisk - ok
03:00:31.0634 14444 [ 06E771AA596B8761107AB57E99F128D7 ] CryptSvc C:\windows\system32\cryptsvc.dll
03:00:31.0638 14444 CryptSvc - ok
03:00:31.0703 14444 [ 914A7156B0C0F10BE645A02E13F576B2 ] DAUpdaterSvc C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
03:00:31.0706 14444 DAUpdaterSvc - ok
03:00:31.0777 14444 [ 0D11A47BD3380A5BD671DEA5C794F46C ] dc3d C:\windows\system32\DRIVERS\dc3d.sys
03:00:31.0780 14444 dc3d - ok
03:00:31.0831 14444 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
03:00:31.0841 14444 DcomLaunch - ok
03:00:31.0867 14444 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
03:00:31.0873 14444 defragsvc - ok
03:00:31.0931 14444 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
03:00:31.0934 14444 DfsC - ok
03:00:31.0963 14444 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
03:00:31.0967 14444 Dhcp - ok
03:00:31.0995 14444 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
03:00:31.0996 14444 discache - ok
03:00:32.0028 14444 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
03:00:32.0029 14444 Disk - ok
03:00:32.0066 14444 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
03:00:32.0069 14444 Dnscache - ok
03:00:32.0113 14444 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
03:00:32.0117 14444 dot3svc - ok
03:00:32.0155 14444 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
03:00:32.0160 14444 DPS - ok
03:00:32.0188 14444 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
03:00:32.0190 14444 drmkaud - ok
03:00:32.0226 14444 [ 5BB0F91FFD84057D094D106D9FF53298 ] DSAFLT C:\windows\system32\Drivers\DSAFLT.SYS
03:00:32.0239 14444 DSAFLT - ok
03:00:32.0292 14444 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
03:00:32.0305 14444 DXGKrnl - ok
03:00:32.0338 14444 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
03:00:32.0342 14444 EapHost - ok
03:00:32.0438 14444 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
03:00:32.0484 14444 ebdrv - ok
03:00:32.0528 14444 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
03:00:32.0530 14444 EFS - ok
03:00:32.0606 14444 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
03:00:32.0617 14444 ehRecvr - ok
03:00:32.0659 14444 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
03:00:32.0744 14444 ehSched - ok
03:00:32.0824 14444 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
03:00:33.0109 14444 elxstor - ok
03:00:33.0120 14444 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
03:00:33.0132 14444 ErrDev - ok
03:00:33.0173 14444 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
03:00:33.0175 14444 EventSystem - ok
03:00:33.0191 14444 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
03:00:33.0194 14444 exfat - ok
03:00:33.0209 14444 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
03:00:33.0211 14444 fastfat - ok
03:00:33.0270 14444 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
03:00:33.0277 14444 Fax - ok
03:00:33.0301 14444 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
03:00:33.0303 14444 fdc - ok
03:00:33.0325 14444 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
03:00:33.0367 14444 fdPHost - ok
03:00:33.0390 14444 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
03:00:33.0392 14444 FDResPub - ok
03:00:33.0409 14444 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
03:00:33.0411 14444 FileInfo - ok
03:00:33.0523 14444 [ 142A7AE58BD1ED496DC063196DB1527E ] FileMonitor C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
03:00:33.0525 14444 FileMonitor - ok
03:00:33.0540 14444 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
03:00:33.0542 14444 Filetrace - ok
03:00:33.0583 14444 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
03:00:33.0585 14444 flpydisk - ok
03:00:33.0613 14444 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
03:00:33.0617 14444 FltMgr - ok
03:00:33.0662 14444 [ A38B9BA7A4C17F7DCE9EC4E8F7870026 ] FNETMON C:\windows\system32\Drivers\fnetmon.SYS
03:00:33.0664 14444 FNETMON - ok
03:00:33.0725 14444 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
03:00:33.0739 14444 FontCache - ok
03:00:33.0813 14444 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
03:00:33.0818 14444 FontCache3.0.0.0 - ok
03:00:33.0847 14444 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
03:00:33.0873 14444 FsDepends - ok
03:00:33.0939 14444 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
03:00:33.0942 14444 fssfltr - ok
03:00:34.0026 14444 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
03:00:34.0042 14444 fsssvc - ok
03:00:34.0089 14444 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
03:00:34.0091 14444 Fs_Rec - ok
03:00:34.0144 14444 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
03:00:34.0148 14444 fvevol - ok
03:00:34.0208 14444 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
03:00:34.0211 14444 gagp30kx - ok
03:00:34.0258 14444 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
03:00:34.0269 14444 gpsvc - ok
03:00:34.0364 14444 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
03:00:34.0366 14444 gupdate - ok
03:00:34.0403 14444 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
03:00:34.0406 14444 gupdatem - ok
03:00:34.0444 14444 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
03:00:34.0695 14444 gusvc - ok
03:00:34.0730 14444 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
03:00:34.0732 14444 hcw85cir - ok
03:00:34.0788 14444 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
03:00:34.0795 14444 HdAudAddService - ok
03:00:34.0830 14444 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
03:00:34.0839 14444 HDAudBus - ok
03:00:34.0865 14444 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
03:00:34.0868 14444 HidBatt - ok
03:00:34.0883 14444 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
03:00:34.0887 14444 HidBth - ok
03:00:34.0903 14444 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
03:00:34.0906 14444 HidIr - ok
03:00:34.0934 14444 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
03:00:34.0937 14444 hidserv - ok
03:00:34.0990 14444 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
03:00:35.0028 14444 HidUsb - ok
03:00:35.0073 14444 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
03:00:35.0075 14444 hkmsvc - ok
03:00:35.0108 14444 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
03:00:35.0113 14444 HomeGroupListener - ok
03:00:35.0152 14444 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
03:00:35.0159 14444 HomeGroupProvider - ok
03:00:35.0198 14444 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
03:00:35.0206 14444 HpSAMD - ok
03:00:35.0278 14444 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
03:00:35.0287 14444 HTTP - ok
03:00:35.0327 14444 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
03:00:35.0328 14444 hwpolicy - ok
03:00:35.0386 14444 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
03:00:35.0390 14444 i8042prt - ok
03:00:35.0435 14444 [ EDF5ECC965FAAA533D35E02F47B9132E ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
03:00:35.0440 14444 iaStor - ok
03:00:35.0517 14444 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
03:00:35.0819 14444 iaStorV - ok
03:00:35.0851 14444 [ C4E887CF7BA2D3624233231AECD34C9D ] IDSFLT C:\windows\system32\Drivers\IDSFLT.SYS
03:00:35.0854 14444 IDSFLT - ok
03:00:35.0917 14444 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
03:00:35.0932 14444 idsvc - ok
03:00:36.0066 14444 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
03:00:36.0166 14444 igfx - ok
03:00:36.0211 14444 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
03:00:36.0213 14444 iirsp - ok
03:00:36.0277 14444 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
03:00:36.0287 14444 IKEEXT - ok
03:00:36.0350 14444 [ 8AE99EBE30E8338907361018D9030835 ] IMFservice C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
03:00:36.0362 14444 IMFservice - ok
03:00:36.0419 14444 [ 2DB41BA61D5E44D0667CF126D35DCF34 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
03:00:36.0423 14444 Impcd - ok
03:00:36.0536 14444 [ 0A0E3C041C20C4175E1CC6580138CA38 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
03:00:36.0565 14444 IntcAzAudAddService - ok
03:00:36.0585 14444 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
03:00:36.0589 14444 intelide - ok
03:00:36.0613 14444 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
03:00:36.0614 14444 intelppm - ok
03:00:36.0644 14444 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
03:00:36.0655 14444 IPBusEnum - ok
03:00:36.0683 14444 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
03:00:36.0685 14444 IpFilterDriver - ok
03:00:36.0723 14444 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
03:00:36.0725 14444 IPMIDRV - ok
03:00:36.0742 14444 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
03:00:36.0745 14444 IPNAT - ok
03:00:36.0773 14444 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
03:00:36.0774 14444 IRENUM - ok
03:00:36.0808 14444 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
03:00:36.0810 14444 isapnp - ok
03:00:36.0836 14444 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
03:00:36.0840 14444 iScsiPrt - ok
03:00:36.0871 14444 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
03:00:36.0873 14444 kbdclass - ok
03:00:36.0929 14444 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
03:00:36.0931 14444 kbdhid - ok
03:00:36.0949 14444 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
03:00:36.0952 14444 KeyIso - ok
03:00:36.0989 14444 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
03:00:36.0992 14444 KSecDD - ok
03:00:37.0034 14444 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
03:00:37.0045 14444 KSecPkg - ok
03:00:37.0085 14444 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
03:00:37.0090 14444 KtmRm - ok
03:00:37.0116 14444 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
03:00:37.0120 14444 LanmanServer - ok
03:00:37.0137 14444 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
03:00:37.0141 14444 LanmanWorkstation - ok
03:00:37.0204 14444 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
03:00:37.0215 14444 lltdio - ok
03:00:37.0244 14444 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
03:00:37.0249 14444 lltdsvc - ok
03:00:37.0267 14444 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
03:00:37.0270 14444 lmhosts - ok
03:00:37.0292 14444 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
03:00:37.0297 14444 LSI_FC - ok
03:00:37.0322 14444 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
03:00:37.0324 14444 LSI_SAS - ok
03:00:37.0348 14444 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
03:00:37.0350 14444 LSI_SAS2 - ok
03:00:37.0380 14444 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
03:00:37.0382 14444 LSI_SCSI - ok
03:00:37.0402 14444 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
03:00:37.0408 14444 luafv - ok
03:00:37.0435 14444 massfilter - ok
03:00:37.0475 14444 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
03:00:37.0477 14444 MBAMProtector - ok
03:00:37.0531 14444 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
03:00:37.0542 14444 MBAMService - ok
03:00:37.0603 14444 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
03:00:37.0606 14444 Mcx2Svc - ok
03:00:37.0637 14444 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
03:00:37.0639 14444 megasas - ok
03:00:37.0670 14444 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
03:00:37.0673 14444 MegaSR - ok
03:00:37.0701 14444 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
03:00:37.0703 14444 MMCSS - ok
03:00:37.0722 14444 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
03:00:37.0724 14444 Modem - ok
03:00:37.0746 14444 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
03:00:37.0747 14444 monitor - ok
03:00:37.0802 14444 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
03:00:37.0804 14444 mouclass - ok
03:00:37.0838 14444 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
03:00:37.0840 14444 mouhid - ok
03:00:37.0875 14444 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
03:00:37.0876 14444 mountmgr - ok
03:00:37.0950 14444 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
03:00:38.0762 14444 MozillaMaintenance - ok
03:00:38.0807 14444 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
03:00:38.0811 14444 mpio - ok
03:00:38.0849 14444 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
03:00:38.0852 14444 mpsdrv - ok
03:00:38.0907 14444 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
03:00:38.0911 14444 MRxDAV - ok
03:00:38.0959 14444 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
03:00:38.0969 14444 mrxsmb - ok
03:00:39.0005 14444 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
03:00:39.0010 14444 mrxsmb10 - ok
03:00:39.0056 14444 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
03:00:39.0060 14444 mrxsmb20 - ok
03:00:39.0109 14444 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
03:00:39.0112 14444 msahci - ok
03:00:39.0146 14444 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
03:00:39.0151 14444 msdsm - ok
03:00:39.0178 14444 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
03:00:39.0181 14444 MSDTC - ok
03:00:39.0212 14444 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
03:00:39.0216 14444 Msfs - ok
03:00:39.0231 14444 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
03:00:39.0232 14444 mshidkmdf - ok
03:00:39.0272 14444 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
03:00:39.0315 14444 msisadrv - ok
03:00:39.0357 14444 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
03:00:39.0378 14444 MSiSCSI - ok
03:00:39.0383 14444 msiserver - ok
03:00:39.0414 14444 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
03:00:39.0416 14444 MSKSSRV - ok
03:00:39.0433 14444 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
03:00:39.0435 14444 MSPCLOCK - ok
03:00:39.0452 14444 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
03:00:39.0455 14444 MSPQM - ok
03:00:39.0470 14444 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
03:00:39.0474 14444 MsRPC - ok
03:00:39.0509 14444 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
03:00:39.0510 14444 mssmbios - ok
03:00:39.0531 14444 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
03:00:39.0536 14444 MSTEE - ok
03:00:39.0575 14444 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
03:00:39.0577 14444 MTConfig - ok
03:00:39.0602 14444 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
03:00:39.0605 14444 Mup - ok
03:00:39.0643 14444 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
03:00:39.0650 14444 napagent - ok
03:00:39.0694 14444 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
03:00:39.0704 14444 NativeWifiP - ok
03:00:39.0750 14444 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\windows\system32\drivers\ndis.sys
03:00:39.0758 14444 NDIS - ok
03:00:39.0775 14444 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
03:00:39.0777 14444 NdisCap - ok
03:00:39.0802 14444 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
03:00:39.0804 14444 NdisTapi - ok
03:00:39.0837 14444 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
03:00:39.0839 14444 Ndisuio - ok
03:00:39.0886 14444 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
03:00:39.0890 14444 NdisWan - ok
03:00:39.0904 14444 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
03:00:39.0907 14444 NDProxy - ok
03:00:39.0915 14444 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
03:00:39.0918 14444 NetBIOS - ok
03:00:39.0972 14444 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
03:00:39.0976 14444 NetBT - ok
03:00:40.0028 14444 [ D8F44FC13DB193C9379297973EE42272 ] NETFLTDI C:\windows\system32\Drivers\NETFLTDI.SYS
03:00:40.0032 14444 NETFLTDI - ok
03:00:40.0079 14444 [ 9DEE136C4863D5065437D07262BB5C40 ] NETIMFLT01060044 C:\windows\system32\DRIVERS\neti1644.sys
03:00:40.0084 14444 NETIMFLT01060044 - ok
03:00:40.0104 14444 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
03:00:40.0107 14444 Netlogon - ok
03:00:40.0168 14444 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
03:00:40.0175 14444 Netman - ok
03:00:40.0204 14444 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
03:00:40.0254 14444 netprofm - ok
03:00:40.0303 14444 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
03:00:40.0307 14444 NetTcpPortSharing - ok
03:00:40.0366 14444 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
03:00:40.0379 14444 nfrd960 - ok
03:00:40.0433 14444 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\windows\System32\nlasvc.dll
03:00:40.0440 14444 NlaSvc - ok
03:00:40.0456 14444 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
03:00:40.0471 14444 Npfs - ok
03:00:40.0508 14444 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
03:00:40.0512 14444 nsi - ok
03:00:40.0533 14444 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
03:00:40.0535 14444 nsiproxy - ok
03:00:40.0616 14444 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\windows\system32\drivers\Ntfs.sys
03:00:40.0968 14444 Ntfs - ok
03:00:40.0989 14444 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
03:00:40.0991 14444 Null - ok
03:00:41.0046 14444 [ 93C0F383B39B1F5FE7203E3270D4CF52 ] NVHDA C:\windows\system32\drivers\nvhda32v.sys
03:00:41.0050 14444 NVHDA - ok
03:00:41.0335 14444 [ 66B4BF606FCC7F0622D4A21BB1461089 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
03:00:41.0783 14444 nvlddmkm - ok
03:00:41.0815 14444 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
03:00:41.0822 14444 nvraid - ok
03:00:41.0865 14444 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
03:00:41.0870 14444 nvstor - ok
03:00:41.0941 14444 [ D122F7C5F79C68868F5DC28CEFEB2ECF ] nvsvc C:\windows\system32\nvvsvc.exe
03:00:41.0958 14444 nvsvc - ok
03:00:42.0064 14444 [ 003CB0A155568B4A53A301F07C734233 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
03:00:42.0098 14444 nvUpdatusService - ok
03:00:42.0143 14444 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
03:00:42.0147 14444 nv_agp - ok
03:00:42.0205 14444 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
03:00:42.0207 14444 OberonGameConsoleService - ok
03:00:42.0322 14444 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
03:00:42.0328 14444 odserv - ok
03:00:42.0373 14444 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
03:00:42.0378 14444 ohci1394 - ok
03:00:42.0424 14444 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
03:00:42.0427 14444 ose - ok
03:00:42.0464 14444 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
03:00:42.0481 14444 p2pimsvc - ok
03:00:42.0519 14444 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
03:00:42.0526 14444 p2psvc - ok
03:00:42.0613 14444 [ 78B7642B0C51F24F0835C0226540D58B ] Panda Software Controller C:\Program Files\Panda Security\Panda Internet Security 2012\PsCtrls.exe
03:00:42.0617 14444 Panda Software Controller - ok
03:00:42.0648 14444 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
03:00:42.0652 14444 Parport - ok
03:00:42.0696 14444 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
03:00:42.0700 14444 partmgr - ok
03:00:42.0723 14444 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
03:00:42.0725 14444 Parvdm - ok
03:00:42.0787 14444 [ 55D654258A9C509B671310C314BD30B4 ] pavboot C:\windows\system32\Drivers\pavboot.sys
03:00:42.0796 14444 pavboot - ok
03:00:42.0831 14444 [ AE848C1613C8738BB83ADAB4F0845E84 ] PAVFNSVR C:\Program Files\Panda Security\Panda Internet Security 2012\PavFnSvr.exe
03:00:42.0834 14444 PAVFNSVR - ok
03:00:42.0880 14444 [ A110035FDC4B8F8F0CD5E71D031274E1 ] PavProc C:\windows\system32\DRIVERS\PavProc.sys
03:00:42.0900 14444 PavProc - ok
03:00:42.0927 14444 [ 2AE3F6B23448443BBEF5DE207159213B ] PavPrSrv C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe
03:00:42.0929 14444 PavPrSrv - ok
03:00:42.0935 14444 PavSRK.sys - ok
03:00:42.0974 14444 [ 97005413310966001FB6F4A5C503149C ] PAVSRV C:\Program Files\Panda Security\Panda Internet Security 2012\pavsrvx86.exe
03:00:42.0978 14444 PAVSRV - ok
03:00:42.0999 14444 PavTPK.sys - ok
03:00:43.0033 14444 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
03:00:43.0038 14444 PcaSvc - ok
03:00:43.0052 14444 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
03:00:43.0056 14444 pci - ok
03:00:43.0093 14444 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
03:00:43.0094 14444 pciide - ok
03:00:43.0122 14444 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
03:00:43.0130 14444 pcmcia - ok
03:00:43.0150 14444 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
03:00:43.0152 14444 pcw - ok
03:00:43.0183 14444 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
03:00:43.0191 14444 PEAUTH - ok
03:00:43.0265 14444 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
03:00:43.0283 14444 pla - ok
03:00:43.0341 14444 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
03:00:43.0349 14444 PlugPlay - ok
03:00:43.0379 14444 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
03:00:43.0395 14444 PNRPAutoReg - ok
03:00:43.0419 14444 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
03:00:43.0423 14444 PNRPsvc - ok
03:00:43.0467 14444 [ 4B30EE7037EA1529F5FC80DE5DC42A30 ] Point32 C:\windows\system32\DRIVERS\point32.sys
03:00:43.0469 14444 Point32 - ok
03:00:43.0519 14444 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
03:00:43.0525 14444 PolicyAgent - ok
03:00:43.0565 14444 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
03:00:43.0568 14444 Power - ok
03:00:43.0601 14444 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
03:00:43.0604 14444 PptpMiniport - ok
03:00:43.0623 14444 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
03:00:43.0624 14444 Processor - ok
03:00:43.0685 14444 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
03:00:43.0690 14444 ProfSvc - ok
03:00:43.0703 14444 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
03:00:43.0705 14444 ProtectedStorage - ok
03:00:43.0724 14444 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
03:00:43.0726 14444 Psched - ok
03:00:43.0794 14444 [ 532053E8E3BB8FA7166AB4E7685FDDCC ] PSHost c:\program files\panda security\panda internet security 2012\firewall\PSHOST.EXE
03:00:43.0801 14444 PSHost - ok
03:00:43.0835 14444 [ 196C450F2779D0B462C444DA4906EA7F ] PSIMSVC C:\Program Files\Panda Security\Panda Internet Security 2012\PsImSvc.exe
03:00:43.0838 14444 PSIMSVC - ok
03:00:43.0876 14444 [ 341457B79B3FC31A80C346C767045879 ] PskSvcRetail C:\Program Files\Panda Security\Panda Internet Security 2012\PskSvc.exe
03:00:43.0877 14444 PskSvcRetail - ok
03:00:43.0919 14444 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
03:00:43.0989 14444 ql2300 - ok
03:00:44.0020 14444 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
03:00:44.0023 14444 ql40xx - ok
03:00:44.0059 14444 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
03:00:44.0082 14444 QWAVE - ok
03:00:44.0099 14444 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
03:00:44.0111 14444 QWAVEdrv - ok
03:00:44.0134 14444 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
03:00:44.0136 14444 RasAcd - ok
03:00:44.0182 14444 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
03:00:44.0184 14444 RasAgileVpn - ok
03:00:44.0208 14444 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
03:00:44.0212 14444 RasAuto - ok
03:00:44.0236 14444 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
03:00:44.0242 14444 Rasl2tp - ok
03:00:44.0298 14444 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
03:00:44.0307 14444 RasMan - ok
03:00:44.0333 14444 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
03:00:44.0335 14444 RasPppoe - ok
03:00:44.0358 14444 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
03:00:44.0360 14444 RasSstp - ok
03:00:44.0406 14444 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
03:00:44.0410 14444 rdbss - ok
03:00:44.0434 14444 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
03:00:44.0437 14444 rdpbus - ok
03:00:44.0480 14444 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
03:00:44.0481 14444 RDPCDD - ok
03:00:44.0538 14444 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
03:00:44.0540 14444 RDPENCDD - ok
03:00:44.0565 14444 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
03:00:44.0566 14444 RDPREFMP - ok
03:00:44.0602 14444 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
03:00:44.0606 14444 RDPWD - ok
03:00:44.0657 14444 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
03:00:44.0662 14444 rdyboost - ok
03:00:44.0712 14444 [ 169C4D45DFCFC2E1027CFBFC2015F142 ] RegFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
03:00:44.0714 14444 RegFilter - ok
03:00:44.0749 14444 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
03:00:44.0784 14444 RemoteAccess - ok
03:00:44.0827 14444 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
03:00:44.0857 14444 RemoteRegistry - ok
03:00:44.0915 14444 [ F85AE59A52885F4B09AADAFB23001A3B ] Rezip C:\windows\SYSTEM32\Rezip.exe
03:00:44.0920 14444 Rezip - ok
03:00:44.0964 14444 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
03:00:44.0967 14444 RFCOMM - ok
03:00:45.0047 14444 [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
03:00:45.0053 14444 RichVideo - ok
03:00:45.0093 14444 [ 616EAC1B0E48B236A5A9B8AE07FDB81C ] RimUsb C:\windows\system32\Drivers\RimUsb.sys
03:00:45.0096 14444 RimUsb - ok
03:00:45.0155 14444 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\windows\system32\DRIVERS\RimSerial.sys
03:00:45.0158 14444 RimVSerPort - ok
03:00:45.0198 14444 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
03:00:45.0204 14444 ROOTMODEM - ok
03:00:45.0252 14444 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
03:00:45.0257 14444 RpcEptMapper - ok
03:00:45.0285 14444 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
03:00:45.0331 14444 RpcLocator - ok
03:00:45.0382 14444 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
03:00:45.0386 14444 RpcSs - ok
03:00:45.0430 14444 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
03:00:45.0457 14444 rspndr - ok
03:00:45.0488 14444 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
03:00:45.0491 14444 RTL8167 - ok
03:00:45.0547 14444 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
03:00:45.0565 14444 SABI - ok
03:00:45.0591 14444 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
03:00:45.0593 14444 SamSs - ok
03:00:45.0640 14444 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
03:00:45.0642 14444 sbp2port - ok
03:00:45.0670 14444 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
03:00:45.0676 14444 SCardSvr - ok
03:00:45.0714 14444 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
03:00:45.0718 14444 scfilter - ok
03:00:45.0780 14444 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
03:00:45.0795 14444 Schedule - ok
03:00:45.0831 14444 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
03:00:45.0833 14444 SCPolicySvc - ok
03:00:45.0863 14444 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
03:00:45.0882 14444 SDRSVC - ok
03:00:45.0934 14444 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
03:00:45.0936 14444 secdrv - ok
03:00:45.0955 14444 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
03:00:45.0958 14444 seclogon - ok
03:00:46.0009 14444 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
03:00:46.0012 14444 SENS - ok
03:00:46.0044 14444 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
03:00:46.0077 14444 SensrSvc - ok
03:00:46.0115 14444 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
03:00:46.0120 14444 Serenum - ok
03:00:46.0151 14444 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
03:00:46.0159 14444 Serial - ok
03:00:46.0176 14444 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
03:00:46.0189 14444 sermouse - ok
03:00:46.0234 14444 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
03:00:46.0238 14444 SessionEnv - ok
03:00:46.0272 14444 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
03:00:46.0278 14444 sffdisk - ok
03:00:46.0296 14444 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
03:00:46.0299 14444 sffp_mmc - ok
03:00:46.0313 14444 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
03:00:46.0315 14444 sffp_sd - ok
03:00:46.0357 14444 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
03:00:46.0366 14444 sfloppy - ok
03:00:46.0397 14444 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
03:00:46.0403 14444 ShellHWDetection - ok
03:00:46.0439 14444 [ 32D6F7632234F0354C79E915CA4613D4 ] ShldDrv C:\windows\system32\DRIVERS\ShlDrv51.sys
03:00:46.0448 14444 ShldDrv - ok
03:00:46.0470 14444 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
03:00:46.0473 14444 sisagp - ok
03:00:46.0514 14444 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
03:00:46.0515 14444 SiSRaid2 - ok
03:00:46.0539 14444 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
03:00:46.0544 14444 SiSRaid4 - ok
03:00:46.0616 14444 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
03:00:46.0621 14444 SkypeUpdate - ok
03:00:46.0649 14444 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
03:00:46.0652 14444 Smb - ok
03:00:46.0703 14444 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
03:00:46.0708 14444 SNMPTRAP - ok
03:00:46.0727 14444 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
03:00:46.0740 14444 spldr - ok
03:00:46.0789 14444 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
03:00:46.0797 14444 Spooler - ok
03:00:46.0886 14444 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
03:00:46.0921 14444 sppsvc - ok
03:00:46.0956 14444 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
03:00:46.0960 14444 sppuinotify - ok
03:00:47.0043 14444 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\windows\system32\Drivers\sptd.sys
03:00:47.0044 14444 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
03:00:47.0046 14444 sptd ( LockedFile.Multi.Generic ) - warning
03:00:47.0046 14444 sptd - detected LockedFile.Multi.Generic (1)
03:00:47.0088 14444 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
03:00:47.0096 14444 srv - ok
03:00:47.0147 14444 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
03:00:47.0175 14444 srv2 - ok
03:00:47.0193 14444 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
03:00:47.0196 14444 srvnet - ok
03:00:47.0235 14444 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
03:00:47.0242 14444 SSDPSRV - ok
03:00:47.0260 14444 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
03:00:47.0266 14444 SstpSvc - ok
03:00:47.0290 14444 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
03:00:47.0292 14444 stexstor - ok
03:00:47.0336 14444 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
03:00:47.0344 14444 StiSvc - ok
03:00:47.0369 14444 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
03:00:47.0372 14444 swenum - ok
03:00:47.0391 14444 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
03:00:47.0398 14444 swprv - ok
03:00:47.0453 14444 [ 215A45246C6E2D0A9C263CE1786C8D8A ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
03:00:47.0459 14444 SynTP - ok
03:00:47.0517 14444 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
03:00:47.0531 14444 SysMain - ok
03:00:47.0567 14444 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
03:00:47.0571 14444 TabletInputService - ok
03:00:47.0609 14444 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
03:00:47.0640 14444 TapiSrv - ok
03:00:47.0675 14444 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
03:00:47.0679 14444 TBS - ok
03:00:47.0754 14444 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] Tcpip C:\windows\system32\drivers\tcpip.sys
03:00:47.0773 14444 Tcpip - ok
03:00:47.0804 14444 [ 7FA2E0F8B072BD04B77B421480B6CC22 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
03:00:47.0812 14444 TCPIP6 - ok
03:00:47.0864 14444 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
03:00:47.0866 14444 tcpipreg - ok
03:00:47.0909 14444 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
03:00:47.0911 14444 TDPIPE - ok
03:00:47.0949 14444 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
03:00:47.0951 14444 TDTCP - ok
03:00:47.0997 14444 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
03:00:48.0000 14444 tdx - ok
03:00:48.0014 14444 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
03:00:48.0015 14444 TermDD - ok
03:00:48.0075 14444 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
03:00:48.0084 14444 TermService - ok
03:00:48.0107 14444 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
03:00:48.0110 14444 Themes - ok
03:00:48.0121 14444 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
03:00:48.0124 14444 THREADORDER - ok
03:00:48.0156 14444 [ EACBB8E02114329DDDECE593AEDC61FE ] TPSrv C:\Program Files\Panda Security\Panda Internet Security 2012\TPSrv.exe
03:00:48.0159 14444 TPSrv - ok
03:00:48.0181 14444 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
03:00:48.0185 14444 TrkWks - ok
03:00:48.0227 14444 [ 113384367C3999E084FE156B18C7625E ] TrojanKillerDriver C:\windows\system32\DRIVERS\gtkdrv.sys
03:00:48.0229 14444 TrojanKillerDriver - ok
03:00:48.0286 14444 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
03:00:48.0290 14444 TrustedInstaller - ok
03:00:48.0335 14444 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
03:00:48.0339 14444 tssecsrv - ok
03:00:48.0388 14444 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
03:00:48.0390 14444 TsUsbFlt - ok
03:00:48.0447 14444 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
03:00:48.0453 14444 tunnel - ok
03:00:48.0487 14444 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
03:00:48.0493 14444 uagp35 - ok
03:00:48.0528 14444 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
03:00:48.0532 14444 udfs - ok
03:00:48.0581 14444 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
03:00:48.0586 14444 UI0Detect - ok
03:00:48.0634 14444 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
03:00:48.0636 14444 uliagpkx - ok
03:00:48.0691 14444 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
03:00:48.0693 14444 umbus - ok
03:00:48.0710 14444 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
03:00:48.0713 14444 UmPass - ok
03:00:48.0740 14444 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
03:00:48.0746 14444 upnphost - ok
03:00:48.0802 14444 [ BAD56000F6F64C8E98F67DAFE6EB7444 ] UrlFilter C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
03:00:48.0817 14444 UrlFilter - ok
03:00:48.0868 14444 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
03:00:48.0870 14444 usbccgp - ok
03:00:48.0909 14444 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
03:00:48.0912 14444 usbcir - ok
03:00:48.0954 14444 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
03:00:48.0957 14444 usbehci - ok
03:00:49.0016 14444 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
03:00:49.0020 14444 usbhub - ok
03:00:49.0060 14444 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
03:00:49.0064 14444 usbohci - ok
03:00:49.0104 14444 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
03:00:49.0104 14444 usbprint - ok
03:00:49.0118 14444 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
03:00:49.0119 14444 USBSTOR - ok
03:00:49.0160 14444 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
03:00:49.0177 14444 usbuhci - ok
03:00:49.0253 14444 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
03:00:49.0258 14444 usbvideo - ok
03:00:49.0289 14444 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
03:00:49.0295 14444 UxSms - ok
03:00:49.0314 14444 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
03:00:49.0317 14444 VaultSvc - ok
03:00:49.0357 14444 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
03:00:49.0373 14444 vdrvroot - ok
03:00:49.0413 14444 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
03:00:49.0535 14444 vds - ok
03:00:49.0578 14444 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
03:00:49.0584 14444 vga - ok
03:00:49.0610 14444 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
03:00:49.0612 14444 VgaSave - ok
03:00:49.0653 14444 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
03:00:49.0657 14444 vhdmp - ok
03:00:49.0679 14444 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
03:00:49.0681 14444 viaagp - ok
03:00:49.0698 14444 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
03:00:49.0700 14444 ViaC7 - ok
03:00:49.0736 14444 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
03:00:49.0740 14444 viaide - ok
03:00:49.0755 14444 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
03:00:49.0758 14444 volmgr - ok
03:00:49.0779 14444 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
03:00:49.0783 14444 volmgrx - ok
03:00:49.0807 14444 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
03:00:49.0809 14444 volsnap - ok
03:00:49.0858 14444 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
03:00:49.0862 14444 vsmraid - ok
03:00:49.0923 14444 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
03:00:49.0943 14444 VSS - ok
03:00:49.0966 14444 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
03:00:49.0981 14444 vwifibus - ok
03:00:50.0020 14444 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
03:00:50.0023 14444 vwififlt - ok
03:00:50.0061 14444 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
03:00:50.0066 14444 W32Time - ok
03:00:50.0095 14444 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
03:00:50.0096 14444 WacomPen - ok
03:00:50.0121 14444 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
03:00:50.0127 14444 WANARP - ok
03:00:50.0134 14444 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
03:00:50.0136 14444 Wanarpv6 - ok
03:00:50.0204 14444 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
03:00:50.0222 14444 WatAdminSvc - ok
03:00:50.0293 14444 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
03:00:50.0356 14444 wbengine - ok
03:00:50.0403 14444 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
03:00:50.0408 14444 WbioSrvc - ok
03:00:50.0450 14444 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
03:00:50.0461 14444 wcncsvc - ok
03:00:50.0504 14444 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
03:00:50.0518 14444 WcsPlugInService - ok
03:00:50.0574 14444 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
03:00:50.0583 14444 Wd - ok
03:00:50.0623 14444 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
03:00:50.0634 14444 Wdf01000 - ok
03:00:50.0648 14444 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
03:00:50.0651 14444 WdiServiceHost - ok
03:00:50.0658 14444 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
03:00:50.0661 14444 WdiSystemHost - ok
03:00:50.0706 14444 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
03:00:50.0711 14444 WebClient - ok
03:00:50.0733 14444 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
03:00:50.0746 14444 Wecsvc - ok
03:00:50.0766 14444 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
03:00:50.0771 14444 wercplsupport - ok
03:00:50.0807 14444 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
03:00:50.0811 14444 WerSvc - ok
03:00:50.0849 14444 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
03:00:50.0851 14444 WfpLwf - ok
03:00:50.0867 14444 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
03:00:50.0869 14444 WIMMount - ok
03:00:50.0879 14444 WinHttpAutoProxySvc - ok
03:00:50.0949 14444 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
03:00:50.0954 14444 Winmgmt - ok
03:00:51.0017 14444 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
03:00:51.0035 14444 WinRM - ok
03:00:51.0102 14444 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
03:00:51.0104 14444 WinUsb - ok
03:00:51.0147 14444 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
03:00:51.0158 14444 Wlansvc - ok
03:00:51.0265 14444 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
03:00:51.0288 14444 wlidsvc - ok
03:00:51.0334 14444 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
03:00:51.0338 14444 WmiAcpi - ok
03:00:51.0380 14444 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
03:00:51.0497 14444 wmiApSrv - ok
03:00:51.0594 14444 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
03:00:51.0611 14444 WMPNetworkSvc - ok
03:00:51.0655 14444 [ 0411D0433E8C48AD24B2EF32D7C97AE0 ] WNMFLT C:\windows\system32\Drivers\WNMFLT.SYS
03:00:51.0656 14444 WNMFLT - ok
03:00:51.0692 14444 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
03:00:51.0696 14444 WPCSvc - ok
03:00:51.0744 14444 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
03:00:51.0751 14444 WPDBusEnum - ok
03:00:51.0779 14444 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
03:00:51.0781 14444 ws2ifsl - ok
03:00:51.0792 14444 WSearch - ok
03:00:51.0869 14444 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
03:00:51.0920 14444 wuauserv - ok
03:00:51.0948 14444 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
03:00:51.0951 14444 WudfPf - ok
03:00:52.0002 14444 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
03:00:52.0004 14444 WUDFRd - ok
03:00:52.0056 14444 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\windows\System32\WUDFSvc.dll
03:00:52.0061 14444 wudfsvc - ok
03:00:52.0101 14444 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
03:00:52.0107 14444 WwanSvc - ok
03:00:52.0156 14444 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
03:00:52.0160 14444 yukonw7 - ok
03:00:52.0197 14444 ZTEusbmdm6k - ok
03:00:52.0214 14444 ZTEusbnmea - ok
03:00:52.0245 14444 ZTEusbser6k - ok
03:00:52.0281 14444 ================ Scan global ===============================
03:00:52.0317 14444 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
03:00:52.0353 14444 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
03:00:52.0365 14444 [ 183B4188D5D91B271613EC3EFD1B3CEF ] C:\windows\system32\winsrv.dll
03:00:52.0402 14444 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
03:00:52.0428 14444 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
03:00:52.0435 14444 [Global] - ok
03:00:52.0435 14444 ================ Scan MBR ==================================
03:00:52.0449 14444 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
03:00:52.0870 14444 \Device\Harddisk0\DR0 - ok
03:00:52.0871 14444 ================ Scan VBR ==================================
03:00:52.0891 14444 [ 119949CFC487A90429B7854AEF53963A ] \Device\Harddisk0\DR0\Partition1
03:00:52.0892 14444 \Device\Harddisk0\DR0\Partition1 - ok
03:00:52.0901 14444 [ 3FA14B4732FEF46E702661219F110064 ] \Device\Harddisk0\DR0\Partition2
03:00:52.0902 14444 \Device\Harddisk0\DR0\Partition2 - ok
03:00:52.0926 14444 [ BC6F0693644A818C4966CA8EC62738BB ] \Device\Harddisk0\DR0\Partition3
03:00:52.0928 14444 \Device\Harddisk0\DR0\Partition3 - ok
03:00:52.0928 14444 ============================================================
03:00:52.0928 14444 Scan finished
03:00:52.0928 14444 ============================================================
03:00:52.0941 12828 Detected object count: 1
03:00:52.0941 12828 Actual detected object count: 1
03:01:59.0186 12828 sptd ( LockedFile.Multi.Generic ) - skipped by user
03:01:59.0186 12828 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
03:02:11.0981 13708 Deinitialize success



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-29 03:03:37
-----------------------------
03:03:37.170 OS Version: Windows 6.1.7601 Service Pack 1
03:03:37.170 Number of processors: 4 586 0x2502
03:03:37.175 ComputerName: ASHFAN-PC UserName: Ashfan
03:03:47.070 Initialize success
03:06:11.025 AVAST engine defs: 12082803
03:11:16.741 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
03:11:16.745 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 476940MB BusType: 3
03:11:16.782 Disk 0 MBR read successfully
03:11:16.787 Disk 0 MBR scan
03:11:16.814 Disk 0 unknown MBR code
03:11:16.835 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 15360 MB offset 2048
03:11:16.856 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 31459328
03:11:16.879 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 230738 MB offset 31664128
03:11:16.917 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 230740 MB offset 504215552
03:11:16.925 Disk 0 scanning sectors +976771072
03:11:16.983 Disk 0 scanning C:\windows\system32\drivers
03:11:30.374 Service scanning
03:11:53.634 Service sptd C:\windows\System32\Drivers\sptd.sys **LOCKED** 32
03:12:01.448 Modules scanning
03:12:14.397 Disk 0 trace - called modules:
03:12:14.427 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys speu.sys halmacpi.dll >>UNKNOWN [0x85f4f938]<<
03:12:14.444 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x888bd700]
03:12:14.449 3 CLASSPNP.SYS[8c6a659e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86d1c028]
03:12:16.245 AVAST engine scan C:\windows
03:12:20.644 AVAST engine scan C:\windows\system32
03:16:20.650 AVAST engine scan C:\windows\system32\drivers
03:16:48.443 AVAST engine scan C:\Users\Ashfan
03:23:44.746 Disk 0 MBR has been saved successfully to "C:\Users\Ashfan\Desktop\MBR.dat"
03:23:44.755 The log file has been saved successfully to "C:\Users\Ashfan\Desktop\aswMBR.txt"


C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe a variant of Win32/1AntiVirus application cleaned by deleting - quarantined
C:\Users\Ashfan\AppData\Local\Temp\jar_cache4226317765736023778.tmp Java/Exploit.Agent.NDB trojan cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 AM

Posted 28 August 2012 - 11:36 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 SkylighterX

SkylighterX
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 29 August 2012 - 10:31 PM

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.28.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Ashfan :: ASHFAN-PC [administrator]

Protection: Enabled

29/08/2012 1:54:16 PM
mbam-log-2012-08-29 (13-54-16).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 469989
Time elapsed: 2 hour(s), 24 minute(s), 18 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Ashfan (administrator) on 30-08-2012 at 04:23:21
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.backup.ftp", ""
"network.proxy.backup.ftp_port", 0
"network.proxy.backup.socks", ""
"network.proxy.backup.socks_port", 0
"network.proxy.backup.ssl", ""
"network.proxy.backup.ssl_port", 0
"network.proxy.ftp", "192.168.21.253"
"network.proxy.ftp_port", 3128
"network.proxy.http", "192.168.21.253"
"network.proxy.http_port", 3128
"network.proxy.share_proxy_settings", true
"network.proxy.socks", "192.168.21.253"
"network.proxy.socks_port", 3128
"network.proxy.ssl", "192.168.21.253"
"network.proxy.ssl_port", 3128
"network.proxy.type", 4

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Marvell Yukon 88E8059 Family PCI-E Gigabit Ethernet Controller = Local Area Connection (Connected)
Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Ashfan-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : customer.lon4.opal.lan

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : C4-17-FE-D7-D8-4D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : customer.lon4.opal.lan
Description . . . . . . . . . . . : Marvell Yukon 88E8059 Family PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 00-24-54-77-14-4F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8535:b025:e61d:7c84%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.129.1.224(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.192.0
Lease Obtained. . . . . . . . . . : August-29-12 1:47:42 PM
Lease Expires . . . . . . . . . . : August-30-12 4:33:15 AM
Default Gateway . . . . . . . . . : 10.129.0.1
DHCP Server . . . . . . . . . . . : 10.129.0.1
DHCPv6 IAID . . . . . . . . . . . : 285221972
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-CB-73-0F-00-24-54-38-46-6F
DNS Servers . . . . . . . . . . . : 10.129.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{23A1735A-B9CB-430C-B870-7BAFD061A6B7}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{AC7C822F-E2CA-493F-A393-405CB6CDCB2F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.customer.lon4.opal.lan:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: gw.customer.lon4.opal.lan
Address: 10.129.0.1

Name: google.com
Addresses: 2a00:1450:4009:809::1006
173.194.41.165
173.194.41.166
173.194.41.167
173.194.41.168
173.194.41.169
173.194.41.174
173.194.41.160
173.194.41.161
173.194.41.162
173.194.41.163
173.194.41.164


Pinging google.com [173.194.41.164] with 32 bytes of data:
Reply from 173.194.41.164: bytes=32 time=4ms TTL=58
Reply from 173.194.41.164: bytes=32 time=4ms TTL=58

Ping statistics for 173.194.41.164:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 4ms, Average = 4ms
Server: gw.customer.lon4.opal.lan
Address: 10.129.0.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=207ms TTL=54
Reply from 72.30.38.140: bytes=32 time=284ms TTL=54

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 207ms, Maximum = 284ms, Average = 245ms
Server: gw.customer.lon4.opal.lan
Address: 10.129.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=10ms TTL=128
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 5ms, Maximum = 10ms, Average = 7ms
===========================================================================
Interface List
15...c4 17 fe d7 d8 4d ......Atheros AR9285 Wireless Network Adapter
12...00 24 54 77 14 4f ......Marvell Yukon 88E8059 Family PCI-E Gigabit Ethernet Controller
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.129.0.1 10.129.1.224 20
10.129.0.0 255.255.192.0 On-link 10.129.1.224 276
10.129.1.224 255.255.255.255 On-link 10.129.1.224 276
10.129.63.255 255.255.255.255 On-link 10.129.1.224 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.129.1.224 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.129.1.224 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
12 276 fe80::8535:b025:e61d:7c84/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 09 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()
Catalog9 20 mswsock.dll [File Not found] ()
Catalog9 21 mswsock.dll [File Not found] ()
Catalog9 22 mswsock.dll [File Not found] ()
Catalog9 23 mswsock.dll [File Not found] ()
Catalog9 24 mswsock.dll [File Not found] ()
Catalog9 25 mswsock.dll [File Not found] ()
Catalog9 26 mswsock.dll [File Not found] ()
Catalog9 27 mswsock.dll [File Not found] ()
Catalog9 28 mswsock.dll [File Not found] ()
Catalog9 29 mswsock.dll [File Not found] ()
Catalog9 30 mswsock.dll [File Not found] ()
Catalog9 31 mswsock.dll [File Not found] ()
Catalog9 32 mswsock.dll [File Not found] ()
Catalog9 33 mswsock.dll [File Not found] ()
Catalog9 34 mswsock.dll [File Not found] ()
Catalog9 35 mswsock.dll [File Not found] ()
Catalog9 36 mswsock.dll [File Not found] ()
Catalog9 37 mswsock.dll [File Not found] ()
Catalog9 38 mswsock.dll [File Not found] ()
Catalog9 39 mswsock.dll [File Not found] ()
Catalog9 40 mswsock.dll [File Not found] ()
Catalog9 41 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/30/2012 00:38:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/30/2012 00:38:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/30/2012 00:32:42 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/30/2012 00:32:29 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/30/2012 00:31:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/30/2012 00:30:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/27/2012 09:58:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/27/2012 09:58:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/27/2012 09:56:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/27/2012 09:55:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (08/28/2012 07:04:18 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR9.

Error: (08/28/2012 06:18:36 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:24 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (08/28/2012 06:18:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (08/24/2012 03:46:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 343267 seconds with 6000 seconds of active time. This session ended with a crash.

Error: (08/23/2012 07:45:14 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 271167 seconds with 25680 seconds of active time. This session ended with a crash.

Error: (06/04/2011 02:49:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/02/2011 11:03:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/06/2011 03:20:10 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/05/2011 01:44:28 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Adobe AIR (Version: 2.0.3.13070)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.2.202.235)
Adobe Reader 9.5.2 (Version: 9.5.2)
Adobe Shockwave Player 11.6 (Version: 11.6.4.634)
Airline Tycoon
Alice Greenfingers
AnyPC Client (Version: 1.0.0.23)
Apple Application Support (Version: 2.1.5)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Print Creations - Brochures & Flyers
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations (Version: 2.8.255.292)
Atheros Client Installation Program (Version: 1.0.1.0805)
BatteryLifeExtender (Version: 1.0.1)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
BlackBerry Device Software Updater (Version: 6.0.1.37)
ChargeableUSB (Version: 1.0.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CutePDF Writer 2.8
CyberLink DVD Suite (Version: 6.0.2806)
CyberLink LabelPrint (Version: 2.5.1916)
CyberLink Power2Go (Version: 6.0.3108a)
CyberLink PowerDirector (Version: 7.0.3213)
CyberLink PowerDVD 8 (Version: 8.0.2815b)
CyberLink PowerProducer (Version: 5.0.1.1812)
CyberLink YouCam (Version: 2.0.3304)
D3DX10 (Version: 15.4.2368.0902)
Dairy Dash
Dragon Age: Origins (Version: 1.04)
Dreamfall (Version: 1.00.0000)
Dropbox (Version: 1.3.35)
Easy Display Manager (Version: 3.0)
Easy Network Manager (Version: 4.2.6)
Easy SpeedUp Manager (Version: 3.0.0.5)
EasyBatteryManager (Version: 4.0.0.3)
EasyBits GO
ESET Online Scanner v3
Farm Frenzy 2
Game Pack (Version: 5.3.0.10)
Go-Go Gourmet
Google Talk (remove only)
Google Talk Plugin (Version: 2.9.10.7526)
Google Update Helper (Version: 1.3.21.115)
Intel PROSet Wireless
Intel® PROSet/Wireless WiFi Software (Version: 13.00.0000)
Intel® Rapid Storage Technology (Version: 9.5.4.1001)
Intel® Turbo Boost Technology Driver (Version: 01.00.01.1002)
IObit Malware Fighter (Version: 1.0)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Mega Codec Pack 5.0.0 (Version: 5.0.0)
Loan Performer 8.06.01 (Version: 8.06.01)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Marvell Miniport Driver (Version: 11.22.3.3)
Mass Effect (Version: 1.00)
Mass Effect 2 (Version: 1.02)
Mass Effect™ 3 Demo (Version: 1.0.0.0)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Mouse and Keyboard Center (Version: 1.1.500.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Monopoly Here & Now Edition (Version: 1.0.18.272)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Control Panel 285.62 (Version: 285.62)
NVIDIA Graphics Driver 285.62 (Version: 285.62)
NVIDIA HD Audio Driver 1.2.24.0 (Version: 1.2.24.0)
NVIDIA Install Application (Version: 2.1002.46.235)
NVIDIA PhysX (Version: 9.11.0621)
NVIDIA PhysX System Software 9.11.0621 (Version: 9.11.0621)
NVIDIA Update 1.5.20 (Version: 1.5.20)
NVIDIA Update Components (Version: 1.5.20)
Oblivion (Version: 1.00.0000)
Origin (Version: 8.5.0.4554)
Panda Internet Security 2012 (Version: 17.01.00)
Panda Secure Vault 5
Pando Media Booster (Version: 2.6.0.8)
Picasa 3 (Version: 3.8)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5969)
REALTEK Wireless LAN Software (Version: 1.01.0088)
Samsung R-Series (Version: 1.0)
Samsung Recovery Solution 4 (Version: 4.0.0.4)
Samsung Support Center (Version: 1.0.21)
Samsung Update Plus (Version: 2.0)
Sid Meier's Civilization 4 Complete (Version: 1.74)
Sid Meier's Civilization IV Colonization (Version: 1.00)
Skype™ 5.10 (Version: 5.10.116)
SkyTeam TravelDesk
Star Alliance TravelDesk
Star Trek Online
Star Wars: The Old Republic (Version: 1.00)
Star Wars®: Knights of the Old Republic ™
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 14.0.10.0)
System Requirements Lab
The Game Of Life
Trojan Killer (Version: 2.1.2.8)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User Guide (Version: 1.0)
Vuze (Version: 4.6)
WIDCOMM Bluetooth Software (Version: 6.2.1.800)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR archiver

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 3060.56 MB
Available physical RAM: 1419.89 MB
Total Pagefile: 6119.4 MB
Available Pagefile: 3167.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1924.01 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:225.33 GB) (Free:69.84 GB) NTFS
2 Drive d: () (Fixed) (Total:225.33 GB) (Free:31.92 GB) NTFS

========================= Users: ========================================

User accounts for \\ASHFAN-PC

Administrator Ashfan ASPNET
Guest UpdatusUser


**** End of log ****


Farbar Service Scanner Version: 06-08-2012
Ran by Ashfan (administrator) on 30-08-2012 at 04:27:14
Running from "C:\Users\Ashfan\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
Unable to retrieve ServiceDll of MpsSvc. The value does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****


I didn't run adware because no infections were found but also I need to keep working on everything that I am for school, so I can run this in a few days... so far everything is fine I think. I actually also got rid of the hotmail issue by going into messenger and deleting some contacts that seemed non-legit, as in I didn't know them. I think someone sent me an advice about this! Other than that, is there anything else wrong with my computer or is it clean now?

Thanks so much for all your help!!!!!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 AM

Posted 29 August 2012 - 10:40 PM

I didn't run adware because no infections were found


Please run it and post the log


Download

Service fix

Run it

Restart the PC,post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 SkylighterX

SkylighterX
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 31 August 2012 - 07:52 PM

I copied everything but not sure if it copied correctly, here were the results:


# AdwCleaner v1.801 - Logfile created 09/01/2012 at 01:06:14
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Ashfan - ASHFAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Ashfan\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Ashfan\AppData\Local\Temp\TempDir
Folder Deleted : C:\Users\Ashfan\AppData\Roaming\OpenCandy
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****


***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Ashfan\AppData\Roaming\Mozilla\Firefox\Profiles\31sqsr1s.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [293 octets] - [30/08/2012 04:28:51]
AdwCleaner[S2].txt - [1080 octets] - [01/09/2012 01:06:14]

########## EOF - C:\AdwCleaner[S2].txt - [1208 octets] ##########



Farbar Service Scanner Version: 06-08-2012
Ran by Ashfan (administrator) on 01-09-2012 at 01:41:20
Running from "C:\Users\Ashfan\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of MpsSvc. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of MpsSvc. The value does not exist.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.


File Check:
========
C:\windows\system32\nsisvc.dll => MD5 is legit
C:\windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\windows\system32\dhcpcore.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\tdx.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\mpssvc.dll => MD5 is legit
C:\windows\system32\bfe.dll => MD5 is legit
C:\windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\windows\system32\SDRSVC.dll => MD5 is legit
C:\windows\system32\vssvc.exe => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuaueng.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit


**** End of log ****




RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Ashfan [Admin rights]
Mode : Scan -- Date : 09/01/2012 01:48:47

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM500JI +++++
--- User ---
[MBR] eb3e88a31702d217bf3895d89afdb8ff
[BSP] d58164438e3332eacb003416f2f6ecb2 : KIWI Image system MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 230738 Mo
3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 504215552 | Size: 230740 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 AM

Posted 31 August 2012 - 09:16 PM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 SkylighterX

SkylighterX
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:31 AM

Posted 02 September 2012 - 09:16 AM

Thanks for all the help narenxp, your assistance was invaluable!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:31 AM

Posted 02 September 2012 - 09:19 AM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users