Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to stop pop ups and re directs.....


  • Please log in to reply
9 replies to this topic

#1 bgduggan

bgduggan

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 03 September 2012 - 09:16 AM

Hello to all,

I have a relativly new PC running Windows 7. I had been using Mcafee antivirus and do not visit anything I do not recognise, but now with Pop up Blocker on I get Pop ups on the bottom left and right of my screen and am regularly re directed to Be in home sites etc.

I started toi solve the issue through Mcafee but they eventually wanted £75 to have an engineer look at, dispite the scans saying the computer was safe.. I have started using Microsoft security Essentials after a friends advice, but that says I am safe.....

I went through a period shortly after noticing the issue, where the computer would not start and blue screens would appear, a friend talked me through restoring windows to a previous date and then advised using different browsers (Chrome etc), but I still have the same pop up and re direct issue.

I have scanned a number of sites, and they all seem to point to this site for anything that the usual spybot downloads do not fix.

Any advice would be very gratefully recieved. Thanks in advance

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 03 September 2012 - 09:20 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 bgduggan

bgduggan
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 03 September 2012 - 11:53 AM

Hi Naren,

Thanks for your quick response. Please find the Logs below, TDSSKiller first then aswMBR. ESET did not pick up a threat so does not appear.

Here goes:

15:22:34.0177 5740 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:22:34.0308 5740 ============================================================
15:22:34.0308 5740 Current date / time: 2012/09/03 15:22:34.0308
15:22:34.0308 5740 SystemInfo:
15:22:34.0308 5740
15:22:34.0309 5740 OS Version: 6.1.7601 ServicePack: 1.0
15:22:34.0309 5740 Product type: Workstation
15:22:34.0309 5740 ComputerName: BENJAMIN-PC
15:22:34.0309 5740 UserName: BENJAMIN
15:22:34.0309 5740 Windows directory: C:\Windows
15:22:34.0309 5740 System windows directory: C:\Windows
15:22:34.0309 5740 Running under WOW64
15:22:34.0309 5740 Processor architecture: Intel x64
15:22:34.0309 5740 Number of processors: 2
15:22:34.0309 5740 Page size: 0x1000
15:22:34.0309 5740 Boot type: Normal boot
15:22:34.0309 5740 ============================================================
15:22:35.0065 5740 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:22:35.0244 5740 ============================================================
15:22:35.0244 5740 \Device\Harddisk0\DR0:
15:22:35.0244 5740 MBR partitions:
15:22:35.0244 5740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x155F000
15:22:35.0244 5740 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1582800, BlocksNum 0x492D5000
15:22:35.0244 5740 ============================================================
15:22:35.0276 5740 C: <-> \Device\Harddisk0\DR0\Partition2
15:22:35.0276 5740 ============================================================
15:22:35.0276 5740 Initialize success
15:22:35.0276 5740 ============================================================
15:22:54.0980 2100 ============================================================
15:22:54.0980 2100 Scan started
15:22:54.0980 2100 Mode: Manual; TDLFS;
15:22:54.0980 2100 ============================================================
15:22:55.0211 2100 ================ Scan system memory ========================
15:22:55.0211 2100 System memory - ok
15:22:55.0212 2100 ================ Scan services =============================
15:22:55.0348 2100 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:22:55.0353 2100 1394ohci - ok
15:22:55.0405 2100 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:22:55.0410 2100 ACPI - ok
15:22:55.0452 2100 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:22:55.0453 2100 AcpiPmi - ok
15:22:55.0578 2100 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:22:55.0579 2100 AdobeARMservice - ok
15:22:55.0651 2100 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:22:55.0655 2100 AdobeFlashPlayerUpdateSvc - ok
15:22:55.0700 2100 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:22:55.0716 2100 adp94xx - ok
15:22:55.0765 2100 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:22:55.0771 2100 adpahci - ok
15:22:55.0806 2100 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:22:55.0810 2100 adpu320 - ok
15:22:55.0845 2100 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:22:55.0846 2100 AeLookupSvc - ok
15:22:55.0895 2100 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:22:55.0910 2100 AFD - ok
15:22:55.0967 2100 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:22:55.0969 2100 agp440 - ok
15:22:55.0989 2100 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:22:55.0992 2100 ALG - ok
15:22:56.0011 2100 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:22:56.0012 2100 aliide - ok
15:22:56.0021 2100 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:22:56.0022 2100 amdide - ok
15:22:56.0041 2100 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:22:56.0043 2100 AmdK8 - ok
15:22:56.0057 2100 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:22:56.0058 2100 AmdPPM - ok
15:22:56.0090 2100 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:22:56.0092 2100 amdsata - ok
15:22:56.0108 2100 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:22:56.0111 2100 amdsbs - ok
15:22:56.0124 2100 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:22:56.0125 2100 amdxata - ok
15:22:56.0169 2100 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:22:56.0171 2100 AppID - ok
15:22:56.0185 2100 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:22:56.0187 2100 AppIDSvc - ok
15:22:56.0222 2100 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:22:56.0224 2100 Appinfo - ok
15:22:56.0308 2100 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:22:56.0310 2100 Apple Mobile Device - ok
15:22:56.0323 2100 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:22:56.0329 2100 arc - ok
15:22:56.0373 2100 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:22:56.0375 2100 arcsas - ok
15:22:56.0398 2100 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:22:56.0399 2100 AsyncMac - ok
15:22:56.0438 2100 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:22:56.0439 2100 atapi - ok
15:22:56.0489 2100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:22:56.0505 2100 AudioEndpointBuilder - ok
15:22:56.0520 2100 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:22:56.0525 2100 AudioSrv - ok
15:22:56.0569 2100 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:22:56.0571 2100 AxInstSV - ok
15:22:56.0600 2100 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:22:56.0616 2100 b06bdrv - ok
15:22:56.0634 2100 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:22:56.0639 2100 b57nd60a - ok
15:22:56.0673 2100 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:22:56.0675 2100 BDESVC - ok
15:22:56.0682 2100 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:22:56.0683 2100 Beep - ok
15:22:56.0739 2100 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:22:56.0757 2100 BFE - ok
15:22:56.0783 2100 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:22:56.0801 2100 BITS - ok
15:22:56.0826 2100 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:22:56.0827 2100 blbdrive - ok
15:22:56.0909 2100 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:22:56.0925 2100 Bonjour Service - ok
15:22:56.0961 2100 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:22:56.0963 2100 bowser - ok
15:22:56.0982 2100 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:22:56.0984 2100 BrFiltLo - ok
15:22:57.0002 2100 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:22:57.0003 2100 BrFiltUp - ok
15:22:57.0026 2100 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:22:57.0028 2100 Browser - ok
15:22:57.0071 2100 [ 6DF544E72FF139E8FBBBA6D0E569BEA5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
15:22:57.0074 2100 BrSerIb - ok
15:22:57.0094 2100 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:22:57.0099 2100 Brserid - ok
15:22:57.0130 2100 [ 80E52EF092F3DAD03E0EE15E64F97245 ] BrSerIf C:\Windows\system32\DRIVERS\BrSerIf.sys
15:22:57.0132 2100 BrSerIf - ok
15:22:57.0146 2100 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:22:57.0147 2100 BrSerWdm - ok
15:22:57.0163 2100 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:22:57.0164 2100 BrUsbMdm - ok
15:22:57.0183 2100 [ 601CB966FFFEBC6806626DC8E7AA0EF2 ] BrUsbSer C:\Windows\system32\DRIVERS\BrUsbSer.sys
15:22:57.0184 2100 BrUsbSer - ok
15:22:57.0196 2100 [ 80082AD46578F0D3270D2E56D6433082 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
15:22:57.0196 2100 BrUsbSIb - ok
15:22:57.0240 2100 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:22:57.0242 2100 BrYNSvc - ok
15:22:57.0261 2100 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:22:57.0262 2100 BTHMODEM - ok
15:22:57.0299 2100 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:22:57.0300 2100 bthserv - ok
15:22:57.0319 2100 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:22:57.0321 2100 cdfs - ok
15:22:57.0367 2100 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
15:22:57.0371 2100 cdrom - ok
15:22:57.0417 2100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:22:57.0419 2100 CertPropSvc - ok
15:22:57.0436 2100 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:22:57.0437 2100 circlass - ok
15:22:57.0462 2100 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:22:57.0467 2100 CLFS - ok
15:22:57.0518 2100 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:22:57.0521 2100 clr_optimization_v2.0.50727_32 - ok
15:22:57.0560 2100 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:22:57.0562 2100 clr_optimization_v2.0.50727_64 - ok
15:22:57.0657 2100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:22:57.0660 2100 clr_optimization_v4.0.30319_32 - ok
15:22:57.0690 2100 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:22:57.0693 2100 clr_optimization_v4.0.30319_64 - ok
15:22:57.0716 2100 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:22:57.0718 2100 CmBatt - ok
15:22:57.0734 2100 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:22:57.0735 2100 cmdide - ok
15:22:57.0785 2100 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:22:57.0800 2100 CNG - ok
15:22:57.0822 2100 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:22:57.0823 2100 Compbatt - ok
15:22:57.0860 2100 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:22:57.0861 2100 CompositeBus - ok
15:22:57.0877 2100 COMSysApp - ok
15:22:57.0898 2100 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:22:57.0900 2100 crcdisk - ok
15:22:57.0945 2100 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:22:57.0949 2100 CryptSvc - ok
15:22:57.0997 2100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:22:58.0015 2100 DcomLaunch - ok
15:22:58.0044 2100 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:22:58.0047 2100 defragsvc - ok
15:22:58.0096 2100 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:22:58.0097 2100 DfsC - ok
15:22:58.0144 2100 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:22:58.0152 2100 Dhcp - ok
15:22:58.0175 2100 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:22:58.0176 2100 discache - ok
15:22:58.0194 2100 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:22:58.0196 2100 Disk - ok
15:22:58.0230 2100 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:22:58.0234 2100 Dnscache - ok
15:22:58.0286 2100 [ 0840ABBBDF438691EE65A20040635CBE ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
15:22:58.0288 2100 DockLoginService - ok
15:22:58.0329 2100 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:22:58.0334 2100 dot3svc - ok
15:22:58.0376 2100 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:22:58.0379 2100 DPS - ok
15:22:58.0408 2100 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:22:58.0410 2100 drmkaud - ok
15:22:58.0460 2100 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:22:58.0486 2100 DXGKrnl - ok
15:22:58.0530 2100 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:22:58.0533 2100 EapHost - ok
15:22:58.0618 2100 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:22:58.0685 2100 ebdrv - ok
15:22:58.0711 2100 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:22:58.0713 2100 EFS - ok
15:22:58.0763 2100 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:22:58.0781 2100 ehRecvr - ok
15:22:58.0798 2100 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:22:58.0801 2100 ehSched - ok
15:22:58.0830 2100 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:22:58.0845 2100 elxstor - ok
15:22:58.0891 2100 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:22:58.0892 2100 ErrDev - ok
15:22:58.0932 2100 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:22:58.0936 2100 EventSystem - ok
15:22:58.0967 2100 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:22:58.0969 2100 exfat - ok
15:22:58.0986 2100 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:22:58.0988 2100 fastfat - ok
15:22:59.0041 2100 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:22:59.0058 2100 Fax - ok
15:22:59.0089 2100 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:22:59.0090 2100 fdc - ok
15:22:59.0108 2100 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:22:59.0110 2100 fdPHost - ok
15:22:59.0127 2100 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:22:59.0129 2100 FDResPub - ok
15:22:59.0142 2100 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:22:59.0144 2100 FileInfo - ok
15:22:59.0157 2100 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:22:59.0159 2100 Filetrace - ok
15:22:59.0174 2100 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:22:59.0175 2100 flpydisk - ok
15:22:59.0215 2100 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:22:59.0218 2100 FltMgr - ok
15:22:59.0273 2100 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:22:59.0307 2100 FontCache - ok
15:22:59.0360 2100 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:22:59.0362 2100 FontCache3.0.0.0 - ok
15:22:59.0376 2100 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:22:59.0378 2100 FsDepends - ok
15:22:59.0417 2100 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:22:59.0419 2100 fssfltr - ok
15:22:59.0510 2100 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:22:59.0539 2100 fsssvc - ok
15:22:59.0570 2100 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:22:59.0571 2100 Fs_Rec - ok
15:22:59.0615 2100 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:22:59.0619 2100 fvevol - ok
15:22:59.0642 2100 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:22:59.0643 2100 gagp30kx - ok
15:22:59.0664 2100 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:22:59.0665 2100 GEARAspiWDM - ok
15:22:59.0715 2100 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:22:59.0732 2100 gpsvc - ok
15:22:59.0819 2100 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:59.0822 2100 gupdate - ok
15:22:59.0836 2100 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:59.0838 2100 gupdatem - ok
15:22:59.0852 2100 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:22:59.0853 2100 hcw85cir - ok
15:22:59.0894 2100 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:22:59.0896 2100 HDAudBus - ok
15:22:59.0909 2100 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:22:59.0911 2100 HidBatt - ok
15:22:59.0923 2100 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:22:59.0925 2100 HidBth - ok
15:22:59.0939 2100 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:22:59.0941 2100 HidIr - ok
15:22:59.0959 2100 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:22:59.0961 2100 hidserv - ok
15:22:59.0986 2100 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:22:59.0987 2100 HidUsb - ok
15:23:00.0020 2100 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:23:00.0022 2100 hkmsvc - ok
15:23:00.0060 2100 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:23:00.0066 2100 HomeGroupListener - ok
15:23:00.0100 2100 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:23:00.0104 2100 HomeGroupProvider - ok
15:23:00.0120 2100 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:23:00.0122 2100 HpSAMD - ok
15:23:00.0169 2100 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:23:00.0187 2100 HTTP - ok
15:23:00.0228 2100 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:23:00.0229 2100 hwpolicy - ok
15:23:00.0269 2100 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:23:00.0272 2100 i8042prt - ok
15:23:00.0306 2100 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:23:00.0308 2100 iaStor - ok
15:23:00.0365 2100 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:23:00.0366 2100 IAStorDataMgrSvc - ok
15:23:00.0413 2100 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:23:00.0428 2100 iaStorV - ok
15:23:00.0467 2100 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:23:00.0494 2100 idsvc - ok
15:23:00.0717 2100 [ 4EAA4261E1AD4B860657CADA790B9B38 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:23:00.0880 2100 igfx - ok
15:23:00.0910 2100 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:23:00.0912 2100 iirsp - ok
15:23:00.0951 2100 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:23:00.0971 2100 IKEEXT - ok
15:23:01.0039 2100 [ 492CD3A94913D753B4591CD9E29EC843 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:23:01.0073 2100 IntcAzAudAddService - ok
15:23:01.0102 2100 [ B014CE58F0A8048D3924BA8D5CCBC5F1 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
15:23:01.0104 2100 IntcHdmiAddService - ok
15:23:01.0139 2100 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:23:01.0140 2100 intelide - ok
15:23:01.0165 2100 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:23:01.0166 2100 intelppm - ok
15:23:01.0194 2100 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:23:01.0197 2100 IPBusEnum - ok
15:23:01.0231 2100 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:23:01.0233 2100 IpFilterDriver - ok
15:23:01.0277 2100 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:23:01.0294 2100 iphlpsvc - ok
15:23:01.0326 2100 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:23:01.0327 2100 IPMIDRV - ok
15:23:01.0344 2100 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:23:01.0346 2100 IPNAT - ok
15:23:01.0378 2100 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:23:01.0396 2100 iPod Service - ok
15:23:01.0415 2100 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:23:01.0417 2100 IRENUM - ok
15:23:01.0450 2100 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:23:01.0451 2100 isapnp - ok
15:23:01.0495 2100 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:23:01.0500 2100 iScsiPrt - ok
15:23:01.0522 2100 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:23:01.0524 2100 kbdclass - ok
15:23:01.0559 2100 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:23:01.0560 2100 kbdhid - ok
15:23:01.0577 2100 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:23:01.0580 2100 KeyIso - ok
15:23:01.0616 2100 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:23:01.0617 2100 KSecDD - ok
15:23:01.0651 2100 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:23:01.0654 2100 KSecPkg - ok
15:23:01.0669 2100 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:23:01.0670 2100 ksthunk - ok
15:23:01.0704 2100 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:23:01.0709 2100 KtmRm - ok
15:23:01.0747 2100 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:23:01.0764 2100 LanmanServer - ok
15:23:01.0796 2100 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:23:01.0799 2100 LanmanWorkstation - ok
15:23:01.0836 2100 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:23:01.0838 2100 lltdio - ok
15:23:01.0870 2100 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:23:01.0885 2100 lltdsvc - ok
15:23:01.0903 2100 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:23:01.0906 2100 lmhosts - ok
15:23:01.0935 2100 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:23:01.0938 2100 LSI_FC - ok
15:23:01.0951 2100 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:23:01.0953 2100 LSI_SAS - ok
15:23:01.0968 2100 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:23:01.0969 2100 LSI_SAS2 - ok
15:23:01.0983 2100 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:23:01.0985 2100 LSI_SCSI - ok
15:23:02.0006 2100 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:23:02.0007 2100 luafv - ok
15:23:02.0051 2100 [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
15:23:02.0058 2100 LVRS64 - ok
15:23:02.0169 2100 [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
15:23:02.0247 2100 LVUVC64 - ok
15:23:02.0283 2100 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:23:02.0287 2100 Mcx2Svc - ok
15:23:02.0300 2100 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:23:02.0302 2100 megasas - ok
15:23:02.0320 2100 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:23:02.0323 2100 MegaSR - ok
15:23:02.0347 2100 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:23:02.0349 2100 MMCSS - ok
15:23:02.0360 2100 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:23:02.0361 2100 Modem - ok
15:23:02.0376 2100 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:23:02.0376 2100 monitor - ok
15:23:02.0424 2100 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:23:02.0426 2100 mouclass - ok
15:23:02.0444 2100 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:23:02.0445 2100 mouhid - ok
15:23:02.0480 2100 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:23:02.0482 2100 mountmgr - ok
15:23:02.0532 2100 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
15:23:02.0535 2100 MpFilter - ok
15:23:02.0572 2100 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:23:02.0575 2100 mpio - ok
15:23:02.0594 2100 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:23:02.0599 2100 mpsdrv - ok
15:23:02.0662 2100 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:23:02.0688 2100 MpsSvc - ok
15:23:02.0732 2100 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:23:02.0735 2100 MRxDAV - ok
15:23:02.0775 2100 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:23:02.0777 2100 mrxsmb - ok
15:23:02.0817 2100 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:23:02.0822 2100 mrxsmb10 - ok
15:23:02.0852 2100 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:23:02.0854 2100 mrxsmb20 - ok
15:23:02.0870 2100 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:23:02.0872 2100 msahci - ok
15:23:02.0910 2100 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:23:02.0912 2100 msdsm - ok
15:23:02.0926 2100 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:23:02.0930 2100 MSDTC - ok
15:23:02.0957 2100 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:23:02.0958 2100 Msfs - ok
15:23:02.0972 2100 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:23:02.0973 2100 mshidkmdf - ok
15:23:03.0004 2100 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:23:03.0005 2100 msisadrv - ok
15:23:03.0032 2100 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:23:03.0035 2100 MSiSCSI - ok
15:23:03.0040 2100 msiserver - ok
15:23:03.0071 2100 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:23:03.0072 2100 MSKSSRV - ok
15:23:03.0130 2100 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:23:03.0131 2100 MsMpSvc - ok
15:23:03.0154 2100 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:23:03.0155 2100 MSPCLOCK - ok
15:23:03.0166 2100 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:23:03.0167 2100 MSPQM - ok
15:23:03.0201 2100 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:23:03.0205 2100 MsRPC - ok
15:23:03.0219 2100 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:23:03.0219 2100 mssmbios - ok
15:23:03.0236 2100 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:23:03.0237 2100 MSTEE - ok
15:23:03.0251 2100 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:23:03.0252 2100 MTConfig - ok
15:23:03.0271 2100 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:23:03.0272 2100 Mup - ok
15:23:03.0311 2100 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:23:03.0329 2100 napagent - ok
15:23:03.0352 2100 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:23:03.0355 2100 NativeWifiP - ok
15:23:03.0386 2100 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:23:03.0407 2100 NDIS - ok
15:23:03.0424 2100 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:23:03.0425 2100 NdisCap - ok
15:23:03.0453 2100 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:23:03.0456 2100 NdisTapi - ok
15:23:03.0497 2100 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:23:03.0498 2100 Ndisuio - ok
15:23:03.0532 2100 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:23:03.0535 2100 NdisWan - ok
15:23:03.0559 2100 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:23:03.0561 2100 NDProxy - ok
15:23:03.0577 2100 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:23:03.0578 2100 NetBIOS - ok
15:23:03.0610 2100 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:23:03.0614 2100 NetBT - ok
15:23:03.0628 2100 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:23:03.0631 2100 Netlogon - ok
15:23:03.0666 2100 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:23:03.0683 2100 Netman - ok
15:23:03.0708 2100 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:23:03.0714 2100 netprofm - ok
15:23:03.0742 2100 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:23:03.0745 2100 NetTcpPortSharing - ok
15:23:03.0772 2100 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:23:03.0774 2100 nfrd960 - ok
15:23:03.0816 2100 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:23:03.0818 2100 NisDrv - ok
15:23:03.0851 2100 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
15:23:03.0855 2100 NisSrv - ok
15:23:03.0905 2100 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:23:03.0921 2100 NlaSvc - ok
15:23:03.0967 2100 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
15:23:03.0969 2100 nmwcd - ok
15:23:04.0015 2100 [ 41C1AC1F3613435EB32D67BCB80A5FA5 ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
15:23:04.0016 2100 nmwcdc - ok
15:23:04.0037 2100 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:23:04.0038 2100 Npfs - ok
15:23:04.0062 2100 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:23:04.0064 2100 nsi - ok
15:23:04.0075 2100 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:23:04.0075 2100 nsiproxy - ok
15:23:04.0139 2100 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:23:04.0167 2100 Ntfs - ok
15:23:04.0181 2100 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:23:04.0182 2100 Null - ok
15:23:04.0212 2100 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:23:04.0214 2100 nvraid - ok
15:23:04.0269 2100 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:23:04.0272 2100 nvstor - ok
15:23:04.0290 2100 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:23:04.0292 2100 nv_agp - ok
15:23:04.0365 2100 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:23:04.0380 2100 odserv - ok
15:23:04.0412 2100 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:23:04.0414 2100 ohci1394 - ok
15:23:04.0452 2100 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:23:04.0455 2100 ose - ok
15:23:04.0482 2100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:23:04.0498 2100 p2pimsvc - ok
15:23:04.0539 2100 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:23:04.0556 2100 p2psvc - ok
15:23:04.0585 2100 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:23:04.0587 2100 Parport - ok
15:23:04.0625 2100 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:23:04.0626 2100 partmgr - ok
15:23:04.0645 2100 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:23:04.0650 2100 PcaSvc - ok
15:23:04.0692 2100 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
15:23:04.0694 2100 pccsmcfd - ok
15:23:04.0736 2100 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:23:04.0739 2100 pci - ok
15:23:04.0754 2100 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:23:04.0755 2100 pciide - ok
15:23:04.0773 2100 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:23:04.0776 2100 pcmcia - ok
15:23:04.0795 2100 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:23:04.0795 2100 pcw - ok
15:23:04.0816 2100 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:23:04.0830 2100 PEAUTH - ok
15:23:04.0890 2100 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:23:04.0891 2100 PerfHost - ok
15:23:04.0963 2100 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:23:04.0992 2100 pla - ok
15:23:05.0041 2100 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:23:05.0058 2100 PlugPlay - ok
15:23:05.0073 2100 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:23:05.0076 2100 PNRPAutoReg - ok
15:23:05.0097 2100 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:23:05.0100 2100 PNRPsvc - ok
15:23:05.0122 2100 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:23:05.0136 2100 PolicyAgent - ok
15:23:05.0163 2100 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:23:05.0166 2100 Power - ok
15:23:05.0191 2100 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:23:05.0194 2100 PptpMiniport - ok
15:23:05.0211 2100 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:23:05.0212 2100 Processor - ok
15:23:05.0257 2100 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:23:05.0265 2100 ProfSvc - ok
15:23:05.0278 2100 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:23:05.0280 2100 ProtectedStorage - ok
15:23:05.0322 2100 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:23:05.0325 2100 Psched - ok
15:23:05.0350 2100 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
15:23:05.0351 2100 PxHlpa64 - ok
15:23:05.0401 2100 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:23:05.0439 2100 ql2300 - ok
15:23:05.0460 2100 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:23:05.0463 2100 ql40xx - ok
15:23:05.0483 2100 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:23:05.0487 2100 QWAVE - ok
15:23:05.0503 2100 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:23:05.0504 2100 QWAVEdrv - ok
15:23:05.0516 2100 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:23:05.0517 2100 RasAcd - ok
15:23:05.0539 2100 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:23:05.0540 2100 RasAgileVpn - ok
15:23:05.0549 2100 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:23:05.0552 2100 RasAuto - ok
15:23:05.0588 2100 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:23:05.0591 2100 Rasl2tp - ok
15:23:05.0630 2100 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:23:05.0647 2100 RasMan - ok
15:23:05.0664 2100 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:23:05.0666 2100 RasPppoe - ok
15:23:05.0673 2100 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:23:05.0676 2100 RasSstp - ok
15:23:05.0706 2100 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:23:05.0709 2100 rdbss - ok
15:23:05.0720 2100 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:23:05.0722 2100 rdpbus - ok
15:23:05.0734 2100 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:23:05.0735 2100 RDPCDD - ok
15:23:05.0759 2100 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:23:05.0760 2100 RDPENCDD - ok
15:23:05.0774 2100 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:23:05.0775 2100 RDPREFMP - ok
15:23:05.0810 2100 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:23:05.0813 2100 RDPWD - ok
15:23:05.0845 2100 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:23:05.0848 2100 rdyboost - ok
15:23:05.0872 2100 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:23:05.0876 2100 RemoteAccess - ok
15:23:05.0892 2100 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:23:05.0896 2100 RemoteRegistry - ok
15:23:05.0933 2100 [ 71B48DDAF5E9C2B40E64DE5C405F5AAC ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
15:23:05.0934 2100 RimUsb - ok
15:23:05.0977 2100 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
15:23:05.0979 2100 RimVSerPort - ok
15:23:06.0003 2100 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:23:06.0004 2100 ROOTMODEM - ok
15:23:06.0032 2100 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:23:06.0034 2100 RpcEptMapper - ok
15:23:06.0055 2100 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:23:06.0056 2100 RpcLocator - ok
15:23:06.0097 2100 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:23:06.0105 2100 RpcSs - ok
15:23:06.0122 2100 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:23:06.0124 2100 rspndr - ok
15:23:06.0178 2100 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:23:06.0194 2100 RTL8167 - ok
15:23:06.0211 2100 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:23:06.0214 2100 SamSs - ok
15:23:06.0246 2100 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:23:06.0249 2100 sbp2port - ok
15:23:06.0271 2100 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:23:06.0275 2100 SCardSvr - ok
15:23:06.0307 2100 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:23:06.0309 2100 scfilter - ok
15:23:06.0357 2100 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:23:06.0384 2100 Schedule - ok
15:23:06.0425 2100 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:23:06.0427 2100 SCPolicySvc - ok
15:23:06.0472 2100 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:23:06.0487 2100 SDRSVC - ok
15:23:06.0572 2100 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
15:23:06.0576 2100 SeaPort - ok
15:23:06.0599 2100 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:23:06.0600 2100 secdrv - ok
15:23:06.0634 2100 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:23:06.0638 2100 seclogon - ok
15:23:06.0671 2100 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:23:06.0675 2100 SENS - ok
15:23:06.0709 2100 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:23:06.0714 2100 SensrSvc - ok
15:23:06.0727 2100 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:23:06.0728 2100 Serenum - ok
15:23:06.0750 2100 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:23:06.0752 2100 Serial - ok
15:23:06.0786 2100 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:23:06.0787 2100 sermouse - ok
15:23:06.0865 2100 [ 58D5BFDF3ADF49FE9CABD78CC61D92F6 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
15:23:06.0882 2100 ServiceLayer - ok
15:23:06.0935 2100 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:23:06.0940 2100 SessionEnv - ok
15:23:06.0976 2100 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:23:06.0978 2100 sffdisk - ok
15:23:06.0985 2100 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:23:06.0987 2100 sffp_mmc - ok
15:23:06.0995 2100 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:23:06.0998 2100 sffp_sd - ok
15:23:07.0008 2100 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:23:07.0010 2100 sfloppy - ok
15:23:07.0100 2100 [ 74EC60E20516AAA573BE74F31175270F ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
15:23:07.0128 2100 SftService - ok
15:23:07.0155 2100 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:23:07.0160 2100 SharedAccess - ok
15:23:07.0200 2100 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:23:07.0205 2100 ShellHWDetection - ok
15:23:07.0229 2100 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:23:07.0231 2100 SiSRaid2 - ok
15:23:07.0243 2100 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:23:07.0245 2100 SiSRaid4 - ok
15:23:07.0377 2100 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:23:07.0438 2100 Skype C2C Service - ok
15:23:07.0513 2100 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:23:07.0516 2100 SkypeUpdate - ok
15:23:07.0540 2100 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:23:07.0543 2100 Smb - ok
15:23:07.0585 2100 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:23:07.0589 2100 SNMPTRAP - ok
15:23:07.0596 2100 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:23:07.0596 2100 spldr - ok
15:23:07.0623 2100 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:23:07.0638 2100 Spooler - ok
15:23:07.0722 2100 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:23:07.0801 2100 sppsvc - ok
15:23:07.0832 2100 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:23:07.0835 2100 sppuinotify - ok
15:23:07.0874 2100 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:23:07.0890 2100 srv - ok
15:23:07.0910 2100 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:23:07.0915 2100 srv2 - ok
15:23:07.0932 2100 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:23:07.0934 2100 srvnet - ok
15:23:07.0963 2100 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:23:07.0967 2100 SSDPSRV - ok
15:23:07.0974 2100 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:23:07.0977 2100 SstpSvc - ok
15:23:07.0993 2100 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:23:07.0994 2100 stexstor - ok
15:23:08.0034 2100 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:23:08.0053 2100 stisvc - ok
15:23:08.0091 2100 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:23:08.0093 2100 swenum - ok
15:23:08.0197 2100 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
15:23:08.0213 2100 SwitchBoard - ok
15:23:08.0236 2100 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:23:08.0250 2100 swprv - ok
15:23:08.0319 2100 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:23:08.0362 2100 SysMain - ok
15:23:08.0401 2100 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:23:08.0406 2100 TabletInputService - ok
15:23:08.0442 2100 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:23:08.0459 2100 TapiSrv - ok
15:23:08.0485 2100 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:23:08.0489 2100 TBS - ok
15:23:08.0571 2100 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:23:08.0609 2100 Tcpip - ok
15:23:08.0654 2100 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:23:08.0666 2100 TCPIP6 - ok
15:23:08.0701 2100 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:23:08.0703 2100 tcpipreg - ok
15:23:08.0731 2100 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:23:08.0733 2100 TDPIPE - ok
15:23:08.0769 2100 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:23:08.0771 2100 TDTCP - ok
15:23:08.0817 2100 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:23:08.0819 2100 tdx - ok
15:23:08.0840 2100 TEAM - ok
15:23:08.0882 2100 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:23:08.0884 2100 TermDD - ok
15:23:08.0924 2100 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:23:08.0941 2100 TermService - ok
15:23:08.0950 2100 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:23:08.0954 2100 Themes - ok
15:23:08.0980 2100 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:23:08.0981 2100 THREADORDER - ok
15:23:08.0998 2100 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:23:09.0001 2100 TrkWks - ok
15:23:09.0056 2100 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:23:09.0059 2100 TrustedInstaller - ok
15:23:09.0078 2100 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:23:09.0080 2100 tssecsrv - ok
15:23:09.0132 2100 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:23:09.0134 2100 TsUsbFlt - ok
15:23:09.0184 2100 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:23:09.0187 2100 tunnel - ok
15:23:09.0200 2100 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:23:09.0203 2100 uagp35 - ok
15:23:09.0244 2100 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:23:09.0249 2100 udfs - ok
15:23:09.0268 2100 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:23:09.0272 2100 UI0Detect - ok
15:23:09.0282 2100 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:23:09.0284 2100 uliagpkx - ok
15:23:09.0315 2100 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:23:09.0316 2100 umbus - ok
15:23:09.0331 2100 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:23:09.0333 2100 UmPass - ok
15:23:09.0416 2100 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:23:09.0432 2100 UMVPFSrv - ok
15:23:09.0450 2100 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:23:09.0465 2100 upnphost - ok
15:23:09.0504 2100 [ 4E93C8496359E97830C75AC36393654D ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:23:09.0505 2100 upperdev - ok
15:23:09.0541 2100 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:23:09.0543 2100 USBAAPL64 - ok
15:23:09.0568 2100 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:23:09.0571 2100 usbaudio - ok
15:23:09.0583 2100 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:23:09.0586 2100 usbccgp - ok
15:23:09.0629 2100 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:23:09.0631 2100 usbcir - ok
15:23:09.0647 2100 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:23:09.0649 2100 usbehci - ok
15:23:09.0676 2100 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:23:09.0679 2100 usbhub - ok
15:23:09.0693 2100 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:23:09.0694 2100 usbohci - ok
15:23:09.0715 2100 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:23:09.0717 2100 usbprint - ok
15:23:09.0739 2100 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:23:09.0741 2100 usbscan - ok
15:23:09.0779 2100 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
15:23:09.0780 2100 usbser - ok
15:23:09.0798 2100 [ 8844CB19A37B65E27049D4A7786726A9 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
15:23:09.0799 2100 UsbserFilt - ok
15:23:09.0816 2100 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:23:09.0818 2100 USBSTOR - ok
15:23:09.0832 2100 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:23:09.0833 2100 usbuhci - ok
15:23:09.0857 2100 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:23:09.0859 2100 UxSms - ok
15:23:09.0869 2100 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:23:09.0871 2100 VaultSvc - ok
15:23:09.0917 2100 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:23:09.0918 2100 vdrvroot - ok
15:23:09.0963 2100 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:23:09.0980 2100 vds - ok
15:23:09.0996 2100 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:23:09.0997 2100 vga - ok
15:23:10.0011 2100 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:23:10.0012 2100 VgaSave - ok
15:23:10.0046 2100 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:23:10.0049 2100 vhdmp - ok
15:23:10.0067 2100 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:23:10.0069 2100 viaide - ok
15:23:10.0087 2100 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:23:10.0088 2100 volmgr - ok
15:23:10.0128 2100 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:23:10.0131 2100 volmgrx - ok
15:23:10.0147 2100 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:23:10.0150 2100 volsnap - ok
15:23:10.0170 2100 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:23:10.0173 2100 vsmraid - ok
15:23:10.0226 2100 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:23:10.0252 2100 VSS - ok
15:23:10.0264 2100 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:23:10.0265 2100 vwifibus - ok
15:23:10.0297 2100 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:23:10.0303 2100 W32Time - ok
15:23:10.0317 2100 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:23:10.0318 2100 WacomPen - ok
15:23:10.0335 2100 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:23:10.0336 2100 WANARP - ok
15:23:10.0341 2100 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:23:10.0342 2100 Wanarpv6 - ok
15:23:10.0427 2100 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:23:10.0453 2100 WatAdminSvc - ok
15:23:10.0518 2100 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:23:10.0578 2100 wbengine - ok
15:23:10.0602 2100 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:23:10.0606 2100 WbioSrvc - ok
15:23:10.0649 2100 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:23:10.0666 2100 wcncsvc - ok
15:23:10.0677 2100 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:23:10.0682 2100 WcsPlugInService - ok
15:23:10.0695 2100 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:23:10.0696 2100 Wd - ok
15:23:10.0727 2100 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
15:23:10.0728 2100 WDC_SAM - ok
15:23:10.0797 2100 [ EAB3C68E3C38646AC5D5225F9D943D12 ] WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
15:23:10.0799 2100 WDDMService.exe - ok
15:23:10.0825 2100 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:23:10.0842 2100 Wdf01000 - ok
15:23:10.0854 2100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:23:10.0859 2100 WdiServiceHost - ok
15:23:10.0863 2100 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:23:10.0866 2100 WdiSystemHost - ok
15:23:10.0883 2100 [ 138AB06ADBBF300AA804D7974A5AEC82 ] WDSmartWareBackgroundService C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
15:23:10.0883 2100 WDSmartWareBackgroundService - ok
15:23:10.0923 2100 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:23:10.0940 2100 WebClient - ok
15:23:10.0952 2100 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:23:10.0957 2100 Wecsvc - ok
15:23:10.0962 2100 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:23:10.0965 2100 wercplsupport - ok
15:23:10.0993 2100 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:23:10.0995 2100 WerSvc - ok
15:23:11.0026 2100 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:23:11.0027 2100 WfpLwf - ok
15:23:11.0057 2100 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:23:11.0059 2100 WimFltr - ok
15:23:11.0074 2100 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:23:11.0076 2100 WIMMount - ok
15:23:11.0089 2100 WinDefend - ok
15:23:11.0098 2100 WinHttpAutoProxySvc - ok
15:23:11.0148 2100 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:23:11.0151 2100 Winmgmt - ok
15:23:11.0221 2100 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:23:11.0260 2100 WinRM - ok
15:23:11.0321 2100 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:23:11.0323 2100 WinUsb - ok
15:23:11.0365 2100 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:23:11.0391 2100 Wlansvc - ok
15:23:11.0432 2100 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:23:11.0434 2100 wlcrasvc - ok
15:23:11.0540 2100 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:23:11.0583 2100 wlidsvc - ok
15:23:11.0617 2100 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:23:11.0618 2100 WmiAcpi - ok
15:23:11.0646 2100 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:23:11.0649 2100 wmiApSrv - ok
15:23:11.0672 2100 WMPNetworkSvc - ok
15:23:11.0686 2100 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:23:11.0691 2100 WPCSvc - ok
15:23:11.0726 2100 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:23:11.0729 2100 WPDBusEnum - ok
15:23:11.0753 2100 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:23:11.0755 2100 ws2ifsl - ok
15:23:11.0785 2100 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(1) C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys
15:23:11.0786 2100 WsAudio_DeviceS(1) - ok
15:23:11.0814 2100 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(2) C:\Windows\system32\drivers\WsAudio_DeviceS(2).sys
15:23:11.0815 2100 WsAudio_DeviceS(2) - ok
15:23:11.0820 2100 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(3) C:\Windows\system32\drivers\WsAudio_DeviceS(3).sys
15:23:11.0821 2100 WsAudio_DeviceS(3) - ok
15:23:11.0831 2100 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(4) C:\Windows\system32\drivers\WsAudio_DeviceS(4).sys
15:23:11.0831 2100 WsAudio_DeviceS(4) - ok
15:23:11.0857 2100 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudio_DeviceS(5) C:\Windows\system32\drivers\WsAudio_DeviceS(5).sys
15:23:11.0857 2100 WsAudio_DeviceS(5) - ok
15:23:11.0874 2100 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:23:11.0878 2100 wscsvc - ok
15:23:11.0882 2100 WSearch - ok
15:23:11.0963 2100 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:23:12.0009 2100 wuauserv - ok
15:23:12.0027 2100 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:23:12.0030 2100 WudfPf - ok
15:23:12.0074 2100 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:23:12.0078 2100 WUDFRd - ok
15:23:12.0117 2100 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:23:12.0120 2100 wudfsvc - ok
15:23:12.0144 2100 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:23:12.0160 2100 WwanSvc - ok
15:23:12.0177 2100 ================ Scan global ===============================
15:23:12.0197 2100 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:23:12.0229 2100 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:23:12.0246 2100 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:23:12.0266 2100 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:23:12.0292 2100 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:23:12.0297 2100 [Global] - ok
15:23:12.0297 2100 ================ Scan MBR ==================================
15:23:12.0306 2100 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:23:12.0613 2100 \Device\Harddisk0\DR0 - ok
15:23:12.0613 2100 ================ Scan VBR ==================================
15:23:12.0617 2100 [ A88304CC6C2B935E2BE0A573B2AF7DA1 ] \Device\Harddisk0\DR0\Partition1
15:23:12.0620 2100 \Device\Harddisk0\DR0\Partition1 - ok
15:23:12.0664 2100 [ C0008C28D389A6489CAF6ED86387AD78 ] \Device\Harddisk0\DR0\Partition2
15:23:12.0666 2100 \Device\Harddisk0\DR0\Partition2 - ok
15:23:12.0666 2100 ============================================================
15:23:12.0666 2100 Scan finished
15:23:12.0667 2100 ============================================================
15:23:12.0682 2896 Detected object count: 0
15:23:12.0682 2896 Actual detected object count: 0
15:45:39.0179 2104 Deinitialize success


ASW:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-03 15:25:01
-----------------------------
15:25:01.260 OS Version: Windows x64 6.1.7601 Service Pack 1
15:25:01.260 Number of processors: 2 586 0x170A
15:25:01.260 ComputerName: BENJAMIN-PC UserName: BENJAMIN
15:25:02.512 Initialize success
15:26:29.329 AVAST engine defs: 12090300
15:26:38.685 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:26:38.689 Disk 0 Vendor: WDC_WD64 01.0 Size: 610480MB BusType: 3
15:26:38.701 Disk 0 MBR read successfully
15:26:38.705 Disk 0 MBR scan
15:26:38.774 Disk 0 Windows 7 default MBR code
15:26:38.777 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
15:26:38.788 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 10942 MB offset 145408
15:26:38.825 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 599466 MB offset 22554624
15:26:38.878 Disk 0 scanning C:\Windows\system32\drivers
15:26:52.204 Service scanning
15:27:19.511 Modules scanning
15:27:21.358 AVAST engine scan C:\Windows
15:27:24.466 AVAST engine scan C:\Windows\system32
15:31:18.179 AVAST engine scan C:\Windows\system32\drivers
15:31:33.985 AVAST engine scan C:\Users\BENJAMIN
15:42:15.900 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
15:42:15.963 The log file has been saved successfully to "C:\aswMBR.txt"



Many thanks again

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 03 September 2012 - 04:08 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 bgduggan

bgduggan
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 04 September 2012 - 04:41 AM

Good Morning Naren,

I have followed the above instructions. MBAM recorded no results on both scans.

The other 3 results are posted below. Thanks as ever for taking the time to look at this.

MINITOOLBOX:
MiniToolBox by Farbar Version: 23-07-2012
Ran by BENJAMIN (administrator) on 04-09-2012 at 10:22:14
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost








































































































































































































149.5.18.173 www.google-analytics.com.
149.5.18.173 ad-emea.doubleclick.net.
149.5.18.173 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BENJAMIN-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 00-25-64-85-1C-46
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9447:f2b2:7ef8:c2d5%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 04 September 2012 09:19:46
Lease Expires . . . . . . . . . . : 04 September 2012 11:19:48
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 234890596
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-35-C0-B7-00-25-64-85-1C-46
DNS Servers . . . . . . . . . . . : 194.168.4.100
194.168.8.100
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{5F90940F-03D9-4571-A9DA-A8F0E47BC192}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1872:ecd:b29f:953f(Preferred)
Link-local IPv6 Address . . . . . : fe80::1872:ecd:b29f:953f%11(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: google.com
Addresses: 2a00:1450:4009:806::1004
173.194.41.70
173.194.41.78
173.194.41.68
173.194.41.72
173.194.41.69
173.194.41.64
173.194.41.73
173.194.41.71
173.194.41.67
173.194.41.65
173.194.41.66


Pinging google.com [173.194.41.68] with 32 bytes of data:
Reply from 173.194.41.68: bytes=32 time=29ms TTL=55
Reply from 173.194.41.68: bytes=32 time=21ms TTL=55

Ping statistics for 173.194.41.68:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 29ms, Average = 25ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: yahoo.com
Addresses: 98.138.253.109
72.30.38.140
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=387ms TTL=53
Reply from 72.30.38.140: bytes=32 time=838ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 387ms, Maximum = 838ms, Average = 612ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 25 64 85 1c 46 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.4 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.4 266
192.168.0.4 255.255.255.255 On-link 192.168.0.4 266
192.168.0.255 255.255.255.255 On-link 192.168.0.4 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.4 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.4 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
11 58 ::/0 On-link
1 306 ::1/128 On-link
11 58 2001::/32 On-link
11 306 2001:0:5ef5:79fd:1872:ecd:b29f:953f/128
On-link
10 266 fe80::/64 On-link
11 306 fe80::/64 On-link
11 306 fe80::1872:ecd:b29f:953f/128
On-link
10 266 fe80::9447:f2b2:7ef8:c2d5/128
On-link
1 306 ff00::/8 On-link
11 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/04/2012 09:22:31 AM) (Source: Application Error) (User: )
Description: Faulting application name: iTunes.exe, version: 10.6.3.25, time stamp: 0x4fd16377
Faulting module name: QuickTime.qts_unloaded, version: 0.0.0.0, time stamp: 0x4ea5d609
Exception code: 0xc0000005
Fault offset: 0x68ad1040
Faulting process id: 0x16e8
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3

Error: (09/04/2012 07:22:58 AM) (Source: Application Error) (User: )
Description: Faulting application name: iTunes.exe, version: 10.6.3.25, time stamp: 0x4fd16377
Faulting module name: QuickTime.qts_unloaded, version: 0.0.0.0, time stamp: 0x4ea5d609
Exception code: 0xc0000005
Fault offset: 0x730b1040
Faulting process id: 0xf7c
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3

Error: (09/03/2012 11:43:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068

Error: (09/03/2012 11:43:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6068

Error: (09/03/2012 11:43:06 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2012 11:43:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5070

Error: (09/03/2012 11:43:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5070

Error: (09/03/2012 11:43:05 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2012 11:43:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4072

Error: (09/03/2012 11:43:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4072


System errors:
=============
Error: (09/04/2012 09:21:35 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (09/02/2012 08:25:47 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (08/31/2012 11:39:06 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk6\DR6.

Error: (08/29/2012 10:27:43 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (08/28/2012 04:57:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.517.0).

Error: (08/28/2012 04:56:54 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.133.189.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/28/2012 04:56:52 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version: 1.133.517.0

Previous Signature Version: 1.133.189.0

Update Source: %NT AUTHORITY15

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/28/2012 04:56:52 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version: 1.133.517.0

Previous Signature Version: 1.133.189.0

Update Source: %NT AUTHORITY15

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (08/28/2012 04:54:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.133.517.0).

Error: (08/28/2012 04:54:12 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.133.189.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 3.3.0.3670)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Illustrator CS5.1 (Version: 15.1)
Adobe Photoshop CS5.1 (Version: 12.1)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
BlackBerry Device Manager 6.1 (Version: 6.1.0.35)
Bonjour (Version: 3.0.0.10)
Boots F2CD Picture Suite (Version: 1.0.0.13)
Brother MFL-Pro Suite MFC-J6510DW (Version: 1.0.20.0)
CameraHelperMsi (Version: 13.31.1038.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 1.2.0011)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 3.2.6032.47)
erLT (Version: 1.20.138.34)
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.83)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
iCloud (Version: 1.1.0.40)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2555)
Intel® Rapid Storage Technology (Version: 10.1.0.1008)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 17 (64-bit) (Version: 6.0.170)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
Logitech Vid HD (Version: 7.2 (7248))
Logitech Webcam Software (Version: 2.0)
LWS Facebook (Version: 13.31.1038.0)
LWS Gallery (Version: 13.31.1038.0)
LWS Help_main (Version: 13.31.1044.0)
LWS Launcher (Version: 13.31.1038.0)
LWS Motion Detection (Version: 13.30.1395.0)
LWS Pictures And Video (Version: 13.31.1038.0)
LWS Twitter (Version: 13.30.1346.0)
LWS Video Mask Maker (Version: 13.30.1379.0)
LWS VideoEffects (Version: 13.30.1379.0)
LWS Webcam Software (Version: 13.31.1038.0)
LWS WLM Plugin (Version: 1.30.1201.0)
LWS YouTube Plugin (Version: 13.31.1038.0)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
MSVC80_x64 (Version: 1.0.1.0)
MSVC80_x86 (Version: 1.0.1.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nokia Connectivity Cable Driver (Version: 7.1.17.0)
Nokia PC Suite (Version: 7.1.30.8)
PC Connectivity Solution (Version: 9.23.3.0)
PDF Settings CS5 (Version: 10.0)
PowerDVD DX (Version: 8.3.6029)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver (Version: 6.0.1.5963)
Roxio Burn (Version: 1.01)
Safari (Version: 5.34.57.2)
Sage Planning for Business v2 (Version: 2.1.6000.0)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
Spotify (Version: 0.4.8)
swMSM (Version: 12.0.0.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WD SmartWare (Version: 1.1.0.2)
Windows Driver Package - Nokia Modem (06/01/2009 4.1) (Version: 06/01/2009 4.1)
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3) (Version: 06/01/2009 7.01.0.3)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 4060.98 MB
Available physical RAM: 1904.91 MB
Total Pagefile: 8120.16 MB
Available Pagefile: 5249.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.36 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:585.42 GB) (Free:480.85 GB) NTFS

========================= Users: ========================================

User accounts for \\BENJAMIN-PC

Administrator BENJAMIN Guest


**** End of log ****

FSS:
Farbar Service Scanner Version: 06-08-2012
Ran by BENJAMIN (administrator) on 04-09-2012 at 10:25:22
Running from "C:\Users\BENJAMIN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CZ8TTVW6"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

ADWARE CLEANER:
# AdwCleaner v2.000 - Logfile created 09/04/2012 at 10:27:29
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : BENJAMIN - BENJAMIN-PC
# Boot Mode : Normal
# Running from : C:\Users\BENJAMIN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZR23LLK\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\BENJAMIN\AppData\Local\Temp\TempDir
Folder Deleted : C:\Users\BENJAMIN\AppData\LocalLow\AskToolbar

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

*************************

AdwCleaner[S1].txt - [1611 octets] - [04/09/2012 10:27:29]

########## EOF - C:\AdwCleaner[S1].txt - [1671 octets] ##########


KIND REGARDS

BEN

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 04 September 2012 - 04:48 AM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f


Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#7 bgduggan

bgduggan
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 04 September 2012 - 08:58 AM

Hello Naren,

Next step completed as you outlined above.

The logs are as follows.

MINITOOLKIT:

MiniToolBox by Farbar Version: 23-07-2012
Ran by BENJAMIN (administrator) on 04-09-2012 at 14:53:21
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost


**** End of log ****

RKILL:
Rkill 2.3.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/04/2012 02:54:41 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Users\BENJAMIN\Downloads\Nokia PC Suite 7\PCSuite.exe (PID: 3680) [UP-HEUR]
* C:\Windows\System32\jusched.exe (PID: 5612) [FI]

2 proccesses terminated!

Checking Registry for malware related settings.

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\BENJAMIN\Desktop\rkill\rkill-09-04-2012-02-54-46.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

* atapi => \SystemRoot\system32\drivers\atapi.sys [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/04/2012 02:54:56 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)


THANKS AS EVER

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 04 September 2012 - 09:03 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 bgduggan

bgduggan
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:11:16 AM

Posted 04 September 2012 - 09:58 AM

Naren,

You are a superstar. You do what you do very well and I am very grateful.

a thousand thanks

Kind regards

Ben

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 AM

Posted 04 September 2012 - 10:08 AM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users