Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I also have pop-up/redirect virus - Help appreciated


  • Please log in to reply
9 replies to this topic

#1 thelaststraw

thelaststraw

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 06 September 2012 - 06:18 PM

I've read in this forum about a virus (?) exactly like what I have, but wasn't sure if the same steps applied, so I have started my own post.

I'm working with Windows 7. I have run PC Tools AntiVirus Free which picks up all kinds of infections, but hasn't touched this virus.

When I open Internet Explorer (8) I get little pop ups, one per webpage. Sometimes bottom right of screen, sometimes bottom left. I've seen everything from advertisements to video screens asking me to download something called iLivid. I am also being redirected. For example, clicking on the sign in button on this forum page took me to a dell computer website. :( I've attached screenshots:

Screenshot 1

Screenshot 2

Screenshot 3

I'm at a loss as to what to do next, but I do follow directions well. Any help would be greatly appreciated!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 PM

Posted 06 September 2012 - 06:24 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 thelaststraw

thelaststraw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 07 September 2012 - 06:29 AM

Thank you for your quick reply.

TDLFS:

21:20:36.0808 4456 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
21:20:49.0527 4456 ============================================================
21:20:49.0527 4456 Current date / time: 2012/09/06 21:20:49.0527
21:20:49.0527 4456 SystemInfo:
21:20:49.0528 4456
21:20:49.0528 4456 OS Version: 6.1.7601 ServicePack: 1.0
21:20:49.0528 4456 Product type: Workstation
21:20:49.0528 4456 ComputerName: SHANE-PC
21:20:49.0529 4456 UserName: Shane
21:20:49.0529 4456 Windows directory: C:\windows
21:20:49.0529 4456 System windows directory: C:\windows
21:20:49.0529 4456 Running under WOW64
21:20:49.0529 4456 Processor architecture: Intel x64
21:20:49.0529 4456 Number of processors: 2
21:20:49.0529 4456 Page size: 0x1000
21:20:49.0529 4456 Boot type: Normal boot
21:20:49.0529 4456 ============================================================
21:20:50.0164 4456 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:20:50.0173 4456 ============================================================
21:20:50.0173 4456 \Device\Harddisk0\DR0:
21:20:50.0173 4456 MBR partitions:
21:20:50.0173 4456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x235CB000
21:20:50.0173 4456 ============================================================
21:20:50.0194 4456 C: <-> \Device\Harddisk0\DR0\Partition1
21:20:50.0194 4456 ============================================================
21:20:50.0194 4456 Initialize success
21:20:50.0195 4456 ============================================================
21:22:04.0668 3232 ============================================================
21:22:04.0668 3232 Scan started
21:22:04.0668 3232 Mode: Manual; TDLFS;
21:22:04.0668 3232 ============================================================
21:22:05.0153 3232 ================ Scan system memory ========================
21:22:05.0153 3232 System memory - ok
21:22:05.0156 3232 ================ Scan services =============================
21:22:05.0365 3232 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:22:05.0372 3232 1394ohci - ok
21:22:05.0422 3232 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:22:05.0431 3232 ACPI - ok
21:22:05.0459 3232 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:22:05.0462 3232 AcpiPmi - ok
21:22:05.0535 3232 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:22:05.0537 3232 AdobeARMservice - ok
21:22:05.0679 3232 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:22:05.0684 3232 AdobeFlashPlayerUpdateSvc - ok
21:22:05.0755 3232 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:22:05.0767 3232 adp94xx - ok
21:22:05.0797 3232 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
21:22:05.0806 3232 adpahci - ok
21:22:05.0866 3232 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:22:05.0872 3232 adpu320 - ok
21:22:05.0926 3232 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:22:05.0929 3232 AeLookupSvc - ok
21:22:05.0985 3232 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD C:\windows\system32\drivers\afd.sys
21:22:05.0997 3232 AFD - ok
21:22:06.0034 3232 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
21:22:06.0038 3232 agp440 - ok
21:22:06.0069 3232 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
21:22:06.0073 3232 ALG - ok
21:22:06.0113 3232 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
21:22:06.0115 3232 aliide - ok
21:22:06.0138 3232 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
21:22:06.0141 3232 amdide - ok
21:22:06.0170 3232 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:22:06.0174 3232 AmdK8 - ok
21:22:06.0193 3232 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
21:22:06.0196 3232 AmdPPM - ok
21:22:06.0242 3232 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\windows\system32\drivers\amdsata.sys
21:22:06.0247 3232 amdsata - ok
21:22:06.0272 3232 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:22:06.0279 3232 amdsbs - ok
21:22:06.0312 3232 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\windows\system32\drivers\amdxata.sys
21:22:06.0314 3232 amdxata - ok
21:22:06.0340 3232 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
21:22:06.0344 3232 AppID - ok
21:22:06.0374 3232 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:22:06.0378 3232 AppIDSvc - ok
21:22:06.0397 3232 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
21:22:06.0400 3232 Appinfo - ok
21:22:06.0459 3232 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:22:06.0463 3232 Apple Mobile Device - ok
21:22:06.0496 3232 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
21:22:06.0500 3232 arc - ok
21:22:06.0526 3232 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
21:22:06.0530 3232 arcsas - ok
21:22:06.0574 3232 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:22:06.0577 3232 AsyncMac - ok
21:22:06.0624 3232 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
21:22:06.0626 3232 atapi - ok
21:22:06.0676 3232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:22:06.0690 3232 AudioEndpointBuilder - ok
21:22:06.0710 3232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
21:22:06.0722 3232 AudioSrv - ok
21:22:06.0770 3232 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
21:22:06.0775 3232 AxInstSV - ok
21:22:06.0824 3232 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:22:06.0835 3232 b06bdrv - ok
21:22:06.0876 3232 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:22:06.0883 3232 b57nd60a - ok
21:22:06.0935 3232 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
21:22:06.0939 3232 BDESVC - ok
21:22:06.0968 3232 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
21:22:06.0970 3232 Beep - ok
21:22:07.0039 3232 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
21:22:07.0054 3232 BFE - ok
21:22:07.0105 3232 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
21:22:07.0125 3232 BITS - ok
21:22:07.0139 3232 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
21:22:07.0142 3232 blbdrive - ok
21:22:07.0228 3232 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:22:07.0237 3232 Bonjour Service - ok
21:22:07.0276 3232 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:22:07.0280 3232 bowser - ok
21:22:07.0305 3232 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:22:07.0308 3232 BrFiltLo - ok
21:22:07.0341 3232 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:22:07.0344 3232 BrFiltUp - ok
21:22:07.0385 3232 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\windows\System32\browser.dll
21:22:07.0390 3232 Browser - ok
21:22:07.0480 3232 [ C6B40DBC558A6CEC5832C34A1854AA2A ] Browser Defender Update Service C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
21:22:07.0486 3232 Browser Defender Update Service - ok
21:22:07.0538 3232 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:22:07.0546 3232 Brserid - ok
21:22:07.0560 3232 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:22:07.0563 3232 BrSerWdm - ok
21:22:07.0610 3232 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:22:07.0613 3232 BrUsbMdm - ok
21:22:07.0634 3232 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:22:07.0637 3232 BrUsbSer - ok
21:22:07.0658 3232 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:22:07.0663 3232 BTHMODEM - ok
21:22:07.0704 3232 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
21:22:07.0709 3232 bthserv - ok
21:22:07.0756 3232 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:22:07.0760 3232 cdfs - ok
21:22:07.0788 3232 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:22:07.0793 3232 cdrom - ok
21:22:07.0835 3232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
21:22:07.0839 3232 CertPropSvc - ok
21:22:07.0875 3232 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
21:22:07.0879 3232 circlass - ok
21:22:07.0931 3232 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
21:22:07.0940 3232 CLFS - ok
21:22:08.0005 3232 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:22:08.0021 3232 clr_optimization_v2.0.50727_32 - ok
21:22:08.0074 3232 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:22:08.0078 3232 clr_optimization_v2.0.50727_64 - ok
21:22:08.0102 3232 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
21:22:08.0104 3232 CmBatt - ok
21:22:08.0140 3232 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
21:22:08.0142 3232 cmdide - ok
21:22:08.0180 3232 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\windows\system32\Drivers\cng.sys
21:22:08.0190 3232 CNG - ok
21:22:08.0279 3232 [ 66847C979893A11CFCC2280E772D7EA1 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
21:22:08.0303 3232 CnxtHdAudService - ok
21:22:08.0352 3232 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
21:22:08.0354 3232 Compbatt - ok
21:22:08.0373 3232 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
21:22:08.0375 3232 CompositeBus - ok
21:22:08.0397 3232 COMSysApp - ok
21:22:08.0430 3232 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
21:22:08.0433 3232 crcdisk - ok
21:22:08.0487 3232 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\windows\system32\cryptsvc.dll
21:22:08.0493 3232 CryptSvc - ok
21:22:08.0574 3232 [ 61A86809B62769643892BC0812B204AA ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:22:08.0588 3232 cvhsvc - ok
21:22:08.0647 3232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
21:22:08.0661 3232 DcomLaunch - ok
21:22:08.0692 3232 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
21:22:08.0706 3232 defragsvc - ok
21:22:08.0778 3232 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:22:08.0782 3232 DfsC - ok
21:22:08.0835 3232 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
21:22:08.0843 3232 Dhcp - ok
21:22:08.0866 3232 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
21:22:08.0869 3232 discache - ok
21:22:08.0921 3232 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
21:22:08.0924 3232 Disk - ok
21:22:08.0959 3232 [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:22:08.0965 3232 Dnscache - ok
21:22:08.0998 3232 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
21:22:09.0006 3232 dot3svc - ok
21:22:09.0036 3232 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
21:22:09.0041 3232 DPS - ok
21:22:09.0076 3232 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:22:09.0079 3232 drmkaud - ok
21:22:09.0129 3232 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:22:09.0145 3232 DXGKrnl - ok
21:22:09.0185 3232 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
21:22:09.0190 3232 EapHost - ok
21:22:09.0304 3232 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
21:22:09.0383 3232 ebdrv - ok
21:22:09.0412 3232 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\windows\System32\lsass.exe
21:22:09.0415 3232 EFS - ok
21:22:09.0476 3232 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:22:09.0491 3232 ehRecvr - ok
21:22:09.0504 3232 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
21:22:09.0509 3232 ehSched - ok
21:22:09.0553 3232 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
21:22:09.0565 3232 elxstor - ok
21:22:09.0581 3232 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
21:22:09.0584 3232 ErrDev - ok
21:22:09.0637 3232 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
21:22:09.0646 3232 EventSystem - ok
21:22:09.0684 3232 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
21:22:09.0689 3232 exfat - ok
21:22:09.0723 3232 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
21:22:09.0729 3232 fastfat - ok
21:22:09.0787 3232 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
21:22:09.0802 3232 Fax - ok
21:22:09.0829 3232 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
21:22:09.0831 3232 fdc - ok
21:22:09.0863 3232 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
21:22:09.0866 3232 fdPHost - ok
21:22:09.0888 3232 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
21:22:09.0891 3232 FDResPub - ok
21:22:09.0929 3232 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:22:09.0932 3232 FileInfo - ok
21:22:09.0948 3232 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:22:09.0951 3232 Filetrace - ok
21:22:09.0981 3232 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
21:22:09.0984 3232 flpydisk - ok
21:22:10.0018 3232 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:22:10.0025 3232 FltMgr - ok
21:22:10.0071 3232 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
21:22:10.0095 3232 FontCache - ok
21:22:10.0148 3232 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:22:10.0150 3232 FontCache3.0.0.0 - ok
21:22:10.0162 3232 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:22:10.0166 3232 FsDepends - ok
21:22:10.0204 3232 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:22:10.0206 3232 Fs_Rec - ok
21:22:10.0235 3232 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:22:10.0241 3232 fvevol - ok
21:22:10.0265 3232 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
21:22:10.0268 3232 gagp30kx - ok
21:22:10.0304 3232 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
21:22:10.0307 3232 GEARAspiWDM - ok
21:22:10.0367 3232 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
21:22:10.0384 3232 gpsvc - ok
21:22:10.0439 3232 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:22:10.0442 3232 gupdate - ok
21:22:10.0480 3232 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:22:10.0484 3232 gupdatem - ok
21:22:10.0536 3232 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:22:10.0558 3232 gusvc - ok
21:22:10.0591 3232 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:22:10.0595 3232 hcw85cir - ok
21:22:10.0640 3232 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:22:10.0649 3232 HdAudAddService - ok
21:22:10.0673 3232 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
21:22:10.0678 3232 HDAudBus - ok
21:22:10.0695 3232 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
21:22:10.0702 3232 HidBatt - ok
21:22:10.0759 3232 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
21:22:10.0764 3232 HidBth - ok
21:22:10.0779 3232 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
21:22:10.0783 3232 HidIr - ok
21:22:10.0815 3232 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
21:22:10.0819 3232 hidserv - ok
21:22:10.0863 3232 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
21:22:10.0866 3232 HidUsb - ok
21:22:10.0899 3232 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
21:22:10.0904 3232 hkmsvc - ok
21:22:10.0933 3232 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:22:10.0941 3232 HomeGroupListener - ok
21:22:10.0972 3232 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:22:10.0980 3232 HomeGroupProvider - ok
21:22:11.0000 3232 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:22:11.0004 3232 HpSAMD - ok
21:22:11.0038 3232 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:22:11.0054 3232 HTTP - ok
21:22:11.0088 3232 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:22:11.0090 3232 hwpolicy - ok
21:22:11.0116 3232 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:22:11.0120 3232 i8042prt - ok
21:22:11.0171 3232 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
21:22:11.0182 3232 iaStor - ok
21:22:11.0261 3232 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:22:11.0271 3232 iaStorV - ok
21:22:11.0359 3232 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:22:11.0371 3232 IDriverT - ok
21:22:11.0436 3232 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:22:11.0465 3232 idsvc - ok
21:22:11.0798 3232 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:22:12.0091 3232 igfx - ok
21:22:12.0113 3232 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
21:22:12.0115 3232 iirsp - ok
21:22:12.0160 3232 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
21:22:12.0179 3232 IKEEXT - ok
21:22:12.0241 3232 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
21:22:12.0249 3232 IntcDAud - ok
21:22:12.0290 3232 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
21:22:12.0293 3232 intelide - ok
21:22:12.0318 3232 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:22:12.0321 3232 intelppm - ok
21:22:12.0368 3232 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:22:12.0373 3232 IPBusEnum - ok
21:22:12.0410 3232 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:22:12.0414 3232 IpFilterDriver - ok
21:22:12.0458 3232 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:22:12.0472 3232 iphlpsvc - ok
21:22:12.0490 3232 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:22:12.0494 3232 IPMIDRV - ok
21:22:12.0514 3232 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:22:12.0519 3232 IPNAT - ok
21:22:12.0580 3232 [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:22:12.0598 3232 iPod Service - ok
21:22:12.0630 3232 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
21:22:12.0633 3232 IRENUM - ok
21:22:12.0655 3232 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:22:12.0658 3232 isapnp - ok
21:22:12.0681 3232 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:22:12.0689 3232 iScsiPrt - ok
21:22:12.0711 3232 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:22:12.0713 3232 kbdclass - ok
21:22:12.0748 3232 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
21:22:12.0751 3232 kbdhid - ok
21:22:12.0801 3232 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\windows\system32\lsass.exe
21:22:12.0805 3232 KeyIso - ok
21:22:12.0815 3232 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:22:12.0818 3232 KSecDD - ok
21:22:12.0836 3232 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:22:12.0841 3232 KSecPkg - ok
21:22:12.0867 3232 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:22:12.0869 3232 ksthunk - ok
21:22:12.0907 3232 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
21:22:12.0919 3232 KtmRm - ok
21:22:12.0959 3232 [ EBED8B3FF4A823C1A6EEBEED7B29353F ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
21:22:12.0962 3232 L1C - ok
21:22:12.0999 3232 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
21:22:13.0008 3232 LanmanServer - ok
21:22:13.0035 3232 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:22:13.0043 3232 LanmanWorkstation - ok
21:22:13.0344 3232 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
21:22:13.0417 3232 LeapFrog Connect Device Service - ok
21:22:13.0476 3232 [ 797289607A5EBF31353AA5EAD141F872 ] Leapfrog-USBLAN C:\windows\system32\DRIVERS\btblan.sys
21:22:13.0488 3232 Leapfrog-USBLAN - ok
21:22:13.0543 3232 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:22:13.0546 3232 lltdio - ok
21:22:13.0582 3232 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
21:22:13.0592 3232 lltdsvc - ok
21:22:13.0619 3232 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
21:22:13.0623 3232 lmhosts - ok
21:22:13.0681 3232 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:22:13.0688 3232 LMS - ok
21:22:13.0729 3232 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
21:22:13.0734 3232 LSI_FC - ok
21:22:13.0770 3232 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
21:22:13.0774 3232 LSI_SAS - ok
21:22:13.0801 3232 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
21:22:13.0804 3232 LSI_SAS2 - ok
21:22:13.0839 3232 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
21:22:13.0844 3232 LSI_SCSI - ok
21:22:13.0863 3232 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
21:22:13.0867 3232 luafv - ok
21:22:13.0911 3232 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:22:13.0917 3232 Mcx2Svc - ok
21:22:13.0955 3232 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
21:22:13.0959 3232 megasas - ok
21:22:14.0001 3232 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
21:22:14.0009 3232 MegaSR - ok
21:22:14.0047 3232 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:22:14.0050 3232 MEIx64 - ok
21:22:14.0090 3232 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
21:22:14.0095 3232 MMCSS - ok
21:22:14.0133 3232 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
21:22:14.0136 3232 Modem - ok
21:22:14.0167 3232 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:22:14.0169 3232 monitor - ok
21:22:14.0227 3232 [ 9DFD34E6841C460B5D992A1C5327AE69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
21:22:14.0232 3232 MotoHelper - ok
21:22:14.0276 3232 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:22:14.0279 3232 mouclass - ok
21:22:14.0320 3232 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\drivers\mouhid.sys
21:22:14.0324 3232 mouhid - ok
21:22:14.0365 3232 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:22:14.0368 3232 mountmgr - ok
21:22:14.0387 3232 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
21:22:14.0393 3232 mpio - ok
21:22:14.0415 3232 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:22:14.0419 3232 mpsdrv - ok
21:22:14.0459 3232 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
21:22:14.0478 3232 MpsSvc - ok
21:22:14.0509 3232 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:22:14.0514 3232 MRxDAV - ok
21:22:14.0541 3232 [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:22:14.0546 3232 mrxsmb - ok
21:22:14.0571 3232 [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:22:14.0578 3232 mrxsmb10 - ok
21:22:14.0600 3232 [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:22:14.0604 3232 mrxsmb20 - ok
21:22:14.0630 3232 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys
21:22:14.0633 3232 msahci - ok
21:22:14.0656 3232 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:22:14.0662 3232 msdsm - ok
21:22:14.0680 3232 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
21:22:14.0688 3232 MSDTC - ok
21:22:14.0720 3232 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:22:14.0722 3232 Msfs - ok
21:22:14.0749 3232 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:22:14.0752 3232 mshidkmdf - ok
21:22:14.0767 3232 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:22:14.0769 3232 msisadrv - ok
21:22:14.0801 3232 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:22:14.0808 3232 MSiSCSI - ok
21:22:14.0816 3232 msiserver - ok
21:22:14.0854 3232 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:22:14.0857 3232 MSKSSRV - ok
21:22:14.0875 3232 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:22:14.0877 3232 MSPCLOCK - ok
21:22:14.0915 3232 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:22:14.0918 3232 MSPQM - ok
21:22:14.0954 3232 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:22:14.0963 3232 MsRPC - ok
21:22:14.0989 3232 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
21:22:14.0991 3232 mssmbios - ok
21:22:15.0024 3232 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:22:15.0027 3232 MSTEE - ok
21:22:15.0061 3232 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
21:22:15.0064 3232 MTConfig - ok
21:22:15.0089 3232 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
21:22:15.0092 3232 Mup - ok
21:22:15.0135 3232 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
21:22:15.0149 3232 napagent - ok
21:22:15.0217 3232 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:22:15.0225 3232 NativeWifiP - ok
21:22:15.0300 3232 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
21:22:15.0319 3232 NDIS - ok
21:22:15.0345 3232 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:22:15.0348 3232 NdisCap - ok
21:22:15.0380 3232 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:22:15.0383 3232 NdisTapi - ok
21:22:15.0409 3232 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:22:15.0412 3232 Ndisuio - ok
21:22:15.0430 3232 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:22:15.0436 3232 NdisWan - ok
21:22:15.0472 3232 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:22:15.0475 3232 NDProxy - ok
21:22:15.0496 3232 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:22:15.0499 3232 NetBIOS - ok
21:22:15.0520 3232 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:22:15.0527 3232 NetBT - ok
21:22:15.0557 3232 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\windows\system32\lsass.exe
21:22:15.0561 3232 Netlogon - ok
21:22:15.0600 3232 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
21:22:15.0611 3232 Netman - ok
21:22:15.0628 3232 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
21:22:15.0639 3232 netprofm - ok
21:22:15.0667 3232 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:22:15.0674 3232 NetTcpPortSharing - ok
21:22:15.0713 3232 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:22:15.0717 3232 nfrd960 - ok
21:22:15.0771 3232 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
21:22:15.0781 3232 NlaSvc - ok
21:22:15.0809 3232 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
21:22:15.0812 3232 Npfs - ok
21:22:15.0828 3232 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
21:22:15.0833 3232 nsi - ok
21:22:15.0858 3232 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:22:15.0860 3232 nsiproxy - ok
21:22:15.0929 3232 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:22:15.0962 3232 Ntfs - ok
21:22:15.0995 3232 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
21:22:15.0997 3232 Null - ok
21:22:16.0023 3232 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\windows\system32\drivers\nvraid.sys
21:22:16.0028 3232 nvraid - ok
21:22:16.0044 3232 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\windows\system32\drivers\nvstor.sys
21:22:16.0050 3232 nvstor - ok
21:22:16.0072 3232 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:22:16.0078 3232 nv_agp - ok
21:22:16.0114 3232 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:22:16.0118 3232 ohci1394 - ok
21:22:16.0147 3232 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:22:16.0170 3232 ose - ok
21:22:16.0343 3232 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:22:16.0496 3232 osppsvc - ok
21:22:16.0539 3232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:22:16.0549 3232 p2pimsvc - ok
21:22:16.0575 3232 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
21:22:16.0587 3232 p2psvc - ok
21:22:16.0620 3232 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
21:22:16.0624 3232 Parport - ok
21:22:16.0647 3232 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\windows\system32\drivers\partmgr.sys
21:22:16.0651 3232 partmgr - ok
21:22:16.0682 3232 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
21:22:16.0690 3232 PcaSvc - ok
21:22:16.0726 3232 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
21:22:16.0732 3232 pci - ok
21:22:16.0751 3232 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
21:22:16.0753 3232 pciide - ok
21:22:16.0782 3232 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:22:16.0789 3232 pcmcia - ok
21:22:16.0852 3232 [ 52FA4369E262B047EBD3A37155E30074 ] PCTCore C:\windows\system32\drivers\PCTCore64.sys
21:22:16.0863 3232 PCTCore - ok
21:22:16.0932 3232 [ FF43E3B1687E4E2140DE6349EA5C7372 ] pctDS C:\windows\system32\drivers\pctDS64.sys
21:22:16.0943 3232 pctDS - ok
21:22:17.0016 3232 [ 60E9A05852AF7E9CB11237C00AEE4CCF ] pctEFA C:\windows\system32\drivers\pctEFA64.sys
21:22:17.0034 3232 pctEFA - ok
21:22:17.0065 3232 [ 8DA7DF6075472233CC5A9734BF973B2E ] PCTSD C:\windows\system32\Drivers\PCTSD64.sys
21:22:17.0070 3232 PCTSD - ok
21:22:17.0097 3232 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
21:22:17.0122 3232 pcw - ok
21:22:17.0152 3232 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:22:17.0167 3232 PEAUTH - ok
21:22:17.0262 3232 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
21:22:17.0267 3232 PerfHost - ok
21:22:17.0315 3232 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
21:22:17.0318 3232 PGEffect - ok
21:22:17.0387 3232 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
21:22:17.0418 3232 pla - ok
21:22:17.0453 3232 [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:22:17.0464 3232 PlugPlay - ok
21:22:17.0498 3232 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:22:17.0504 3232 PNRPAutoReg - ok
21:22:17.0531 3232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:22:17.0539 3232 PNRPsvc - ok
21:22:17.0587 3232 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:22:17.0596 3232 PolicyAgent - ok
21:22:17.0629 3232 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
21:22:17.0635 3232 Power - ok
21:22:17.0677 3232 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:22:17.0681 3232 PptpMiniport - ok
21:22:17.0706 3232 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
21:22:17.0709 3232 Processor - ok
21:22:17.0760 3232 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\windows\system32\profsvc.dll
21:22:17.0766 3232 ProfSvc - ok
21:22:17.0780 3232 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\windows\system32\lsass.exe
21:22:17.0783 3232 ProtectedStorage - ok
21:22:17.0819 3232 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:22:17.0822 3232 Psched - ok
21:22:17.0861 3232 [ C8FCB4899F8B70CC34E0D9876A80963C ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
21:22:17.0863 3232 QIOMem - ok
21:22:17.0934 3232 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
21:22:17.0966 3232 ql2300 - ok
21:22:17.0998 3232 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
21:22:18.0003 3232 ql40xx - ok
21:22:18.0036 3232 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
21:22:18.0045 3232 QWAVE - ok
21:22:18.0058 3232 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:22:18.0061 3232 QWAVEdrv - ok
21:22:18.0096 3232 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:22:18.0099 3232 RasAcd - ok
21:22:18.0146 3232 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:22:18.0149 3232 RasAgileVpn - ok
21:22:18.0183 3232 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
21:22:18.0190 3232 RasAuto - ok
21:22:18.0223 3232 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:22:18.0228 3232 Rasl2tp - ok
21:22:18.0255 3232 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
21:22:18.0267 3232 RasMan - ok
21:22:18.0300 3232 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:22:18.0304 3232 RasPppoe - ok
21:22:18.0329 3232 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:22:18.0332 3232 RasSstp - ok
21:22:18.0358 3232 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:22:18.0366 3232 rdbss - ok
21:22:18.0390 3232 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
21:22:18.0393 3232 rdpbus - ok
21:22:18.0416 3232 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:22:18.0418 3232 RDPCDD - ok
21:22:18.0443 3232 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:22:18.0445 3232 RDPENCDD - ok
21:22:18.0464 3232 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:22:18.0467 3232 RDPREFMP - ok
21:22:18.0502 3232 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:22:18.0508 3232 RDPWD - ok
21:22:18.0539 3232 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:22:18.0545 3232 rdyboost - ok
21:22:18.0582 3232 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
21:22:18.0588 3232 RemoteAccess - ok
21:22:18.0618 3232 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:22:18.0642 3232 RemoteRegistry - ok
21:22:18.0664 3232 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:22:18.0671 3232 RpcEptMapper - ok
21:22:18.0694 3232 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
21:22:18.0699 3232 RpcLocator - ok
21:22:18.0725 3232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
21:22:18.0738 3232 RpcSs - ok
21:22:18.0774 3232 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:22:18.0778 3232 rspndr - ok
21:22:18.0816 3232 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
21:22:18.0832 3232 RSUSBSTOR - ok
21:22:18.0853 3232 [ E54A5586A28D0630A79A68BBAB84BFCF ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
21:22:18.0862 3232 RSUSBVSTOR - ok
21:22:18.0934 3232 [ 64FDF4FE366CA42DA2B7D9D424B6E39B ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
21:22:18.0954 3232 RTL8192Ce - ok
21:22:18.0968 3232 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\windows\system32\lsass.exe
21:22:18.0971 3232 SamSs - ok
21:22:18.0998 3232 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:22:19.0001 3232 sbp2port - ok
21:22:19.0039 3232 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
21:22:19.0045 3232 SCardSvr - ok
21:22:19.0059 3232 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:22:19.0062 3232 scfilter - ok
21:22:19.0096 3232 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
21:22:19.0130 3232 Schedule - ok
21:22:19.0202 3232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
21:22:19.0204 3232 SCPolicySvc - ok
21:22:19.0289 3232 [ CADC6D185D8560A1EC266B0A97C4F153 ] sdAuxService C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
21:22:19.0296 3232 sdAuxService - ok
21:22:19.0355 3232 [ B895ECCD553FEEBB424E80B5D239757C ] sdCoreService C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
21:22:19.0374 3232 sdCoreService - ok
21:22:19.0397 3232 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:22:19.0403 3232 SDRSVC - ok
21:22:19.0438 3232 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
21:22:19.0440 3232 secdrv - ok
21:22:19.0452 3232 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
21:22:19.0457 3232 seclogon - ok
21:22:19.0487 3232 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
21:22:19.0492 3232 SENS - ok
21:22:19.0517 3232 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
21:22:19.0522 3232 SensrSvc - ok
21:22:19.0562 3232 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
21:22:19.0564 3232 Serenum - ok
21:22:19.0585 3232 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
21:22:19.0590 3232 Serial - ok
21:22:19.0636 3232 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
21:22:19.0640 3232 sermouse - ok
21:22:19.0688 3232 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
21:22:19.0696 3232 SessionEnv - ok
21:22:19.0708 3232 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:22:19.0712 3232 sffdisk - ok
21:22:19.0743 3232 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:22:19.0746 3232 sffp_mmc - ok
21:22:19.0764 3232 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:22:19.0767 3232 sffp_sd - ok
21:22:19.0787 3232 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
21:22:19.0789 3232 sfloppy - ok
21:22:19.0852 3232 [ D5183ED285D2795491DC15BDDCBEE5AD ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
21:22:19.0865 3232 Sftfs - ok
21:22:19.0916 3232 [ BFDB58616FF5EA540A5F58301D50641E ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:22:19.0924 3232 sftlist - ok
21:22:19.0949 3232 [ 00F118B68C50D2206DD51634F9142B83 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
21:22:19.0954 3232 Sftplay - ok
21:22:19.0968 3232 [ 76A827DF5640BFE16A0CDBB4108ADECA ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
21:22:19.0971 3232 Sftredir - ok
21:22:19.0986 3232 [ 1B4C9701645086BAB8CAFFFCE30ED284 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
21:22:19.0989 3232 Sftvol - ok
21:22:20.0024 3232 [ B94C3C4DCA2093243C76CA218EDE2A97 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:22:20.0028 3232 sftvsa - ok
21:22:20.0063 3232 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
21:22:20.0073 3232 SharedAccess - ok
21:22:20.0108 3232 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:22:20.0118 3232 ShellHWDetection - ok
21:22:20.0140 3232 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:22:20.0144 3232 SiSRaid2 - ok
21:22:20.0181 3232 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:22:20.0185 3232 SiSRaid4 - ok
21:22:20.0215 3232 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:22:20.0219 3232 Smb - ok
21:22:20.0261 3232 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:22:20.0266 3232 SNMPTRAP - ok
21:22:20.0295 3232 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
21:22:20.0297 3232 spldr - ok
21:22:20.0322 3232 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\windows\System32\spoolsv.exe
21:22:20.0335 3232 Spooler - ok
21:22:20.0446 3232 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
21:22:20.0546 3232 sppsvc - ok
21:22:20.0566 3232 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:22:20.0570 3232 sppuinotify - ok
21:22:20.0608 3232 [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv C:\windows\system32\DRIVERS\srv.sys
21:22:20.0615 3232 srv - ok
21:22:20.0642 3232 [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:22:20.0649 3232 srv2 - ok
21:22:20.0695 3232 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
21:22:20.0705 3232 SrvHsfHDA - ok
21:22:20.0770 3232 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
21:22:20.0792 3232 SrvHsfV92 - ok
21:22:20.0847 3232 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
21:22:20.0863 3232 SrvHsfWinac - ok
21:22:20.0890 3232 [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:22:20.0895 3232 srvnet - ok
21:22:20.0935 3232 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:22:20.0943 3232 SSDPSRV - ok
21:22:20.0957 3232 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
21:22:20.0963 3232 SstpSvc - ok
21:22:20.0990 3232 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
21:22:20.0993 3232 stexstor - ok
21:22:21.0039 3232 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\windows\system32\DRIVERS\serscan.sys
21:22:21.0042 3232 StillCam - ok
21:22:21.0082 3232 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
21:22:21.0096 3232 stisvc - ok
21:22:21.0149 3232 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
21:22:21.0151 3232 swenum - ok
21:22:21.0226 3232 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
21:22:21.0240 3232 swprv - ok
21:22:21.0329 3232 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:22:21.0352 3232 SynTP - ok
21:22:21.0418 3232 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
21:22:21.0446 3232 SysMain - ok
21:22:21.0466 3232 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
21:22:21.0471 3232 TabletInputService - ok
21:22:21.0507 3232 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
21:22:21.0515 3232 TapiSrv - ok
21:22:21.0531 3232 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
21:22:21.0535 3232 TBS - ok
21:22:21.0613 3232 [ 509383E505C973ED7534A06B3D19688D ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:22:21.0651 3232 Tcpip - ok
21:22:21.0728 3232 [ 509383E505C973ED7534A06B3D19688D ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:22:21.0758 3232 TCPIP6 - ok
21:22:21.0787 3232 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:22:21.0790 3232 tcpipreg - ok
21:22:21.0835 3232 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
21:22:21.0838 3232 tdcmdpst - ok
21:22:21.0865 3232 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:22:21.0870 3232 TDPIPE - ok
21:22:21.0892 3232 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:22:21.0896 3232 TDTCP - ok
21:22:21.0937 3232 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:22:21.0942 3232 tdx - ok
21:22:21.0954 3232 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
21:22:21.0957 3232 TermDD - ok
21:22:22.0010 3232 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
21:22:22.0027 3232 TermService - ok
21:22:22.0044 3232 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
21:22:22.0050 3232 Themes - ok
21:22:22.0068 3232 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
21:22:22.0073 3232 THREADORDER - ok
21:22:22.0130 3232 [ 83E91963C4452BE6899503CF9EBFD3ED ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
21:22:22.0132 3232 TMachInfo - ok
21:22:22.0170 3232 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\Windows\system32\TODDSrv.exe
21:22:22.0178 3232 TODDSrv - ok
21:22:22.0261 3232 [ CDC97FA5C42B07FB0D4600E17C32F582 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
21:22:22.0270 3232 TosCoSrv - ok
21:22:22.0304 3232 [ D0F868A67CB4D817A3F7ABEF8C42F49C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
21:22:22.0310 3232 TOSHIBA eco Utility Service - ok
21:22:22.0362 3232 [ EDB4B432DB13EA3D1EB2356310D33263 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
21:22:22.0366 3232 TOSHIBA HDD SSD Alert Service - ok
21:22:22.0409 3232 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
21:22:22.0420 3232 tos_sps64 - ok
21:22:22.0480 3232 [ D65C6B0C070534336B72005391B6168A ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
21:22:22.0494 3232 TPCHSrv - ok
21:22:22.0533 3232 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
21:22:22.0541 3232 TrkWks - ok
21:22:22.0597 3232 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:22:22.0602 3232 TrustedInstaller - ok
21:22:22.0629 3232 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:22:22.0633 3232 tssecsrv - ok
21:22:22.0676 3232 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:22:22.0678 3232 TsUsbFlt - ok
21:22:22.0695 3232 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
21:22:22.0698 3232 TsUsbGD - ok
21:22:22.0761 3232 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:22:22.0764 3232 tunnel - ok
21:22:22.0830 3232 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
21:22:22.0831 3232 TVALZ - ok
21:22:22.0878 3232 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
21:22:22.0879 3232 TVALZFL - ok
21:22:22.0909 3232 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:22:22.0911 3232 uagp35 - ok
21:22:22.0966 3232 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:22:22.0971 3232 udfs - ok
21:22:23.0006 3232 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
21:22:23.0009 3232 UI0Detect - ok
21:22:23.0031 3232 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:22:23.0033 3232 uliagpkx - ok
21:22:23.0078 3232 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:22:23.0080 3232 umbus - ok
21:22:23.0118 3232 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
21:22:23.0120 3232 UmPass - ok
21:22:23.0318 3232 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:22:23.0344 3232 UNS - ok
21:22:23.0377 3232 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
21:22:23.0383 3232 upnphost - ok
21:22:23.0454 3232 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
21:22:23.0481 3232 USBAAPL64 - ok
21:22:23.0522 3232 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:22:23.0525 3232 usbccgp - ok
21:22:23.0576 3232 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
21:22:23.0580 3232 usbcir - ok
21:22:23.0620 3232 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
21:22:23.0623 3232 usbehci - ok
21:22:23.0669 3232 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:22:23.0676 3232 usbhub - ok
21:22:23.0702 3232 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\windows\system32\drivers\usbohci.sys
21:22:23.0703 3232 usbohci - ok
21:22:23.0732 3232 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
21:22:23.0734 3232 usbprint - ok
21:22:23.0758 3232 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:22:23.0760 3232 USBSTOR - ok
21:22:23.0791 3232 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:22:23.0793 3232 usbuhci - ok
21:22:23.0847 3232 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
21:22:23.0850 3232 usbvideo - ok
21:22:23.0893 3232 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
21:22:23.0897 3232 UxSms - ok
21:22:23.0924 3232 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\windows\system32\lsass.exe
21:22:23.0928 3232 VaultSvc - ok
21:22:23.0974 3232 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:22:23.0976 3232 vdrvroot - ok
21:22:24.0033 3232 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
21:22:24.0042 3232 vds - ok
21:22:24.0105 3232 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:22:24.0107 3232 vga - ok
21:22:24.0134 3232 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
21:22:24.0135 3232 VgaSave - ok
21:22:24.0171 3232 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:22:24.0175 3232 vhdmp - ok
21:22:24.0185 3232 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
21:22:24.0187 3232 viaide - ok
21:22:24.0216 3232 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:22:24.0218 3232 volmgr - ok
21:22:24.0253 3232 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:22:24.0258 3232 volmgrx - ok
21:22:24.0280 3232 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
21:22:24.0284 3232 volsnap - ok
21:22:24.0311 3232 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:22:24.0314 3232 vsmraid - ok
21:22:24.0424 3232 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
21:22:24.0480 3232 VSS - ok
21:22:24.0548 3232 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:22:24.0549 3232 vwifibus - ok
21:22:24.0573 3232 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:22:24.0575 3232 vwififlt - ok
21:22:24.0615 3232 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
21:22:24.0627 3232 W32Time - ok
21:22:24.0682 3232 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
21:22:24.0684 3232 WacomPen - ok
21:22:24.0741 3232 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:22:24.0743 3232 WANARP - ok
21:22:24.0749 3232 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:22:24.0751 3232 Wanarpv6 - ok
21:22:24.0888 3232 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
21:22:24.0956 3232 wbengine - ok
21:22:24.0994 3232 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:22:24.0999 3232 WbioSrvc - ok
21:22:25.0051 3232 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
21:22:25.0057 3232 wcncsvc - ok
21:22:25.0080 3232 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:22:25.0083 3232 WcsPlugInService - ok
21:22:25.0168 3232 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
21:22:25.0169 3232 Wd - ok
21:22:25.0232 3232 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:22:25.0264 3232 Wdf01000 - ok
21:22:25.0311 3232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
21:22:25.0314 3232 WdiServiceHost - ok
21:22:25.0319 3232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
21:22:25.0322 3232 WdiSystemHost - ok
21:22:25.0337 3232 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
21:22:25.0343 3232 WebClient - ok
21:22:25.0388 3232 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
21:22:25.0393 3232 Wecsvc - ok
21:22:25.0415 3232 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:22:25.0419 3232 wercplsupport - ok
21:22:25.0482 3232 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
21:22:25.0485 3232 WerSvc - ok
21:22:25.0539 3232 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:22:25.0540 3232 WfpLwf - ok
21:22:25.0561 3232 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:22:25.0563 3232 WIMMount - ok
21:22:25.0588 3232 WinDefend - ok
21:22:25.0592 3232 WinHttpAutoProxySvc - ok
21:22:25.0704 3232 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:22:25.0709 3232 Winmgmt - ok
21:22:25.0868 3232 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
21:22:25.0940 3232 WinRM - ok
21:22:26.0028 3232 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:22:26.0048 3232 WinUsb - ok
21:22:26.0152 3232 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
21:22:26.0192 3232 Wlansvc - ok
21:22:26.0285 3232 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:22:26.0312 3232 wlcrasvc - ok
21:22:26.0565 3232 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:22:26.0586 3232 wlidsvc - ok
21:22:26.0639 3232 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
21:22:26.0640 3232 WmiAcpi - ok
21:22:26.0683 3232 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:22:26.0686 3232 wmiApSrv - ok
21:22:26.0738 3232 WMPNetworkSvc - ok
21:22:26.0771 3232 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
21:22:26.0778 3232 WPCSvc - ok
21:22:26.0800 3232 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:22:26.0808 3232 WPDBusEnum - ok
21:22:26.0838 3232 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:22:26.0841 3232 ws2ifsl - ok
21:22:26.0905 3232 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
21:22:26.0910 3232 wscsvc - ok
21:22:26.0965 3232 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
21:22:26.0967 3232 WSDPrintDevice - ok
21:22:26.0977 3232 WSearch - ok
21:22:27.0161 3232 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
21:22:27.0252 3232 wuauserv - ok
21:22:27.0281 3232 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:22:27.0284 3232 WudfPf - ok
21:22:27.0343 3232 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:22:27.0347 3232 WUDFRd - ok
21:22:27.0381 3232 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:22:27.0385 3232 wudfsvc - ok
21:22:27.0430 3232 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
21:22:27.0437 3232 WwanSvc - ok
21:22:27.0468 3232 ================ Scan global ===============================
21:22:27.0516 3232 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
21:22:27.0582 3232 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\windows\system32\winsrv.dll
21:22:27.0590 3232 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\windows\system32\winsrv.dll
21:22:27.0621 3232 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
21:22:27.0644 3232 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
21:22:27.0650 3232 [Global] - ok
21:22:27.0650 3232 ================ Scan MBR ==================================
21:22:27.0677 3232 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
21:22:28.0200 3232 \Device\Harddisk0\DR0 - ok
21:22:28.0201 3232 ================ Scan VBR ==================================
21:22:28.0240 3232 [ A33F24941161D842FBB88A41471599DF ] \Device\Harddisk0\DR0\Partition1
21:22:28.0244 3232 \Device\Harddisk0\DR0\Partition1 - ok
21:22:28.0247 3232 ============================================================
21:22:28.0247 3232 Scan finished
21:22:28.0247 3232 ============================================================
21:22:28.0266 0908 Detected object count: 0
21:22:28.0266 0908 Actual detected object count: 0
21:23:42.0470 4412 Deinitialize success





aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-06 21:31:32
-----------------------------
21:31:32.337 OS Version: Windows x64 6.1.7601 Service Pack 1
21:31:32.337 Number of processors: 2 586 0x2A07
21:31:32.338 ComputerName: SHANE-PC UserName: Shane
21:31:33.698 Initialize success
21:34:42.544 AVAST engine defs: 12090601
21:34:56.650 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:34:56.657 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 3
21:34:56.671 Disk 0 MBR read successfully
21:34:56.678 Disk 0 MBR scan
21:34:56.713 Disk 0 Windows VISTA default MBR code
21:34:56.723 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:34:56.767 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289686 MB offset 3074048
21:34:56.817 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14058 MB offset 596350976
21:34:56.896 Disk 0 scanning C:\windows\system32\drivers
21:35:15.777 Service scanning
21:36:14.255 Modules scanning
21:36:14.276 Disk 0 trace - called modules:
21:36:14.325 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys iaStor.sys hal.dll
21:36:14.339 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004e86790]
21:36:14.358 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004e858a0]
21:36:14.372 5 PCTCore64.sys[fffff880010eea40] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049ba050]
21:36:15.609 AVAST engine scan C:\windows
21:36:19.321 AVAST engine scan C:\windows\system32
21:40:10.745 AVAST engine scan C:\windows\system32\drivers
21:40:33.112 AVAST engine scan C:\Users\Shane
21:42:13.363 Disk 0 MBR has been saved successfully to "C:\Users\Shane\Documents\Kimberly\MBR.dat"
21:42:13.374 The log file has been saved successfully to "C:\Users\Shane\Documents\Kimberly\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-06 21:42:40
-----------------------------
21:42:40.700 OS Version: Windows x64 6.1.7601 Service Pack 1
21:42:40.700 Number of processors: 2 586 0x2A07
21:42:40.701 ComputerName: SHANE-PC UserName: Shane
21:42:41.435 Initialize success
21:42:48.324 AVAST engine defs: 12090601
21:42:56.848 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:42:56.854 Disk 0 Vendor: TOSHIBA_ GH10 Size: 305245MB BusType: 3
21:42:56.897 Disk 0 MBR read successfully
21:42:56.904 Disk 0 MBR scan
21:42:56.936 Disk 0 Windows VISTA default MBR code
21:42:56.961 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
21:42:57.004 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 289686 MB offset 3074048
21:42:57.065 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14058 MB offset 596350976
21:42:57.179 Disk 0 scanning C:\windows\system32\drivers
21:43:17.916 Service scanning
21:44:16.935 Modules scanning
21:44:16.958 Disk 0 trace - called modules:
21:44:17.031 ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys iaStor.sys hal.dll
21:44:17.043 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004e86790]
21:44:17.062 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8004e858a0]
21:44:17.078 5 PCTCore64.sys[fffff880010eea40] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049ba050]
21:44:17.814 AVAST engine scan C:\windows
21:44:23.036 AVAST engine scan C:\windows\system32
21:48:11.561 AVAST engine scan C:\windows\system32\drivers
21:48:34.073 AVAST engine scan C:\Users\Shane
21:49:30.841 Disk 0 MBR has been saved successfully to "C:\Users\Shane\Documents\Kimberly\MBR.dat"
21:49:30.856 The log file has been saved successfully to "C:\Users\Shane\Documents\Kimberly\aswMBR.txt"





ESET:

C:\Users\Shane\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\7b2d66b-59582efa Win32/Simda.B trojan cleaned by deleting - quarantined



Thank you again for your time.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 PM

Posted 07 September 2012 - 08:26 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 thelaststraw

thelaststraw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 07 September 2012 - 08:39 PM

MBAM - I ran this twice but didn't see a "SHOW" results button. I did get a log from it though:

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.07.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Shane :: SHANE-PC [administrator]

Protection: Enabled

9/7/2012 8:27:40 PM
mbam-log-2012-09-07 (20-27-40).txt

Scan type: Full scan (C:\|D:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 338959
Time elapsed: 53 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Mini Toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Shane (administrator) on 07-09-2012 at 21:25:25
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost








































































































































































































64.46.36.178 www.google-analytics.com.
64.46.36.178 ad-emea.doubleclick.net.
64.46.36.178 www.statcounter.com.
64.27.10.42 www.google-analytics.com.
64.27.10.42 ad-emea.doubleclick.net.
64.27.10.42 www.statcounter.com.

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC = Wireless Network Connection (Connected)
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection 2" address=169.254.75.1 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Shane-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Belkin

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : NB7WDS.COM
Description . . . . . . . . . . . : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
Physical Address. . . . . . . . . : E8-9A-8F-5C-FF-8B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
Physical Address. . . . . . . . . : D0-DF-9A-1E-50-6D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::995b:dafd:95a4:c064%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, September 07, 2012 8:23:34 PM
Lease Expires . . . . . . . . . . : Tuesday, October 15, 2148 3:53:50 AM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 248569754
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-88-4E-8E-D0-DF-9A-1E-50-6D
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Belkin:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Belkin
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:3079:34b8:9ea6:6fc9(Preferred)
Link-local IPv6 Address . . . . . : fe80::3079:34b8:9ea6:6fc9%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server:
Address: 192.168.2.1

Name: google.com
Addresses: 2001:4860:800a::8b
74.125.137.113
74.125.137.100
74.125.137.101
74.125.137.102
74.125.137.138
74.125.137.139


Pinging google.com [74.125.137.139] with 32 bytes of data:
Reply from 74.125.137.139: bytes=32 time=26ms TTL=41
Reply from 74.125.137.139: bytes=32 time=27ms TTL=41

Ping statistics for 74.125.137.139:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 26ms, Maximum = 27ms, Average = 26ms
Server:
Address: 192.168.2.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=168ms TTL=43
Reply from 98.139.183.24: bytes=32 time=96ms TTL=43

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 96ms, Maximum = 168ms, Average = 132ms
Server:
Address: 192.168.2.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=3ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 3ms, Maximum = 6ms, Average = 4ms
===========================================================================
Interface List
12...e8 9a 8f 5c ff 8b ......Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
11...d0 df 9a 1e 50 6d ......Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.0 255.255.255.0 On-link 192.168.2.5 281
192.168.2.5 255.255.255.255 On-link 192.168.2.5 281
192.168.2.255 255.255.255.255 On-link 192.168.2.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:9d38:953c:3079:34b8:9ea6:6fc9/128
On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::3079:34b8:9ea6:6fc9/128
On-link
11 281 fe80::995b:dafd:95a4:c064/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
x64-Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
x64-Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
x64-Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
x64-Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
x64-Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [447960] (PC Tools Research Pty Ltd.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/07/2012 08:23:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/07/2012 06:57:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/07/2012 06:55:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: UNS.exe, version: 7.0.2.1164, time stamp: 0x4d100dac
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0x102c
Faulting application start time: 0xUNS.exe0
Faulting application path: UNS.exe1
Faulting module path: UNS.exe2
Report Id: UNS.exe3

Error: (09/07/2012 06:55:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: LMS.exe, version: 7.0.2.1164, time stamp: 0x4d100cad
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0x1518
Faulting application start time: 0xLMS.exe0
Faulting application path: LMS.exe1
Faulting module path: LMS.exe2
Report Id: LMS.exe3

Error: (09/07/2012 06:55:35 PM) (Source: Application Error) (User: )
Description: Faulting application name: MotoHelperService.exe, version: 2.1.32.0, time stamp: 0x4ede825d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0xd30
Faulting application start time: 0xMotoHelperService.exe0
Faulting application path: MotoHelperService.exe1
Faulting module path: MotoHelperService.exe2
Report Id: MotoHelperService.exe3

Error: (09/07/2012 06:55:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: sftvsa.exe, version: 4.6.2.22610, time stamp: 0x4b16fa58
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0x47c
Faulting application start time: 0xsftvsa.exe0
Faulting application path: sftvsa.exe1
Faulting module path: sftvsa.exe2
Report Id: sftvsa.exe3

Error: (09/07/2012 06:54:51 PM) (Source: Application Error) (User: )
Description: Faulting application name: pctsSvc.exe, version: 7.0.0.171, time stamp: 0x4e5ef48f
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0x78c
Faulting application start time: 0xpctsSvc.exe0
Faulting application path: pctsSvc.exe1
Faulting module path: pctsSvc.exe2
Report Id: pctsSvc.exe3

Error: (09/07/2012 06:54:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: pctsAuxs.exe, version: 7.0.0.26, time stamp: 0x4d5dc0b0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0x760
Faulting application start time: 0xpctsAuxs.exe0
Faulting application path: pctsAuxs.exe1
Faulting module path: pctsAuxs.exe2
Report Id: pctsAuxs.exe3

Error: (09/07/2012 06:54:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: MotoHelperService.exe, version: 2.1.32.0, time stamp: 0x4ede825d
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0x734
Faulting application start time: 0xMotoHelperService.exe0
Faulting application path: MotoHelperService.exe1
Faulting module path: MotoHelperService.exe2
Report Id: MotoHelperService.exe3

Error: (09/07/2012 06:54:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: CommandService.exe, version: 4.0.33.0, time stamp: 0x4ff64231
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x6f976c9c
Faulting process id: 0x6bc
Faulting application start time: 0xCommandService.exe0
Faulting application path: CommandService.exe1
Faulting module path: CommandService.exe2
Report Id: CommandService.exe3


System errors:
=============
Error: (09/07/2012 08:24:46 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (09/07/2012 07:04:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).

Error: (09/07/2012 07:04:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521).

Error: (09/07/2012 07:02:30 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (09/07/2012 06:59:06 PM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16405

Error: (09/07/2012 06:55:49 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application Local Management Service service failed to start due to the following error:
%%109

Error: (09/07/2012 06:55:48 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%109

Error: (09/07/2012 06:55:37 PM) (Source: Service Control Manager) (User: )
Description: The MotoHelper Service service failed to start due to the following error:
%%109

Error: (09/07/2012 06:55:36 PM) (Source: Service Control Manager) (User: )
Description: The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).

Error: (09/07/2012 06:55:36 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (09/07/2012 08:23:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/07/2012 06:57:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/07/2012 06:55:35 PM) (Source: Application Error)(User: )
Description: UNS.exe7.0.2.11644d100dacunknown0.0.0.000000000c00000056f976c9c102c01cd8c96625023c5C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeunknown2224b883-f93f-11e1-b7b3-e89a8f5cff8b

Error: (09/07/2012 06:55:35 PM) (Source: Application Error)(User: )
Description: LMS.exe7.0.2.11644d100cadunknown0.0.0.000000000c00000056f976c9c151801cd8c965be9b5b8C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeunknown22227e33-f93f-11e1-b7b3-e89a8f5cff8b

Error: (09/07/2012 06:55:35 PM) (Source: Application Error)(User: )
Description: MotoHelperService.exe2.1.32.04ede825dunknown0.0.0.000000000c00000056f976c9cd3001cd8d4bc8a2dc56C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exeunknown22225723-f93f-11e1-b7b3-e89a8f5cff8b

Error: (09/07/2012 06:55:26 PM) (Source: Application Error)(User: )
Description: sftvsa.exe4.6.2.226104b16fa58unknown0.0.0.000000000c00000056f976c9c47c01cd8c960e7f4273C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeunknown1c8e1d7f-f93f-11e1-b7b3-e89a8f5cff8b

Error: (09/07/2012 06:54:51 PM) (Source: Application Error)(User: )
Description: pctsSvc.exe7.0.0.1714e5ef48funknown0.0.0.000000000c00000056f976c9c78c01cd8c960e443d0dC:\Program Files (x86)\PC Tools Security\pctsSvc.exeunknown07776c91-f93f-11e1-b7b3-e89a8f5cff8b

Error: (09/07/2012 06:54:48 PM) (Source: Application Error)(User: )
Description: pctsAuxs.exe7.0.0.264d5dc0b0unknown0.0.0.000000000c00000056f976c9c76001cd8c960e3f7a4cC:\Program Files (x86)\PC Tools Security\pctsAuxs.exeunknown05bc1069-f93f-11e1-b7b3-e89a8f5cff8b

Error: (09/07/2012 06:54:46 PM) (Source: Application Error)(User: )
Description: MotoHelperService.exe2.1.32.04ede825dunknown0.0.0.000000000c00000056f976c9c73401cd8c960e2c6f4aC:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exeunknown04f42c76-f93f-11e1-b7b3-e89a8f5cff8b

Error: (09/07/2012 06:54:43 PM) (Source: Application Error)(User: )
Description: CommandService.exe4.0.33.04ff64231unknown0.0.0.000000000c00000056f976c9c6bc01cd8c960bd95746C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exeunknown0305c9c9-f93f-11e1-b7b3-e89a8f5cff8b


=========================== Installed Programs ============================

Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.36)
Best Buy pc app (Version: 3.2.0.0)
Best Buy pc app (Version: 3.2.420.5)
Bonjour (Version: 3.0.0.10)
Browser Defender 3.0 (Version: 3.0.0.314)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Conexant HD Audio (Version: 8.51.1.0)
Coupon Printer for Windows (Version: 5.0.0.1)
D3DX10 (Version: 15.4.2368.0902)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Google Chrome (Version: 21.0.1180.89)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
HP Deskjet 3050 J610 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 3050 J610 series Help (Version: 140.0.63.63)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2353)
Intel® Rapid Storage Technology (Version: 10.1.2.1004)
iTunes (Version: 10.5.3.3)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 15.4.3502.0922)
Label@Once 1.0 (Version: 1.0)
LeapFrog Connect (Version: 4.0.33.15045)
LeapFrog Leapster Explorer Plugin (Version: 4.1.7.15314)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MotoHelper 2.1.32 Driver (Version: 2.1.32)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
PC Tools AntiVirus Free 8.0 (Version: 8.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Realtek USB 2.0 Reader Driver (Version: 1.0.0.12)
Realtek WLAN Driver (Version: 2.00.0013)
ShopAtHome.com Toolbar
Synaptics Pointing Device Driver (Version: 15.2.11.1)
TOSHIBA Application Installer (Version: 9.0.1.1)
TOSHIBA Assist (Version: 4.02.02)
Toshiba Book Place (Version: 2.2.6775)
TOSHIBA Bulletin Board (Version: 1.6.08.64)
TOSHIBA Disc Creator (Version: 2.1.0.6 for x64)
TOSHIBA eco Utility (Version: 1.2.25.64)
TOSHIBA Face Recognition (Version: 3.1.8.64)
TOSHIBA Hardware Setup (Version: 4.08.06.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7)
TOSHIBA Media Controller (Version: 1.0.86.2)
TOSHIBA Media Controller Plug-in (Version: 1.0.6.1)
TOSHIBA PC Health Monitor (Version: 1.7.4.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.3.5109)
TOSHIBA ReelTime (Version: 1.7.17.64)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.1.0)
TOSHIBA Service Station (Version: 2.1.52)
TOSHIBA Sleep Utility (Version: 1.4.2.7)
TOSHIBA Supervisor Password (Version: 4.08.06.00)
TOSHIBA Value Added Package (Version: 1.5.4.64)
TOSHIBA Web Camera Application (Version: 2.0.0.19)
TOSHIBA Wireless LAN Indicator (Version: 1.0.3)
ToshibaRegistration (Version: 1.0.4)
Unity Web Player (Version: )
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
yWriter5

========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 4043.86 MB
Available physical RAM: 1891.62 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 5706.93 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.23 MB

========================= Partitions: =====================================

1 Drive c: (TI106139W0E) (Fixed) (Total:282.9 GB) (Free:241.33 GB) NTFS

========================= Users: ========================================

User accounts for \\SHANE-PC

Administrator Guest Kimberly
Shane


**** End of log ****



FSS:

Farbar Service Scanner Version: 06-08-2012
Ran by Shane (administrator) on 07-09-2012 at 21:27:54
Running from "C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I2JL4XD4"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



Adware Cleaner:

# AdwCleaner v2.000 - Logfile created 09/07/2012 at 21:29:46
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Shane - SHANE-PC
# Boot Mode : Normal
# Running from : C:\Users\Shane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1761ELRK\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\SelectRebates

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Shane\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2470 octets] - [07/09/2012 21:29:46]

########## EOF - C:\AdwCleaner[S1].txt - [2530 octets] ##########





Additional Information: When I turned my computer back on this evening it said that it was doing an Automatic Windows update. I tried shutting my computer down but it installed anyway. Now I'm running IE 9 instead of IE 8. I have no idea if this is unrelated or just weird coincedence. The pop ups are still there. Thank you!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 PM

Posted 07 September 2012 - 08:56 PM

Click on startmenu and type

cmd

right click on it and select run as administrator

Now copy following commands and press ENTER one by one

cd C:\windows\system32\drivers\etc
takeown /a /f hosts
cacls hosts /p everyone:f


Press Y

attrib -s -h -r hosts

After running these commands

Download

Hosts fixit

Run it,restart the PC

Now launch mini toolbox and checkmark hosts contents alone and post the new log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Edited by narenxp, 07 September 2012 - 08:56 PM.


#7 thelaststraw

thelaststraw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 08 September 2012 - 08:38 AM

Mini toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Shane (administrator) on 08-09-2012 at 09:31:56
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Hosts content: =================================

# ::1 localhost


**** End of log ****




rkill:

Rkill 2.3.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/08/2012 09:33:53 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Shane\Desktop\rkill\rkill-09-08-2012-09-33-56.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/08/2012 09:33:57 AM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)



I haven't seen a pop up in three or four screens!

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 PM

Posted 08 September 2012 - 08:50 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 thelaststraw

thelaststraw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 PM

Posted 08 September 2012 - 03:49 PM

Wow! You fixed it! I can't say thank you enough. :)

I am all ears if you have a recommendation for any particular antivirus program. I'm running PC Tools (Free), but obviously, that isn't cutting it.

Thank you again!!!

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 PM

Posted 08 September 2012 - 03:50 PM

I would recommend microsoft security essentials or Avast

safe surfing :)

Edited by narenxp, 08 September 2012 - 03:51 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users