Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The 2nd computer infected by Mal/Iframe-AH today


  • Please log in to reply
9 replies to this topic

#1 ProwdPapa

ProwdPapa

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 29 November 2012 - 03:00 PM

I posted late last night about getting a virus that took over my computer. Well I've been working on my brother's computer today and is now infected and I believe that the virus is in Evernote. I think I may even know the exact file that's spreading it. I feel bad for my brother because he doesn't have a lot of money to get a new computer. My computer that was infected Is my work computer and I am shipping it back to them for a format and reinstall. My brother's computer, the one that is infected now, is running Windows 8 Beta on a Dell latitude E 6500. As far as I can tell, without doing any more clicks or actions on my computer, it has taken over Internet Explorer with mirroring. Wow I really want to squash this virus. This would be the second computer of mine that it's infected today. I REALLY want to squash this virus. Having just found thIS sight last night, it's amazing what you guys are doing here. I thank each and everyone of you who are donating their time to help others not so lucky to be as computer savvy. Okay so now, who's going to take this mother effort down?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:18 AM

Posted 30 November 2012 - 02:12 PM

Hello,let's see what we can find ....

MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>>>
Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan resu
>>>>

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

>>>

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.


>>> Last is ESET,this may tke a couple hours.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ProwdPapa

ProwdPapa
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 30 November 2012 - 02:51 PM

MiniToolBox by Farbar Version: 25-11-2012
Ran by callies123 (administrator) on 30-11-2012 at 11:42:19
Running from "C:\Users\Nelson123\Desktop"
Windows 8 Release Preview (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wi-Fi (Connected)
Intel® 82567LM Gigabit Network Connection = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Callies123-10
Primary Dns Suffix . . . . . . . : mti.tec.sd.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mti.tec.sd.local
System Quarantine State . . . . . : Not Restricted


Wireless LAN adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
Physical Address. . . . . . . . . : 00-22-FB-B2-0F-59
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-22-FB-B2-0F-58
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8c4:d5b8:6a72:c5dd%13(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.8(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 28, 2012 12:20:16 PM
Lease Expires . . . . . . . . . . : Saturday, December 1, 2012 11:35:32 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 318776059
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-77-3A-60-00-24-E8-B0-4A-87
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.wa.comcast.net.
Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection
Physical Address. . . . . . . . . : 00-24-E8-B0-4A-87
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:8cd:e77:3f57:fef7(Preferred)
Link-local IPv6 Address . . . . . : fe80::8cd:e77:3f57:fef7%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{DF839942-F393-4281-9135-2C47891B7F58}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:400a:801::1009
173.194.33.32
173.194.33.41
173.194.33.38
173.194.33.34
173.194.33.36
173.194.33.40
173.194.33.35
173.194.33.46
173.194.33.33
173.194.33.39
173.194.33.37


Pinging google.com [173.194.33.2] with 32 bytes of data:
Reply from 173.194.33.2: bytes=32 time=19ms TTL=55
Reply from 173.194.33.2: bytes=32 time=14ms TTL=55

Ping statistics for 173.194.33.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 14ms, Maximum = 19ms, Average = 16ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.139.183.24
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=80ms TTL=52
Reply from 72.30.38.140: bytes=32 time=43ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 43ms, Maximum = 80ms, Average = 61ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...00 22 fb b2 0f 59 ......Microsoft Hosted Network Virtual Adapter
13...00 22 fb b2 0f 58 ......Intel® WiFi Link 5100 AGN
12...00 24 e8 b0 4a 87 ......Intel® 82567LM Gigabit Network Connection
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.8 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.8 276
192.168.1.8 255.255.255.255 On-link 192.168.1.8 276
192.168.1.255 255.255.255.255 On-link 192.168.1.8 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.8 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.8 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 306 ::/0 On-link
1 306 ::1/128 On-link
15 306 2001::/32 On-link
15 306 2001:0:4137:9e76:8cd:e77:3f57:fef7/128
On-link
13 276 fe80::/64 On-link
15 306 fe80::/64 On-link
13 276 fe80::8c4:d5b8:6a72:c5dd/128
On-link
15 306 fe80::8cd:e77:3f57:fef7/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
13 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52736] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68608] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68608] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55808] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [293376] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86528] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86528] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72704] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [361472] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/30/2012 11:35:47 AM) (Source: Application Error) (User: )
Description: Faulting application name: dmwu.exe, version: 2.0.0.2, time stamp: 0x5051defc
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2bcac
Exception code: 0xc0000417
Fault offset: 0x0000000000070468
Faulting process id: 0x8c0
Faulting application start time: 0xdmwu.exe0
Faulting application path: dmwu.exe1
Faulting module path: dmwu.exe2
Report Id: dmwu.exe3
Faulting package full name: dmwu.exe4
Faulting package-relative application ID: dmwu.exe5

Error: (11/29/2012 04:33:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5117

Error: (11/29/2012 04:33:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5117

Error: (11/29/2012 04:33:33 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2012 04:33:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3853

Error: (11/29/2012 04:33:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3853

Error: (11/29/2012 04:33:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2012 04:33:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2621

Error: (11/29/2012 04:33:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2621

Error: (11/29/2012 04:33:30 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (11/30/2012 11:38:11 AM) (Source: Microsoft-Windows-GroupPolicy) (User: MTI)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/30/2012 11:38:11 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/30/2012 11:36:55 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain MTI due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/30/2012 11:36:07 AM) (Source: Service Control Manager) (User: )
Description: The WebOptimizer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (11/29/2012 01:09:19 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/29/2012 11:56:11 AM) (Source: Microsoft-Windows-GroupPolicy) (User: MTI)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/29/2012 11:34:18 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (11/29/2012 10:38:28 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain MTI due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (11/29/2012 10:32:41 AM) (Source: DCOM) (User: MTI)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}MTIcallies123S-1-5-21-611740280-116536574-10498456-22955LocalHost (Using LRPC)Evernote.Evernote_1.0.0.36_x86__q4d96b2w5wcc2S-1-15-2-1064425590-833601665-2055925713-444102028-4016131584-619019182-2699540361

Error: (11/29/2012 10:32:10 AM) (Source: DCOM) (User: MTI)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}MTIcallies123S-1-5-21-611740280-116536574-10498456-22955LocalHost (Using LRPC)Evernote.Evernote_1.0.0.36_x86__q4d96b2w5wcc2S-1-15-2-1064425590-833601665-2055925713-444102028-4016131584-619019182-2699540361


Microsoft Office Sessions:
=========================
Error: (11/30/2012 11:35:47 AM) (Source: Application Error)(User: )
Description: dmwu.exe2.0.0.25051defcMSVCR100.dll10.0.40219.3254df2bcacc000041700000000000704688c001cdcd00c706e283C:\WINDOWS\system32\dmwu.exeC:\WINDOWS\system32\MSVCR100.dll234df6e9-3b25-11e2-9b7c-0024e8b04a87

Error: (11/29/2012 04:33:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5117

Error: (11/29/2012 04:33:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5117

Error: (11/29/2012 04:33:33 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2012 04:33:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3853

Error: (11/29/2012 04:33:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3853

Error: (11/29/2012 04:33:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/29/2012 04:33:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2621

Error: (11/29/2012 04:33:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2621

Error: (11/29/2012 04:33:30 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

1ClickDownloader (Version: 2.7 Build 26473)
ADDICT-THING (Version: )
Adobe Reader X (10.1.3) (Version: 10.1.3)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.2634)
AVG 2013 (Version: 13.0.2793)
AVG 2013 (Version: 2013.0.2793)
AVG Security Toolbar
Babylon toolbar on IE
BabylonObjectInstaller (Version: 2.0.0.2)
Bonjour (Version: 3.0.0.10)
Bucksbee Loyalty Plugin 100815.b for Chrome
CoolYou Gadget (Version: 1.0)
DefaultTab (Version: 1.2.7.0)
DefaultTab Chrome (Version: 1.1.8)
Dropbox (Version: 1.4.17)
Evernote v. 4.5.10 (Version: 4.5.10.7472)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Google Chrome (Version: 23.0.1271.95)
Google Drive (Version: 1.6.3837.2778)
Google Talk Plugin (Version: 3.10.2.10212)
Google Update Helper (Version: 1.3.21.123)
Incredibar Toolbar on IE
Integrated Webcam Driver (1.03.02.0919)
iTunes (Version: 10.7.0.21)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Optimizer Pro v3.0 (Version: 3.0)
RICOH R5C83x/84x Media Driver Ver.3.53.02 (Version: 3.53.02)
Shopping Sidekick (Version: 1.18.149.149)
Skype™ 5.10 (Version: 5.10.116)
SMPlayer 0.6.9 (Version: 0.6.9)
Sophos Virus Removal Tool (Version: 2.1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Vuze (Version: 4.7)
Vuze Remote Toolbar v6.5 (Version: 6.5)
Web Assistant 2.0.0.485 (Version: 2.0.0.485)
Web Optimizer (Version: 2.0.0.2)
WhiteSmoke US Toolbar (Version: 6.9.0.16)
Yontoo 1.10.02 (Version: 1.10.02)

========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 4083.91 MB
Available physical RAM: 1955.93 MB
Total Pagefile: 4885.63 MB
Available Pagefile: 1963.77 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.41 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:149.05 GB) (Free:63.3 GB) NTFS
3 Drive e: (KRD10) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS
4 Drive f: (KRD10) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\Nelson123-10

Administrator Guest Zeus


**** End of log ****

#4 ProwdPapa

ProwdPapa
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 30 November 2012 - 03:36 PM

11:54:04.0635 0996 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:54:05.0182 0996 ============================================================
11:54:05.0182 0996 Current date / time: 2012/11/30 11:54:05.0182
11:54:05.0182 0996 SystemInfo:
11:54:05.0182 0996
11:54:05.0182 0996 OS Version: 6.2.8400 ServicePack: 0.0
11:54:05.0183 0996 Product type: Workstation
11:54:05.0183 0996 ComputerName: CALLIES123-10
11:54:05.0183 0996 UserName: callies123
11:54:05.0183 0996 Windows directory: C:\WINDOWS
11:54:05.0183 0996 System windows directory: C:\WINDOWS
11:54:05.0183 0996 Running under WOW64
11:54:05.0183 0996 Processor architecture: Intel x64
11:54:05.0183 0996 Number of processors: 2
11:54:05.0183 0996 Page size: 0x1000
11:54:05.0183 0996 Boot type: Normal boot
11:54:05.0183 0996 ============================================================
11:54:05.0820 0996 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:54:05.0824 0996 ============================================================
11:54:05.0824 0996 \Device\Harddisk0\DR0:
11:54:05.0824 0996 MBR partitions:
11:54:05.0824 0996 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
11:54:05.0824 0996 ============================================================
11:54:05.0851 0996 C: <-> \Device\Harddisk0\DR0\Partition1
11:54:05.0851 0996 ============================================================
11:54:05.0851 0996 Initialize success
11:54:05.0851 0996 ============================================================
11:55:25.0250 7176 ============================================================
11:55:25.0250 7176 Scan started
11:55:25.0250 7176 Mode: Manual; TDLFS;
11:55:25.0250 7176 ============================================================
11:55:26.0271 7176 ================ Scan system memory ========================
11:55:26.0271 7176 System memory - ok
11:55:26.0273 7176 ================ Scan services =============================
11:55:26.0571 7176 [ 424D2E3CDA29388246EA3810E1026FB0 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
11:55:26.0574 7176 1394ohci - ok
11:55:26.0606 7176 [ 7B79456B871FC7F28F9DA922CFAE98CB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
11:55:26.0607 7176 3ware - ok
11:55:26.0620 7176 [ D8F80A6E875DE8C41B74BEBED1399D5E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
11:55:26.0623 7176 ACPI - ok
11:55:26.0659 7176 [ 978B3F407F1C1424BC82B8AA0544E9E7 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
11:55:26.0660 7176 acpiex - ok
11:55:26.0674 7176 [ 01277516487C88A95A79002A50CA7E48 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
11:55:26.0674 7176 acpipagr - ok
11:55:26.0699 7176 [ 36329F44A31A37DE2449EDC710790DB3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
11:55:26.0700 7176 AcpiPmi - ok
11:55:26.0726 7176 [ CFB99BC025810C7AFEE564F4C649B202 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
11:55:26.0727 7176 acpitime - ok
11:55:26.0827 7176 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:55:26.0830 7176 AdobeARMservice - ok
11:55:26.0860 7176 [ C6FBBBCCDE1F3C031AC52D1B97245C81 ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
11:55:26.0864 7176 adp94xx - ok
11:55:26.0887 7176 [ BD3F2A18BD08681DF31D94A57332347C ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
11:55:26.0891 7176 adpahci - ok
11:55:26.0922 7176 [ D398171FEDE1220F422D2E7F46E27C11 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
11:55:26.0924 7176 adpu320 - ok
11:55:26.0962 7176 [ 9BE954A4AB7D7C501E8D7BDE81840051 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
11:55:26.0965 7176 AeLookupSvc - ok
11:55:27.0007 7176 [ F4CA34A46AF9570A265FD37B5C944EFD ] AFD C:\WINDOWS\system32\drivers\afd.sys
11:55:27.0011 7176 AFD - ok
11:55:27.0025 7176 [ D509C96C9538D506D8787736A2DB873B ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
11:55:27.0026 7176 agp440 - ok
11:55:27.0065 7176 [ 9EF416EC99E3389D1199D47DA23A6C93 ] ALG C:\WINDOWS\System32\alg.exe
11:55:27.0067 7176 ALG - ok
11:55:27.0102 7176 [ BF4AB6D7A41B1045CA94C3A2BF626272 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
11:55:27.0104 7176 AllUserInstallAgent - ok
11:55:27.0136 7176 [ EDC45B6334593C480CA347F4A8E5E8AA ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
11:55:27.0137 7176 AmdK8 - ok
11:55:27.0152 7176 [ 5F2F0512736B256115E1A40EF5ED4496 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
11:55:27.0154 7176 AmdPPM - ok
11:55:27.0169 7176 [ C49B013605D8590B998F2A878B4A125C ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
11:55:27.0170 7176 amdsata - ok
11:55:27.0187 7176 [ 38C327328C81B9D04966A2E494D2280F ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
11:55:27.0189 7176 amdsbs - ok
11:55:27.0204 7176 [ AADB4A4A3907D99B9AD74F428C678202 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
11:55:27.0205 7176 amdxata - ok
11:55:27.0231 7176 [ 88F89541568AB7AD921ADB49C988CC49 ] AppID C:\WINDOWS\system32\drivers\appid.sys
11:55:27.0232 7176 AppID - ok
11:55:27.0264 7176 [ CB97FCA3E1BA7B0B73E5FAC04BAB1EED ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
11:55:27.0266 7176 AppIDSvc - ok
11:55:27.0294 7176 [ 7A0B515FB396B44AC67319C170E2C0A2 ] Appinfo C:\WINDOWS\System32\appinfo.dll
11:55:27.0296 7176 Appinfo - ok
11:55:27.0352 7176 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:55:27.0354 7176 Apple Mobile Device - ok
11:55:27.0389 7176 [ 70968A726D9DE0F0259D4AEB965FAD61 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
11:55:27.0405 7176 Application Updater - ok
11:55:27.0440 7176 [ 225A2BB928A0665652235B78579F27C1 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
11:55:27.0443 7176 AppMgmt - ok
11:55:27.0455 7176 [ E429E5EDDEAEF9112EFEE409921C41C9 ] arc C:\WINDOWS\system32\drivers\arc.sys
11:55:27.0456 7176 arc - ok
11:55:27.0468 7176 [ CAAE1F05E3E806A0968D2EA0DFAC881C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
11:55:27.0470 7176 arcsas - ok
11:55:27.0478 7176 [ 49A4A38F0EDF5DA56E6BC89A3FECFB94 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:55:27.0479 7176 AsyncMac - ok
11:55:27.0499 7176 [ B9DE09BE24B7FE5B111E93F7BBE40011 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
11:55:27.0499 7176 atapi - ok
11:55:27.0549 7176 [ F479CA747B44D18D6C196DAA32A931BE ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
11:55:27.0552 7176 AudioEndpointBuilder - ok
11:55:27.0597 7176 [ EC02C140CDA35E3E168AAC675293FA91 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
11:55:27.0613 7176 Audiosrv - ok
11:55:27.0640 7176 [ 58D7FAF5C81ECEFFD2EDEDA9C2619D82 ] Avgboota C:\WINDOWS\system32\DRIVERS\avgboota.sys
11:55:27.0640 7176 Avgboota - ok
11:55:27.0853 7176 [ 56C73C5BC1656656CAC38A23B4310466 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
11:55:28.0010 7176 AVGIDSAgent - ok
11:55:28.0052 7176 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
11:55:28.0055 7176 AVGIDSDriver - ok
11:55:28.0072 7176 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\WINDOWS\system32\DRIVERS\avgidsha.sys
11:55:28.0074 7176 AVGIDSHA - ok
11:55:28.0105 7176 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\WINDOWS\system32\DRIVERS\avgldx64.sys
11:55:28.0107 7176 Avgldx64 - ok
11:55:28.0123 7176 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\WINDOWS\system32\DRIVERS\avgloga.sys
11:55:28.0126 7176 Avgloga - ok
11:55:28.0152 7176 [ 767B4A485FB22AA0FC0BF5EEF00572B9 ] Avgmfx64 C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
11:55:28.0153 7176 Avgmfx64 - ok
11:55:28.0164 7176 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
11:55:28.0165 7176 Avgrkx64 - ok
11:55:28.0189 7176 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
11:55:28.0192 7176 avgwd - ok
11:55:28.0214 7176 [ 84AAD2883565C1B17F77F04A5F64F7E5 ] Avgwfpa C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
11:55:28.0216 7176 Avgwfpa - ok
11:55:28.0252 7176 [ 25FDDBDC2D196578B8DD444225D1DB25 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
11:55:28.0255 7176 AxInstSV - ok
11:55:28.0300 7176 [ 1A80F2A2D952A5D21CCFE918ADEE98CF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
11:55:28.0309 7176 b06bdrv - ok
11:55:28.0344 7176 [ FF228C3673F94BF49375AA9114BB1D9B ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
11:55:28.0346 7176 BasicDisplay - ok
11:55:28.0377 7176 [ F2F2DAB5DF2C69F80F10F33DA2AF7E7F ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
11:55:28.0379 7176 BasicRender - ok
11:55:28.0419 7176 [ CF71FFA325205BA1A40D1A889492D1FB ] BDESVC C:\WINDOWS\System32\bdesvc.dll
11:55:28.0422 7176 BDESVC - ok
11:55:28.0457 7176 [ 82E8914EB47C8B292212558BF1D4B152 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
11:55:28.0458 7176 Beep - ok
11:55:28.0500 7176 [ E21539EDA45E10224908E99C5FA93040 ] BFE C:\WINDOWS\System32\bfe.dll
11:55:28.0516 7176 BFE - ok
11:55:28.0565 7176 [ 32D9CB7D343D4A3FA889E3C3B8451C19 ] BITS C:\WINDOWS\System32\qmgr.dll
11:55:28.0591 7176 BITS - ok
11:55:28.0681 7176 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:55:28.0698 7176 Bonjour Service - ok
11:55:28.0721 7176 [ E27035197D26256CD4ACFE0DD0C81710 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
11:55:28.0723 7176 bowser - ok
11:55:28.0755 7176 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\WINDOWS\System32\drivers\BrFiltLo.sys
11:55:28.0756 7176 BrFiltLo - ok
11:55:28.0768 7176 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\WINDOWS\System32\drivers\BrFiltUp.sys
11:55:28.0769 7176 BrFiltUp - ok
11:55:28.0812 7176 [ 3B63D4565C2AD843E7A429F8CD873FEE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:55:28.0816 7176 BrokerInfrastructure - ok
11:55:28.0854 7176 [ 0275E8283FDC4620417862CC24E86227 ] Browser C:\WINDOWS\System32\browser.dll
11:55:28.0857 7176 Browser - ok
11:55:28.0878 7176 [ 4882F0042EE18681D26294535DE4E1BD ] Brserid C:\WINDOWS\System32\Drivers\Brserid.sys
11:55:28.0881 7176 Brserid - ok
11:55:28.0919 7176 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\WINDOWS\System32\Drivers\BrSerWdm.sys
11:55:28.0920 7176 BrSerWdm - ok
11:55:28.0956 7176 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
11:55:28.0957 7176 BrUsbMdm - ok
11:55:28.0970 7176 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\WINDOWS\System32\Drivers\BrUsbSer.sys
11:55:28.0971 7176 BrUsbSer - ok
11:55:29.0010 7176 [ C4BD406449430268D01C050B0E67F8E2 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
11:55:29.0010 7176 BthAvrcpTg - ok
11:55:29.0017 7176 [ 44B4E5E55D3BDB5BA270CAB1476617EF ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
11:55:29.0018 7176 BthHFEnum - ok
11:55:29.0056 7176 [ 539666583307C360DEB4408B05404BF4 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
11:55:29.0057 7176 bthhfhid - ok
11:55:29.0071 7176 [ 8BB9203910F0392381C8D0D01CAD0614 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
11:55:29.0072 7176 BTHMODEM - ok
11:55:29.0142 7176 [ 67240832EC4020F2CFBD1D7DFF66219C ] bthserv C:\WINDOWS\system32\bthserv.dll
11:55:29.0146 7176 bthserv - ok
11:55:29.0196 7176 [ D1CDEE76BEFA08384F430FA8443D74A1 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:55:29.0197 7176 cdfs - ok
11:55:29.0212 7176 [ C00764D61B8F47DAF236AA7E82F40666 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
11:55:29.0214 7176 cdrom - ok
11:55:29.0256 7176 [ DB8B763E355B7DB58D1FB46D79651E9D ] CertPropSvc C:\WINDOWS\System32\certprop.dll
11:55:29.0259 7176 CertPropSvc - ok
11:55:29.0272 7176 [ F46B4C6124DCC59A31D84A986637D3C3 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
11:55:29.0273 7176 circlass - ok
11:55:29.0291 7176 [ 98081B1DD9F3E128D7FE0D1FA9EB65CF ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
11:55:29.0294 7176 CLFS - ok
11:55:29.0342 7176 [ FBC6D71EB64CEF8206F6CAF28D7AE51B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
11:55:29.0343 7176 CmBatt - ok
11:55:29.0386 7176 [ 8C7E72C99442912B0421BE6F4452C361 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
11:55:29.0390 7176 CNG - ok
11:55:29.0404 7176 [ 2A57EB9ECCF891216479696C0261732A ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
11:55:29.0405 7176 CompositeBus - ok
11:55:29.0410 7176 COMSysApp - ok
11:55:29.0436 7176 [ 33D30F282A361E24277A3F5814206B44 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
11:55:29.0437 7176 condrv - ok
11:55:29.0488 7176 [ DBF4E9F328B3C253B86B53462DB21190 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
11:55:29.0491 7176 CryptSvc - ok
11:55:29.0533 7176 [ 11C7397FFF45A10F4BCBA284486FB385 ] CSC C:\WINDOWS\system32\drivers\csc.sys
11:55:29.0538 7176 CSC - ok
11:55:29.0583 7176 [ 3510236ACD1A1AF57780D116B174AEE6 ] CscService C:\WINDOWS\System32\cscsvc.dll
11:55:29.0609 7176 CscService - ok
11:55:29.0623 7176 [ A279F1FA2A73E0842EB1D46FB8057925 ] dam C:\WINDOWS\system32\drivers\dam.sys
11:55:29.0624 7176 dam - ok
11:55:29.0674 7176 [ 6446876DDE28C69B344FCB0C15D8604E ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
11:55:29.0699 7176 DcomLaunch - ok
11:55:29.0744 7176 [ 2AB40D0F2C34549604C75DC0B54451E7 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
11:55:29.0760 7176 DefaultTabSearch - ok
11:55:29.0834 7176 [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\callies123\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
11:55:29.0836 7176 DefaultTabUpdate - ok
11:55:29.0875 7176 [ 599EF8503C20AD7BA2A0B800A6A53643 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
11:55:29.0880 7176 defragsvc - ok
11:55:29.0917 7176 [ 8DA891C72B190CCAFDD6586FC419DEF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:55:29.0922 7176 DeviceAssociationService - ok
11:55:29.0963 7176 [ D5609A195EA599793228EACDDAB1574B ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
11:55:29.0968 7176 DeviceInstall - ok
11:55:30.0004 7176 [ C38276884CAAF8A28CFCD0385B4FE9AB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
11:55:30.0006 7176 Dfsc - ok
11:55:30.0034 7176 [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:55:30.0036 7176 dg_ssudbus - ok
11:55:30.0055 7176 [ 0E4E24976DD1E0F83C038EC2950711BD ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
11:55:30.0060 7176 Dhcp - ok
11:55:30.0094 7176 [ F269915E61BEC9FD87DE7AE9E388D53D ] discache C:\WINDOWS\system32\drivers\discache.sys
11:55:30.0095 7176 discache - ok
11:55:30.0126 7176 [ DB8278E7C60F459AAEF6F6BB8D4EC8C8 ] disk C:\WINDOWS\system32\drivers\disk.sys
11:55:30.0127 7176 disk - ok
11:55:30.0139 7176 [ F274A95E59CEA5111C31F3489BC0B996 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
11:55:30.0140 7176 dmvsc - ok
11:55:30.0158 7176 [ CE209F9BD5F406FA630A9882394A6D73 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
11:55:30.0163 7176 Dnscache - ok
11:55:30.0198 7176 [ 3EEAE9E753EBD26FFA8D39F286026FD6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
11:55:30.0201 7176 dot3svc - ok
11:55:30.0234 7176 [ F461BF486F8940A5504ED2B2A1457691 ] DPS C:\WINDOWS\system32\dps.dll
11:55:30.0238 7176 DPS - ok
11:55:30.0264 7176 [ DFEEBB402C810C4E4029846E5FACE242 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
11:55:30.0265 7176 drmkaud - ok
11:55:30.0297 7176 [ A34A8EA4B9F1E7FACD140F77D6FCDBA0 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
11:55:30.0300 7176 DsmSvc - ok
11:55:30.0333 7176 [ 3C31CA9F07783D17805D9697ECF86EC6 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:55:30.0341 7176 DXGKrnl - ok
11:55:30.0382 7176 [ CFE0E3D5EFBF0649E5900CBFCC2B95F7 ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y60x64.sys
11:55:30.0384 7176 e1yexpress - ok
11:55:30.0396 7176 [ C2B2102094D349F6793DDBA0CC96A00E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
11:55:30.0398 7176 Eaphost - ok
11:55:30.0484 7176 [ 9BFEA2D54E9E05473B65F4A5D165BA94 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
11:55:30.0509 7176 ebdrv - ok
11:55:30.0552 7176 [ 6DBD56C7117F98D56C8880614FE765B7 ] EFS C:\WINDOWS\System32\lsass.exe
11:55:30.0554 7176 EFS - ok
11:55:30.0587 7176 [ ADB83713B9B2A87671AE85C4E04DD459 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
11:55:30.0588 7176 EhStorClass - ok
11:55:30.0651 7176 [ B87844ABF349EF991356E06F1404B6B3 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
11:55:30.0653 7176 EhStorTcgDrv - ok
11:55:30.0692 7176 [ B7BA03FE7576E3B6D6A88C1976BD32F5 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
11:55:30.0693 7176 ErrDev - ok
11:55:30.0749 7176 [ 3EB2D4B286B191C04D858999FC2D5E4B ] EventSystem C:\WINDOWS\system32\es.dll
11:55:30.0756 7176 EventSystem - ok
11:55:30.0782 7176 [ AD498A7AFDBA687139145DF54C354723 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
11:55:30.0785 7176 exfat - ok
11:55:30.0797 7176 [ B26C50A42BA5AA0B618228B01EA5C251 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
11:55:30.0801 7176 fastfat - ok
11:55:30.0840 7176 [ 042874B5EB6983E76BD2D5F5FEF63874 ] Fax C:\WINDOWS\system32\fxssvc.exe
11:55:30.0857 7176 Fax - ok
11:55:30.0870 7176 [ 6D1440F76976C41917E5778A0A1DBB1C ] fdc C:\WINDOWS\System32\drivers\fdc.sys
11:55:30.0870 7176 fdc - ok
11:55:30.0904 7176 [ 719E865C1C29B3C21C4A672A3CEC1024 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
11:55:30.0906 7176 fdPHost - ok
11:55:30.0944 7176 [ DA71950CAAF4C19CDC0B85E3BD350430 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
11:55:30.0946 7176 FDResPub - ok
11:55:30.0978 7176 [ 573B1E0C9DBBFA5017632EA3839356A3 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
11:55:30.0981 7176 fhsvc - ok
11:55:30.0992 7176 [ BEEA545AF75940119D2D75EB67BD5092 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
11:55:30.0993 7176 FileInfo - ok
11:55:31.0020 7176 [ 2B06050B6741F516718EA0999D65D19A ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
11:55:31.0021 7176 Filetrace - ok
11:55:31.0034 7176 [ 54EAD64A1701673858973D35F90C99E7 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
11:55:31.0034 7176 flpydisk - ok
11:55:31.0061 7176 [ 063C1D7FD55ADD7A2033898F2982C573 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
11:55:31.0064 7176 FltMgr - ok
11:55:31.0121 7176 [ 54740179CA5CD46B624F25067C2D779C ] FontCache C:\WINDOWS\system32\FntCache.dll
11:55:31.0146 7176 FontCache - ok
11:55:31.0163 7176 [ 07EFF859A468CDA994386EF95E1FDD61 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
11:55:31.0164 7176 FsDepends - ok
11:55:31.0196 7176 [ E753BD52E3E36146B5FE402BFDF62302 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:55:31.0196 7176 Fs_Rec - ok
11:55:31.0216 7176 [ 2DBD4EA900E922613D685162EB0A7F9A ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:55:31.0218 7176 fvevol - ok
11:55:31.0229 7176 [ 50DAAB9AB31D770E010E62390B524169 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
11:55:31.0229 7176 FxPPM - ok
11:55:31.0234 7176 [ D0A13530B3168EB704D0717BC6D1F39B ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
11:55:31.0235 7176 gagp30kx - ok
11:55:31.0276 7176 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:55:31.0277 7176 GEARAspiWDM - ok
11:55:31.0310 7176 [ 5B73B002330F8EC7D154ECF49BEF9C2F ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
11:55:31.0311 7176 gencounter - ok
11:55:31.0348 7176 [ DC25DE2BEF13842230A1FA36F3D25D40 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:55:31.0349 7176 GPIOClx0101 - ok
11:55:31.0401 7176 [ EC331AE332E88CBC2BCFAED5F1866FD5 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
11:55:31.0428 7176 gpsvc - ok
11:55:31.0487 7176 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:55:31.0491 7176 gupdate - ok
11:55:31.0500 7176 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:55:31.0503 7176 gupdatem - ok
11:55:31.0548 7176 [ ED7EED62597BCD9F6B72740178382253 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
11:55:31.0551 7176 HdAudAddService - ok
11:55:31.0579 7176 [ 6EFA99D7979F19566A40D8846CF6AC8D ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
11:55:31.0580 7176 HDAudBus - ok
11:55:31.0595 7176 [ 2351C5B00B8418B469434E2895B96B0B ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
11:55:31.0596 7176 HidBatt - ok
11:55:31.0629 7176 [ 4EDD4B76C1EAD49C87B64EBE56FB2EBD ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
11:55:31.0630 7176 HidBth - ok
11:55:31.0644 7176 [ 9F9698B36E342B8BCF89175C42439A94 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
11:55:31.0645 7176 hidi2c - ok
11:55:31.0661 7176 [ 69C4FCA1ECCA441683A2CC12C40A5545 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
11:55:31.0662 7176 HidIr - ok
11:55:31.0696 7176 [ 288FB363911D46D8C4D63F60F91936F0 ] hidserv C:\WINDOWS\system32\hidserv.dll
11:55:31.0698 7176 hidserv - ok
11:55:31.0727 7176 [ DA2261E06585E5B486951C1534CFFCA7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
11:55:31.0729 7176 HidUsb - ok
11:55:31.0761 7176 [ 53D9E66C713F50F52E40C2D3CD3C2303 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
11:55:31.0765 7176 hkmsvc - ok
11:55:31.0783 7176 [ 7E2C90480EF29DA772C8AF38AA7560A3 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
11:55:31.0789 7176 HomeGroupListener - ok
11:55:31.0812 7176 [ 774EABB98EF1244EFDE60330C40F06DD ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
11:55:31.0828 7176 HomeGroupProvider - ok
11:55:31.0862 7176 [ 9262834A216C8A7B6A36CC2B0E3F9F98 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
11:55:31.0864 7176 HpSAMD - ok
11:55:31.0896 7176 [ 52F7C34DA051FD8AF00E8949ED09BE8F ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
11:55:31.0903 7176 HTTP - ok
11:55:31.0953 7176 [ 0D9C2862E4F76A3C505767F0C4D51D18 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
11:55:31.0955 7176 hwpolicy - ok
11:55:31.0995 7176 [ 34F1F053C9CFDE33C802E30B9FFF2C6E ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
11:55:31.0996 7176 hyperkbd - ok
11:55:32.0008 7176 [ 3A3ADA2EE3FAC2A766B5B899B7DF25C9 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
11:55:32.0009 7176 HyperVideo - ok
11:55:32.0030 7176 [ 8BFDC55618DA43180234D4BFAACB9960 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
11:55:32.0031 7176 i8042prt - ok
11:55:32.0064 7176 [ 3F8EA41490B72D28EA3CAFE00C44E00E ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
11:55:32.0068 7176 iaStorV - ok
11:55:32.0085 7176 [ 773E6FE440900C26BD4947CD6491A1C2 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
11:55:32.0086 7176 iirsp - ok
11:55:32.0130 7176 [ E1647CC48642739E86589313F4056AA1 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
11:55:32.0156 7176 IKEEXT - ok
11:55:32.0163 7176 [ 23E5AC193FC6079F148DB00FB9F1E856 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
11:55:32.0164 7176 intelide - ok
11:55:32.0192 7176 [ CF7F47434D80BC3C17BE002675904297 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
11:55:32.0193 7176 intelppm - ok
11:55:32.0206 7176 [ 184D23148A89148FED79D46647706147 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:55:32.0207 7176 IpFilterDriver - ok
11:55:32.0241 7176 [ C5F5BE9161BAA4C777630B1149715E95 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
11:55:32.0255 7176 iphlpsvc - ok
11:55:32.0269 7176 [ EACEFC102555501B37824FA430F45252 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:55:32.0270 7176 IPMIDRV - ok
11:55:32.0280 7176 [ E561C19F0F4A451EF40BFE1DED2EA4C0 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
11:55:32.0281 7176 IPNAT - ok
11:55:32.0335 7176 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:55:32.0369 7176 iPod Service - ok
11:55:32.0393 7176 [ EEDADE0EA3D9636BE6676D8E6A90264C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
11:55:32.0395 7176 IRENUM - ok
11:55:32.0428 7176 [ 6098F936E315ACC053A18FE482EC0A60 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
11:55:32.0429 7176 isapnp - ok
11:55:32.0439 7176 [ 86D2EBA1501E7C8D2CF1250972A9132F ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
11:55:32.0442 7176 iScsiPrt - ok
11:55:32.0458 7176 [ E18D1A5E1514E699019747344C48B786 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
11:55:32.0459 7176 kbdclass - ok
11:55:32.0498 7176 [ D2D99CEC0B58405FD4F0E560D33CCD6E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
11:55:32.0499 7176 kbdhid - ok
11:55:32.0530 7176 [ 81D262CA5A8C8A3D529579CAB3E790BA ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
11:55:32.0531 7176 kdnic - ok
11:55:32.0541 7176 [ 6DBD56C7117F98D56C8880614FE765B7 ] KeyIso C:\WINDOWS\system32\lsass.exe
11:55:32.0543 7176 KeyIso - ok
11:55:32.0559 7176 [ BF07E34596039A56C4E382B16379C915 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
11:55:32.0560 7176 KSecDD - ok
11:55:32.0570 7176 [ EC7E8BA4047DEBE8BBB4F387DECDAF0E ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:55:32.0572 7176 KSecPkg - ok
11:55:32.0597 7176 [ 96C82EED9DFBAC84788C5A5BC1C8F97E ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
11:55:32.0598 7176 ksthunk - ok
11:55:32.0641 7176 [ 6B9B96D711FA8AD43C4B4D415F12A5D0 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
11:55:32.0646 7176 KtmRm - ok
11:55:32.0670 7176 [ 6E2A5F67366818C9A79DD010F9E7F22B ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
11:55:32.0677 7176 LanmanServer - ok
11:55:32.0707 7176 [ F110DBAFE7C233CAB620163C54FE2A32 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:55:32.0712 7176 LanmanWorkstation - ok
11:55:32.0719 7176 [ 58068B1479D210029E6DE7BD6FCF24C8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
11:55:32.0720 7176 lltdio - ok
11:55:32.0747 7176 [ 32DE699E264D65209823C8A63C2F734B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
11:55:32.0752 7176 lltdsvc - ok
11:55:32.0767 7176 [ C22DD22905925903E3CFFD7B73D9193B ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
11:55:32.0769 7176 lmhosts - ok
11:55:32.0777 7176 [ 8C70AE72C3D419025F3B82FA32731497 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
11:55:32.0779 7176 LSI_SAS - ok
11:55:32.0828 7176 [ 7A34B808436CA8C8C81CE059489B63C1 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
11:55:32.0829 7176 LSI_SAS2 - ok
11:55:32.0843 7176 [ DFB2AC00B95C723F66D11C69EDF13E73 ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
11:55:32.0844 7176 LSI_SCSI - ok
11:55:32.0857 7176 [ F32AA985036F2894E6F1AF9FD18AEDE1 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
11:55:32.0858 7176 LSI_SSS - ok
11:55:32.0900 7176 [ AEC53F42776DB9AF2B8760BC34FDFAAC ] LSM C:\WINDOWS\System32\lsm.dll
11:55:32.0915 7176 LSM - ok
11:55:32.0944 7176 [ CD8D01B46E7274653B417D865859206E ] luafv C:\WINDOWS\system32\drivers\luafv.sys
11:55:32.0945 7176 luafv - ok
11:55:32.0958 7176 [ 79CC6BB5F540B94A4994AA0750D7286C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
11:55:32.0958 7176 megasas - ok
11:55:32.0978 7176 [ 19B4F7782878EBD8AA02332661ECDA84 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
11:55:32.0982 7176 MegaSR - ok
11:55:33.0018 7176 [ 4DF499436B5FE579E3507BB6C16F413E ] MMCSS C:\WINDOWS\system32\mmcss.dll
11:55:33.0022 7176 MMCSS - ok
11:55:33.0037 7176 [ E980B3F44A8A57DFFEBDC9308BD155C3 ] Modem C:\WINDOWS\system32\drivers\modem.sys
11:55:33.0038 7176 Modem - ok
11:55:33.0055 7176 [ CA03CDBA0C9C755EF4D87282E7679A1E ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
11:55:33.0056 7176 monitor - ok
11:55:33.0075 7176 [ A06F83CB39D8EA3540BE701341D1C258 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
11:55:33.0077 7176 mouclass - ok
11:55:33.0109 7176 [ EDD3970FD9AEE00BE7490EB94F385714 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
11:55:33.0110 7176 mouhid - ok
11:55:33.0125 7176 [ EED20950D8271F7D870F58662E153D2B ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
11:55:33.0126 7176 mountmgr - ok
11:55:33.0209 7176 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:55:33.0210 7176 MozillaMaintenance - ok
11:55:33.0231 7176 [ 6FBE62F717ACE72EE7E9DC13138945DF ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
11:55:33.0232 7176 mpsdrv - ok
11:55:33.0263 7176 [ 668172CFEBBAFF968A4307D583016642 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
11:55:33.0289 7176 MpsSvc - ok
11:55:33.0334 7176 [ 222E5FA7FF8698A90C722AC7B1483B39 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
11:55:33.0335 7176 MRxDAV - ok
11:55:33.0370 7176 [ 6DEB26CFDE1A35D405224E8B04798685 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:55:33.0373 7176 mrxsmb - ok
11:55:33.0390 7176 [ 44DBF8BF060C3F58D81D6DFA39F2E2C0 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
11:55:33.0393 7176 mrxsmb10 - ok
11:55:33.0402 7176 [ 3579AAA98F19DC88723F599C9A0039AA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:55:33.0404 7176 mrxsmb20 - ok
11:55:33.0432 7176 [ B1D89CD1DB23E70E6065AB5D1003D45F ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
11:55:33.0433 7176 MsBridge - ok
11:55:33.0467 7176 [ 0D9E3451244062BA58AA628FEF9685DF ] MSDTC C:\WINDOWS\System32\msdtc.exe
11:55:33.0471 7176 MSDTC - ok
11:55:33.0492 7176 [ 04B8038921D181C3626F142EAB6A04E6 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
11:55:33.0493 7176 Msfs - ok
11:55:33.0526 7176 [ CA8B8CD89DD200D192A41EA0F7DA87B8 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:55:33.0527 7176 msgpiowin32 - ok
11:55:33.0541 7176 [ 990FBAF13C0538392A6B78915F4DED08 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:55:33.0542 7176 mshidkmdf - ok
11:55:33.0561 7176 [ 0A7F3780826A75D2A9A5B482D807FB1D ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
11:55:33.0562 7176 mshidumdf - ok
11:55:33.0580 7176 [ E909B66D9C1C036796FD90E35EA18740 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
11:55:33.0581 7176 msisadrv - ok
11:55:33.0624 7176 [ 4226FA58BE5297F85F554CA3349D7264 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
11:55:33.0629 7176 MSiSCSI - ok
11:55:33.0635 7176 msiserver - ok
11:55:33.0659 7176 [ 41476311375E6690E9BE66515B975DD5 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:55:33.0660 7176 MSKSSRV - ok
11:55:33.0676 7176 [ 3D797F2899279DB1C583535D74C1B655 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
11:55:33.0677 7176 MsLldp - ok
11:55:33.0694 7176 [ 3D0236355DAAA02CD9CC1A443CA14E50 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:55:33.0695 7176 MSPCLOCK - ok
11:55:33.0731 7176 [ 2A85AD83C31AC7C4A6C3C412D5B05D85 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
11:55:33.0732 7176 MSPQM - ok
11:55:33.0747 7176 [ 6A0C0EF2D2EA692B9EBD879D4265DABC ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
11:55:33.0751 7176 MsRPC - ok
11:55:33.0771 7176 [ 236F25EEB53E88F40DB6776AFCC67B3F ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
11:55:33.0772 7176 mssmbios - ok
11:55:33.0787 7176 [ 9FEED052AB6A8A7BB425DD5847A763B5 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
11:55:33.0788 7176 MSTEE - ok
11:55:33.0809 7176 [ DF99265770198FCC0F9868686358FCA1 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
11:55:33.0810 7176 MTConfig - ok
11:55:33.0832 7176 [ 1CF51C64B5F22F3BD07859343C33B441 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
11:55:33.0834 7176 Mup - ok
11:55:33.0846 7176 [ CBDCEC3B3694DF008423CC25AD8C71F5 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
11:55:33.0847 7176 mvumis - ok
11:55:33.0897 7176 [ A0A0074587BE5FF2978614AF2057EF8A ] napagent C:\WINDOWS\system32\qagentRT.dll
11:55:33.0913 7176 napagent - ok
11:55:33.0931 7176 [ C838B96D20F0599BC8AF45605B15A79E ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:55:33.0935 7176 NativeWifiP - ok
11:55:33.0951 7176 [ F7C7267F2EF74697E2B5308680CE946A ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
11:55:33.0956 7176 NcaSvc - ok
11:55:33.0990 7176 [ 7B0E67B2BF09A3D02B79B89B192ECB50 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
11:55:33.0993 7176 NcdAutoSetup - ok
11:55:34.0021 7176 [ 628ACE8D6E74FA1420DB0F7A5BA64FB4 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
11:55:34.0026 7176 NDIS - ok
11:55:34.0035 7176 [ D533C8F7013C8D030D53AE8BF59AFC62 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
11:55:34.0035 7176 NdisCap - ok
11:55:34.0068 7176 [ 359DA0D2AF05FF003AFA2722B120F903 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
11:55:34.0069 7176 NdisImPlatform - ok
11:55:34.0073 7176 [ B248A91702A24330D7802CE1D22CE32C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:55:34.0074 7176 NdisTapi - ok
11:55:34.0092 7176 [ D5DCAC4914AF3B05D0727AB649EA094E ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:55:34.0093 7176 Ndisuio - ok
11:55:34.0109 7176 [ 903634F18D8415EA07ACB09619C450B2 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:55:34.0110 7176 NdisWan - ok
11:55:34.0125 7176 [ 903634F18D8415EA07ACB09619C450B2 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:55:34.0126 7176 NDISWANLEGACY - ok
11:55:34.0178 7176 [ F3F55C796D3FAE87CCCBE89EBBCB7AC2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
11:55:34.0178 7176 NDProxy - ok
11:55:34.0192 7176 [ 2556F028465F17BC03E087A34412D3D4 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
11:55:34.0193 7176 Ndu - ok
11:55:34.0203 7176 [ 3C4964ED7EA88800C4A3544D2421811F ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
11:55:34.0204 7176 NetBIOS - ok
11:55:34.0229 7176 [ E0333733CE1DD939E02B3FE555983DE2 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
11:55:34.0231 7176 NetBT - ok
11:55:34.0236 7176 [ 6DBD56C7117F98D56C8880614FE765B7 ] Netlogon C:\WINDOWS\system32\lsass.exe
11:55:34.0237 7176 Netlogon - ok
11:55:34.0289 7176 [ ECD8CD4AE023EDBDFA5155EBCF3959FC ] Netman C:\WINDOWS\System32\netman.dll
11:55:34.0295 7176 Netman - ok
11:55:34.0317 7176 [ 2FBC1158E3DC0DDD08150895B298EE6E ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
11:55:34.0334 7176 netprofm - ok
11:55:34.0430 7176 [ 1B71A950C3A5CD06F57C6D8DDCE29ACA ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:55:34.0436 7176 NetTcpPortSharing - ok
11:55:34.0655 7176 [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64 C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
11:55:34.0695 7176 NETwNs64 - ok
11:55:34.0723 7176 [ 414C57DF5354BB20C8CE86420A846811 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
11:55:34.0723 7176 nfrd960 - ok
11:55:34.0760 7176 [ E712C67432A64FF2A010B749DEDE5A3D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
11:55:34.0766 7176 NlaSvc - ok
11:55:34.0779 7176 [ 2D5CCAE877D271FF41BEB5FDF87041E8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
11:55:34.0780 7176 Npfs - ok
11:55:34.0809 7176 [ D031EE874A5CD2EBD425AC571D69E2AC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
11:55:34.0809 7176 npsvctrig - ok
11:55:34.0824 7176 [ D7F3927F69871DFF58E89B7454BBC5CA ] nsi C:\WINDOWS\system32\nsisvc.dll
11:55:34.0827 7176 nsi - ok
11:55:34.0836 7176 [ 869B2D260DAE2AD694283FACC0517871 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
11:55:34.0837 7176 nsiproxy - ok
11:55:34.0911 7176 [ 4CDD1FE700E82E98531A71109F7CFB68 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
11:55:34.0920 7176 Ntfs - ok
11:55:34.0933 7176 [ 8602CE381794E406E07A1850FBCB2477 ] Null C:\WINDOWS\system32\drivers\Null.sys
11:55:34.0934 7176 Null - ok
11:55:35.0208 7176 [ 69B358902DEA6C32914A2C181773BBF5 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
11:55:35.0275 7176 nvlddmkm - ok
11:55:35.0352 7176 [ 7A32C0B720442DD614824A4B1B0B572C ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
11:55:35.0355 7176 nvraid - ok
11:55:35.0399 7176 [ 7621F2B512341EF6517D5850444F8BCB ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
11:55:35.0401 7176 nvstor - ok
11:55:35.0436 7176 [ 0DBC08125C9C1203C7C0DF119D7C2DF1 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
11:55:35.0438 7176 nv_agp - ok
11:55:35.0472 7176 [ 706F5504AF9F28C8641DAB5EDDFDE03B ] OA001Ufd C:\WINDOWS\system32\DRIVERS\OA001Ufd.sys
11:55:35.0474 7176 OA001Ufd - ok
11:55:35.0497 7176 [ F39A394BDB20217DB5D6D91D54E83BF5 ] OA001Vid C:\WINDOWS\system32\DRIVERS\OA001Vid.sys
11:55:35.0500 7176 OA001Vid - ok
11:55:35.0521 7176 [ D5686620E7B08769D49400854A033E30 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
11:55:35.0526 7176 p2pimsvc - ok
11:55:35.0561 7176 [ 588F5BAD1A3A0FB392856E88EF85827B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
11:55:35.0574 7176 p2psvc - ok
11:55:35.0587 7176 [ 4E5CA0CD39EC76A51AF57D646549C056 ] Parport C:\WINDOWS\System32\drivers\parport.sys
11:55:35.0588 7176 Parport - ok
11:55:35.0594 7176 [ 498BFA8F1C6F026DD0A3909E716F8D91 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
11:55:35.0594 7176 partmgr - ok
11:55:35.0618 7176 [ 4F6E448906EA03543BEB86C97DEEE1B8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
11:55:35.0624 7176 PcaSvc - ok
11:55:35.0642 7176 [ DC2098D455B7E7E2FF7E37F9A66673D0 ] pci C:\WINDOWS\system32\drivers\pci.sys
11:55:35.0643 7176 pci - ok
11:55:35.0654 7176 [ C54CE89FD3ADA68995B320FA5C6893DC ] pciide C:\WINDOWS\system32\drivers\pciide.sys
11:55:35.0655 7176 pciide - ok
11:55:35.0696 7176 [ E3503C9CEF24250EE6C98EA58857340D ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
11:55:35.0697 7176 pcmcia - ok
11:55:35.0726 7176 [ 69002AC581B53925875401B42C6009C4 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
11:55:35.0727 7176 pcw - ok
11:55:35.0731 7176 [ 6CC01CC88AF349BCBAB3B602323FFC24 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
11:55:35.0732 7176 pdc - ok
11:55:35.0764 7176 [ 9162384A7DE807163CE26A9D95E182E1 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
11:55:35.0768 7176 PEAUTH - ok
11:55:35.0816 7176 [ 6E6C2D87F49A7BE63C109880C94704BB ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
11:55:35.0885 7176 PeerDistSvc - ok
11:55:36.0010 7176 [ 129609B0CABE5458DD94C2DA8B99F1DC ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
11:55:36.0012 7176 PerfHost - ok
11:55:36.0084 7176 [ 4254241F0D3445573CF840802BD786BA ] pla C:\WINDOWS\system32\pla.dll
11:55:36.0119 7176 pla - ok
11:55:36.0153 7176 [ D5609A195EA599793228EACDDAB1574B ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
11:55:36.0157 7176 PlugPlay - ok
11:55:36.0190 7176 [ 78897C1A515262F5156E2D4FD593EC61 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
11:55:36.0194 7176 PNRPAutoReg - ok
11:55:36.0212 7176 [ D5686620E7B08769D49400854A033E30 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
11:55:36.0216 7176 PNRPsvc - ok
11:55:36.0243 7176 [ 5EB494F254363BB1C0F24CE1CFEFB6B6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
11:55:36.0256 7176 PolicyAgent - ok
11:55:36.0287 7176 [ CAF5DFF32A27A61D2C5C36F6166CC768 ] Power C:\WINDOWS\system32\umpo.dll
11:55:36.0291 7176 Power - ok
11:55:36.0321 7176 [ 2BFC9A3F12E74756754102CA2F06323D ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:55:36.0322 7176 PptpMiniport - ok
11:55:36.0431 7176 [ CD44D63FB0777CEB614111AA590A527C ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:55:36.0487 7176 PrintNotify - ok
11:55:36.0506 7176 [ 708BE76C2817050AE8B9FB4BD189BDD7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
11:55:36.0508 7176 Processor - ok
11:55:36.0542 7176 [ 102A02EA61F9ADE5A3D8B4FFF0BC8C85 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
11:55:36.0547 7176 ProfSvc - ok
11:55:36.0579 7176 [ 61426ACCE9D207D08B215AF74555C180 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
11:55:36.0581 7176 Psched - ok
11:55:36.0617 7176 [ C3F9A6BDD87DD87441C588D7C8DB7209 ] QWAVE C:\WINDOWS\system32\qwave.dll
11:55:36.0624 7176 QWAVE - ok
11:55:36.0636 7176 [ 32517A92B4C11C4443771F5158570121 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
11:55:36.0636 7176 QWAVEdrv - ok
11:55:36.0661 7176 [ 4E1EDE1ED3CC8CF98268E1BB3F406900 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:55:36.0662 7176 RasAcd - ok
11:55:36.0690 7176 [ 59E12E4FD80733E79CA070ECF9818153 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
11:55:36.0691 7176 RasAgileVpn - ok
11:55:36.0701 7176 [ E3374F796A60628110A2BD93B3C3611C ] RasAuto C:\WINDOWS\System32\rasauto.dll
11:55:36.0705 7176 RasAuto - ok
11:55:36.0735 7176 [ 7D5B09EBE82DA0A0CFECF1558125A651 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:55:36.0736 7176 Rasl2tp - ok
11:55:36.0770 7176 [ 064C8D7402F72488DA52E5F34FDA3578 ] RasMan C:\WINDOWS\System32\rasmans.dll
11:55:36.0776 7176 RasMan - ok
11:55:36.0790 7176 [ F43F03F650B9FA7FEFAA1F42A08EF9B7 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:55:36.0790 7176 RasPppoe - ok
11:55:36.0795 7176 [ BB6A240BFBFA55363645BD6A03F3BAB4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
11:55:36.0796 7176 RasSstp - ok
11:55:36.0847 7176 [ E7675DE055A9ED41913B81605C013E7E ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:55:36.0854 7176 rdbss - ok
11:55:36.0874 7176 [ 25E8FEC1BA1353FE026D56D798DF8566 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
11:55:36.0876 7176 rdpbus - ok
11:55:36.0919 7176 [ FB86C8FA57CFAE86C3D2E613C65EB119 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
11:55:36.0921 7176 RDPDR - ok
11:55:36.0945 7176 [ 4EA20F29BB9B0C05AC3782138EA528C3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:55:36.0946 7176 RdpVideoMiniport - ok
11:55:36.0992 7176 [ A1A6CB11676A82CE2E9BFD476DBA0A13 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
11:55:36.0997 7176 RDPWD - ok
11:55:37.0017 7176 [ 35AF307B098C8C650774B449B433105E ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
11:55:37.0019 7176 rdyboost - ok
11:55:37.0051 7176 [ E10C86E9F43D74752703CFE0D0F4549F ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
11:55:37.0054 7176 RemoteAccess - ok
11:55:37.0089 7176 [ 2BE6400C94D299136EF407734090365A ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
11:55:37.0093 7176 RemoteRegistry - ok
11:55:37.0114 7176 [ E31960692CBB3A8BCDF300BC1D889E1F ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmpx64.sys
11:55:37.0115 7176 rimmptsk - ok
11:55:37.0129 7176 [ CE832C6E7A22204DD7E50302290B1596 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
11:55:37.0132 7176 RpcEptMapper - ok
11:55:37.0156 7176 [ A56F388A7362212F608BD0F8A1AF9EBC ] RpcLocator C:\WINDOWS\system32\locator.exe
11:55:37.0158 7176 RpcLocator - ok
11:55:37.0185 7176 [ 6446876DDE28C69B344FCB0C15D8604E ] RpcSs C:\WINDOWS\system32\rpcss.dll
11:55:37.0191 7176 RpcSs - ok
11:55:37.0201 7176 [ 4E891FCCBC73641708DEC461B1F7682F ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
11:55:37.0202 7176 rspndr - ok
11:55:37.0217 7176 [ CAF70FFF85E2275E4A50557F265A07CC ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
11:55:37.0218 7176 s3cap - ok
11:55:37.0233 7176 [ 6DBD56C7117F98D56C8880614FE765B7 ] SamSs C:\WINDOWS\system32\lsass.exe
11:55:37.0234 7176 SamSs - ok
11:55:37.0250 7176 [ 8D0F734E545FAE1247B7B968CDBE3764 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
11:55:37.0251 7176 sbp2port - ok
11:55:37.0302 7176 [ F1FA68AD9F8E73775268840D6377E073 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
11:55:37.0307 7176 SCardSvr - ok
11:55:37.0321 7176 [ 3EFA959348022CBFDBD20A8F400FD343 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:55:37.0322 7176 scfilter - ok
11:55:37.0370 7176 [ 0010C7890300581C7075CDA8030FCB1B ] Schedule C:\WINDOWS\system32\schedsvc.dll
11:55:37.0405 7176 Schedule - ok
11:55:37.0453 7176 [ DB8B763E355B7DB58D1FB46D79651E9D ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
11:55:37.0457 7176 SCPolicySvc - ok
11:55:37.0477 7176 [ 0ECAF7FA2F75FFCDD06D5D0873827082 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
11:55:37.0479 7176 sdbus - ok
11:55:37.0498 7176 [ 862E879617ABDA0C6E18DD25EA2E0155 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
11:55:37.0531 7176 SDRSVC - ok
11:55:37.0572 7176 [ E809EEA9DAE44CA268E4BB681FF05496 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
11:55:37.0573 7176 sdstor - ok
11:55:37.0583 7176 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
11:55:37.0584 7176 secdrv - ok
11:55:37.0623 7176 [ 2C0971C8FCC21FCF936264EC9FABA0A1 ] seclogon C:\WINDOWS\system32\seclogon.dll
11:55:37.0628 7176 seclogon - ok
11:55:37.0662 7176 [ 0E3C6E1DB06BA31D3F222FDF593C0DB1 ] SENS C:\WINDOWS\System32\sens.dll
11:55:37.0667 7176 SENS - ok
11:55:37.0684 7176 [ 1CDCAAD324AEC5D242CE6BFB09F36CCF ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
11:55:37.0691 7176 SensrSvc - ok
11:55:37.0706 7176 [ 1F27D4B2623CB2A454A9499B697F0530 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
11:55:37.0708 7176 SerCx - ok
11:55:37.0742 7176 [ 87CF8C6B28E5E38D5A75D2565ABBC553 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
11:55:37.0743 7176 Serenum - ok
11:55:37.0770 7176 [ DC6C7A0C06E931ED2B6110CD68959E88 ] Serial C:\WINDOWS\System32\drivers\serial.sys
11:55:37.0771 7176 Serial - ok
11:55:37.0806 7176 [ 0F832063E0E9B0E9630898353B2EF493 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
11:55:37.0807 7176 sermouse - ok
11:55:37.0840 7176 [ CAC99A543AEEFC6812D2702E208BFD33 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
11:55:37.0857 7176 SessionEnv - ok
11:55:37.0871 7176 [ 72A51E9EC9268BFF0BA9DDB4B531ADD2 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
11:55:37.0872 7176 sfloppy - ok
11:55:37.0911 7176 [ DDFFC5428192CAA5ED213C16348D66E0 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
11:55:37.0929 7176 SharedAccess - ok
11:55:37.0986 7176 [ 0DD82221E2A0DF5C1D93A8F692982336 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:55:38.0002 7176 ShellHWDetection - ok
11:55:38.0035 7176 [ 5F13759AF83F8C2A023483B98BD149D2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:55:38.0036 7176 SiSRaid2 - ok
11:55:38.0046 7176 [ A84A68EE7ABEAA7EEC8DBCCAE83653F4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
11:55:38.0047 7176 SiSRaid4 - ok
11:55:38.0129 7176 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:55:38.0133 7176 SkypeUpdate - ok
11:55:38.0167 7176 [ 60D2545E33F997AA172BCA8AA7AADB66 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
11:55:38.0171 7176 SNMPTRAP - ok
11:55:38.0194 7176 [ A74023A2F13C7FFB06C0905C35C591FF ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
11:55:38.0196 7176 spaceport - ok
11:55:38.0211 7176 [ 753D7E3B5DF557CC28F668B599429EB4 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
11:55:38.0212 7176 SpbCx - ok
11:55:38.0236 7176 [ EDEA6AC00F36813E2E2D76C4D8483B59 ] Spooler C:\WINDOWS\System32\spoolsv.exe
11:55:38.0252 7176 Spooler - ok
11:55:38.0380 7176 [ 613EF10494F7BC394E0DB2D5CB3FEC74 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
11:55:38.0483 7176 sppsvc - ok
11:55:38.0505 7176 [ 5F64CD5F5596533AB412374797D37CCE ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
11:55:38.0508 7176 srv - ok
11:55:38.0530 7176 [ 1812AAAD25E69DAB5D32D9F86451CED6 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
11:55:38.0533 7176 srv2 - ok
11:55:38.0552 7176 [ B8568C60F0D33DFF3F777ECF03AFFA34 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:55:38.0553 7176 srvnet - ok
11:55:38.0594 7176 [ 68C7AB6D3C8559F21CE5784BD506ED10 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
11:55:38.0600 7176 SSDPSRV - ok
11:55:38.0630 7176 [ 4ABEB207457928D38AA0CFCDD18D213D ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
11:55:38.0654 7176 SstpSvc - ok
11:55:38.0686 7176 [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:55:38.0688 7176 ssudmdm - ok
11:55:38.0718 7176 [ D0F597797C30A3F20ABFBF162E0D3DE5 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
11:55:38.0719 7176 stexstor - ok
11:55:38.0760 7176 [ B7A6523C9D7A3A2772CF7AA60D3713B0 ] stisvc C:\WINDOWS\System32\wiaservc.dll
11:55:38.0776 7176 stisvc - ok
11:55:38.0822 7176 [ 5001ABA932F09DC5C0D81F9FE2BED46D ] storahci C:\WINDOWS\system32\drivers\storahci.sys
11:55:38.0824 7176 storahci - ok
11:55:38.0841 7176 [ 62CE69E46A9299E732029046418962AD ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
11:55:38.0841 7176 storflt - ok
11:55:38.0856 7176 [ 4FA5F3475E622EA066C3BE1AAEEEE80D ] StorSvc C:\WINDOWS\system32\storsvc.dll
11:55:38.0860 7176 StorSvc - ok
11:55:38.0892 7176 [ 20642E6F2A2C15A3574DA482A6E49A17 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
11:55:38.0893 7176 storvsc - ok
11:55:38.0930 7176 [ 0991345BE188885474235A2A46415D5A ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
11:55:38.0931 7176 storvsp - ok
11:55:38.0944 7176 [ 6F27DCCC39FD815799CD90DD1CF4DE2F ] svsvc C:\WINDOWS\system32\svsvc.dll
11:55:38.0947 7176 svsvc - ok
11:55:38.0958 7176 [ E124307E341A1A0CA658753FFF7FA210 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
11:55:38.0958 7176 swenum - ok
11:55:38.0995 7176 [ 721830CA750ECEBE0144C0D887528F6A ] swprv C:\WINDOWS\System32\swprv.dll
11:55:39.0010 7176 swprv - ok
11:55:39.0079 7176 [ 4251D18CCF5FC284CBAAE1F7534ED5FC ] SysMain C:\WINDOWS\system32\sysmain.dll
11:55:39.0115 7176 SysMain - ok
11:55:39.0148 7176 [ A931E972614B82ED8CCFA9AC71CDD843 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:55:39.0153 7176 SystemEventsBroker - ok
11:55:39.0166 7176 [ B466BD76D88F23906810BE50C7520A6B ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:55:39.0170 7176 TabletInputService - ok
11:55:39.0206 7176 [ 87FF3D4A92650D7FD55898BA436592AA ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
11:55:39.0212 7176 TapiSrv - ok
11:55:39.0299 7176 [ 8ABBE86638D9C36FB7565D09F0CC6210 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
11:55:39.0316 7176 Tcpip - ok
11:55:39.0364 7176 [ 8ABBE86638D9C36FB7565D09F0CC6210 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:55:39.0375 7176 TCPIP6 - ok
11:55:39.0408 7176 [ F3AD3ABAC540B2AE648DA19D56A5C909 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
11:55:39.0409 7176 tcpipreg - ok
11:55:39.0438 7176 [ 3921BBEC2E4345AE0AE93769B7514A43 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
11:55:39.0439 7176 tdx - ok
11:55:39.0446 7176 [ D0D513580359A57846BE8C258FB80D17 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
11:55:39.0447 7176 terminpt - ok
11:55:39.0474 7176 [ 5267E446C26383C76975F5B8B51F385A ] TermService C:\WINDOWS\System32\termsrv.dll
11:55:39.0490 7176 TermService - ok
11:55:39.0525 7176 [ 7C7F7898FB7E68B0D58D481B3F9D069A ] Themes C:\WINDOWS\system32\themeservice.dll
11:55:39.0529 7176 Themes - ok
11:55:39.0566 7176 [ 4DF499436B5FE579E3507BB6C16F413E ] THREADORDER C:\WINDOWS\system32\mmcss.dll
11:55:39.0567 7176 THREADORDER - ok
11:55:39.0579 7176 [ 387D0271212C4387944349EE879D4434 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
11:55:39.0584 7176 TimeBroker - ok
11:55:39.0620 7176 [ 2082C0704124AC6E4AD8C66AA48EBD28 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
11:55:39.0621 7176 TPM - ok
11:55:39.0655 7176 [ 85AED67291600101C79DF4F12B770100 ] TrkWks C:\WINDOWS\System32\trkwks.dll
11:55:39.0659 7176 TrkWks - ok
11:55:39.0689 7176 [ 37DE81550EF915321D8284F2BB270401 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:55:39.0690 7176 TrustedInstaller - ok
11:55:39.0709 7176 [ 1F50DAEFD95376C42BA344AE833785E8 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
11:55:39.0710 7176 TsUsbFlt - ok
11:55:39.0741 7176 [ 9EB80A1002E83182EF1D18040CFC42EA ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:55:39.0741 7176 TsUsbGD - ok
11:55:39.0757 7176 [ 153B583683CA34CE2617CB5E9959E251 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
11:55:39.0758 7176 tunnel - ok
11:55:39.0775 7176 [ A6DDDF8E2FDA933B673C7E3A2A26E9CB ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
11:55:39.0776 7176 uagp35 - ok
11:55:39.0876 7176 [ FDB5C138BD5F70DD053D0CDCDD9F933B ] uagqecsvc C:\Users\callies123\Forefront UAG Remote Access Agent\exchangeasurioncom\owa1\uagqecsvc.exe
11:55:39.0881 7176 uagqecsvc - ok
11:55:39.0918 7176 [ FB77D346871D7169698B9986D7E77B45 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
11:55:39.0920 7176 UASPStor - ok
11:55:39.0953 7176 [ 4B55BF0C1CF814C8121A2FEFA98E9A68 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
11:55:39.0955 7176 UCX01000 - ok
11:55:39.0976 7176 [ EE3DDFE95156A156E63D1B038BB50EA0 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
11:55:39.0979 7176 udfs - ok
11:55:40.0021 7176 [ 92B6AB07DFE225D660E6E6FBA600C421 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
11:55:40.0024 7176 UI0Detect - ok
11:55:40.0056 7176 [ A1644BB66B95614CD6B62E49938FE60C ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
11:55:40.0056 7176 uliagpkx - ok
11:55:40.0065 7176 [ C1E848D4D3DCF65732E0520D452DEBD7 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
11:55:40.0066 7176 umbus - ok
11:55:40.0075 7176 [ 93D36B4342A21EB6F3652C73C4CD1B03 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
11:55:40.0075 7176 UmPass - ok
11:55:40.0128 7176 [ 1996F76A6D9836A95CF088F3FFE4811B ] UmRdpService C:\WINDOWS\System32\umrdp.dll
11:55:40.0136 7176 UmRdpService - ok
11:55:40.0195 7176 [ 644F026B0EA22033A094680D1B28A07B ] upnphost C:\WINDOWS\System32\upnphost.dll
11:55:40.0213 7176 upnphost - ok
11:55:40.0245 7176 [ 9A40F023B70A2FBDD2C199F2368074D4 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
11:55:40.0247 7176 usbccgp - ok
11:55:40.0265 7176 [ 71DC9F45C1654B86CA2042AF5BB5F7B8 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
11:55:40.0266 7176 usbcir - ok
11:55:40.0278 7176 [ 2D24FF183C1DFF4A26C6FDC24CAF7B1E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
11:55:40.0280 7176 usbehci - ok
11:55:40.0300 7176 [ F2FF1C1D1EAA1B41D9FA8417238CA1E7 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
11:55:40.0305 7176 usbhub - ok
11:55:40.0328 7176 [ C58259D5630F15ACD5E1E8E82D8CDA6D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
11:55:40.0332 7176 USBHUB3 - ok
11:55:40.0364 7176 [ F0B350482E47DE67858DC1A91B018AB9 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
11:55:40.0366 7176 usbohci - ok
11:55:40.0381 7176 [ CEEDC863A497FB16B548E10D0DCA88C1 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
11:55:40.0382 7176 usbprint - ok
11:55:40.0423 7176 [ EF4D90C89404BEB9F808D950635B0501 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:55:40.0425 7176 USBSTOR - ok
11:55:40.0439 7176 [ 054D7ED11ADD925560FBEE4393A35D69 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
11:55:40.0440 7176 usbuhci - ok
11:55:40.0473 7176 [ 49A72139C4BC24710C27531A83B5A7AE ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
11:55:40.0475 7176 usbvideo - ok
11:55:40.0493 7176 [ DA62C7A6569B3E20828A9A67823D20DB ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:55:40.0496 7176 USBXHCI - ok
11:55:40.0511 7176 [ 6DBD56C7117F98D56C8880614FE765B7 ] VaultSvc C:\WINDOWS\system32\lsass.exe
11:55:40.0513 7176 VaultSvc - ok
11:55:40.0544 7176 [ 0A088BAECA2A818A621E37782B4EFC60 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
11:55:40.0544 7176 vdrvroot - ok
11:55:40.0582 7176 [ DF0FAB22FE38AFA6F6F7F34B090C4850 ] vds C:\WINDOWS\System32\vds.exe
11:55:40.0598 7176 vds - ok
11:55:40.0626 7176 [ CC11188DAA0B8E9E19282ADB89DE386A ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
11:55:40.0627 7176 VerifierExt - ok
11:55:40.0664 7176 [ 5807B5A111FCFC49C383D29A2D37B7B1 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
11:55:40.0667 7176 vhdmp - ok
11:55:40.0703 7176 [ CA5CD34A334A53D37E0A5FEC543E4C57 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
11:55:40.0704 7176 viaide - ok
11:55:40.0739 7176 [ CA8EC74B5E28D206D768B76B55C0A265 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
11:55:40.0742 7176 Vid - ok
11:55:40.0764 7176 [ F0823A29E8D16F1B82B2D7B5012F4757 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
11:55:40.0768 7176 vmbus - ok
11:55:40.0798 7176 [ E409AC6A96EFF97CD17F85AE6187C1EC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
11:55:40.0798 7176 VMBusHID - ok
11:55:40.0808 7176 [ EEF366C0B071CE5130B577C01B15B149 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
11:55:40.0809 7176 vmbusr - ok
11:55:40.0840 7176 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
11:55:40.0846 7176 vmicheartbeat - ok
11:55:40.0857 7176 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
11:55:40.0860 7176 vmickvpexchange - ok
11:55:40.0871 7176 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
11:55:40.0874 7176 vmicrdv - ok
11:55:40.0890 7176 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
11:55:40.0893 7176 vmicshutdown - ok
11:55:40.0909 7176 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
11:55:40.0912 7176 vmictimesync - ok
11:55:40.0919 7176 [ 96F1F2B29CD48BDC63B5AE861D0DD5B7 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
11:55:40.0921 7176 vmicvss - ok
11:55:40.0945 7176 [ 3170CD3F3F11E5E94F96CECDF60F5451 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
11:55:40.0946 7176 volmgr - ok
11:55:41.0000 7176 [ AC76F9623098F1796BDEAE77A636E7FA ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
11:55:41.0002 7176 volmgrx - ok
11:55:41.0038 7176 [ 90245509D137B8BC46CE50124FC5676E ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
11:55:41.0040 7176 volsnap - ok
11:55:41.0055 7176 [ D945112635500A7480D6E29D337FDB0A ] vpci C:\WINDOWS\System32\drivers\vpci.sys
11:55:41.0056 7176 vpci - ok
11:55:41.0072 7176 [ 67D60EB95576FCD6990E613E7D67976F ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
11:55:41.0072 7176 vpcivsp - ok
11:55:41.0111 7176 [ D5FEAB0D1B669891C93B45EF2764B60A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
11:55:41.0113 7176 vsmraid - ok
11:55:41.0178 7176 [ A7A70547822B1E69B08B029D56C9CFA4 ] VSS C:\WINDOWS\system32\vssvc.exe
11:55:41.0221 7176 VSS - ok
11:55:41.0244 7176 [ 3AA3515C6AC9C30819EC7DD3C9C5127D ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
11:55:41.0247 7176 VSTXRAID - ok
11:55:41.0311 7176 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
11:55:41.0337 7176 vToolbarUpdater13.2.0 - ok
11:55:41.0356 7176 [ 66381F29CBEC4DACBEB4044D522D2447 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
11:55:41.0358 7176 vwifibus - ok
11:55:41.0412 7176 [ D435F1CF7E22B4EDF3299C712467D296 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
11:55:41.0415 7176 vwififlt - ok
11:55:41.0443 7176 [ 7C31FBB6C06D2DA53886B5FCE0DE9122 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
11:55:41.0444 7176 vwifimp - ok
11:55:41.0487 7176 [ 3EC6ADA626CE1BA312E0628AC802E4FA ] W32Time C:\WINDOWS\system32\w32time.dll
11:55:41.0505 7176 W32Time - ok
11:55:41.0525 7176 [ 7F7B5DA43E7C58F17422776ED23F79EC ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
11:55:41.0526 7176 WacomPen - ok
11:55:41.0543 7176 [ 462E6A2BFED7CEB5AF95AF58D7C378DB ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:55:41.0545 7176 Wanarp - ok
11:55:41.0550 7176 [ 462E6A2BFED7CEB5AF95AF58D7C378DB ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:55:41.0552 7176 Wanarpv6 - ok
11:55:41.0615 7176 [ 405A4A057C7DED7675285A8C64ED6836 ] wbengine C:\WINDOWS\system32\wbengine.exe
11:55:41.0648 7176 wbengine - ok
11:55:41.0694 7176 [ AC0E249EAD800A5B007F455C5C766DF5 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
11:55:41.0711 7176 WbioSrvc - ok
11:55:41.0730 7176 [ 2D20A3AC9CA046B466EFAF22936D40F4 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
11:55:41.0747 7176 Wcmsvc - ok
11:55:41.0766 7176 [ B6B0EA7123648BBD7BC67AF15D70A228 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
11:55:41.0784 7176 wcncsvc - ok
11:55:41.0811 7176 [ ADAD7BAC8DEB5FB7A038F2495711BE79 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
11:55:41.0816 7176 WcsPlugInService - ok
11:55:41.0850 7176 [ 38B6A9434DE44C9E452DB909C51951C5 ] Wd C:\WINDOWS\system32\drivers\wd.sys
11:55:41.0851 7176 Wd - ok
11:55:41.0861 7176 [ E55DA22C2E4DECF7D4C1C39B0CEEA008 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
11:55:41.0862 7176 WdBoot - ok
11:55:41.0912 7176 [ 1AE37B32FBDD81A912FA9D681DD9B697 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
11:55:41.0918 7176 Wdf01000 - ok
11:55:41.0938 7176 [ 6491AB5BB2B4F5C9D38E920AA515D8BB ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
11:55:41.0941 7176 WdFilter - ok
11:55:41.0973 7176 [ 8ECAA0B92F2E018222203A7A25DE99A3 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
11:55:41.0978 7176 WdiServiceHost - ok
11:55:41.0983 7176 [ 8ECAA0B92F2E018222203A7A25DE99A3 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
11:55:41.0988 7176 WdiSystemHost - ok
11:55:42.0055 7176 [ 5941B8AA229C6E5D7924919D3EDE0843 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
11:55:42.0057 7176 Web Assistant Updater - ok
11:55:42.0092 7176 [ EADAC1AADFEAE3357D141D21FFA1F1F8 ] WebClient C:\WINDOWS\System32\webclnt.dll
11:55:42.0097 7176 WebClient - ok
11:55:42.0144 7176 [ 688399FF25A4012AF16DA2E5C3DAF050 ] WebOptimizer C:\WINDOWS\system32\dmwu.exe
11:55:42.0170 7176 WebOptimizer - ok
11:55:42.0186 7176 [ 294FB7E90F654CECCA3EEF48C702EE13 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
11:55:42.0192 7176 Wecsvc - ok
11:55:42.0203 7176 [ 5E9444F75F45EB5E851D9C0E84666DB3 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
11:55:42.0207 7176 wercplsupport - ok
11:55:42.0215 7176 [ 48265451D62C89A96947B9D3E86B4B8F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
11:55:42.0219 7176 WerSvc - ok
11:55:42.0250 7176 [ 104BA78D0CFAF5F1919F60EB0A827A63 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
11:55:42.0251 7176 WFPLWFS - ok
11:55:42.0285 7176 [ CC20782B9CDC7FA3B31E5F4C0F79CE86 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
11:55:42.0289 7176 WiaRpc - ok
11:55:42.0300 7176 [ 23DD7346CAD4C3AE64B9AC503AC722CF ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
11:55:42.0301 7176 WIMMount - ok
11:55:42.0329 7176 WinDefend - ok
11:55:42.0370 7176 [ B753C0499E276DF0F247FE5BF8FCF8E8 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:55:42.0381 7176 WinHttpAutoProxySvc - ok
11:55:42.0441 7176 [ 8D3F3933A0DDB37B8FBFBD2257A8EB35 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
11:55:42.0447 7176 Winmgmt - ok
11:55:42.0549 7176 [ C878BC66BB2367E7AD3AEAA3F2B94E4F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
11:55:42.0604 7176 WinRM - ok
11:55:42.0639 7176 [ BC58C44F28218BF0621F92A758EF7683 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUSB.sys
11:55:42.0640 7176 WinUsb - ok
11:55:42.0672 7176 [ 7421E5B4F083862A94D094DAAEA9D346 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
11:55:42.0697 7176 WlanSvc - ok
11:55:42.0799 7176 [ 3270F71E98ADF92D4E200709BE6736BB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
11:55:42.0877 7176 wlidsvc - ok
11:55:42.0912 7176 [ 74708F57382BF8DD2862437CA00B8623 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
11:55:42.0913 7176 WmiAcpi - ok
11:55:42.0952 7176 [ 210874B65EB2D8643F46EBDF3146361A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:55:42.0956 7176 wmiApSrv - ok
11:55:42.0966 7176 WMPNetworkSvc - ok
11:55:42.0984 7176 [ BE19EFB0B261ADF873D335C2864FD819 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
11:55:42.0985 7176 wpcfltr - ok
11:55:43.0000 7176 [ C9ADB6396FA0FB320CE68AC480B3594C ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
11:55:43.0005 7176 WPCSvc - ok
11:55:43.0020 7176 [ B58FB1ECF243F3BB76A479B461710A1D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
11:55:43.0026 7176 WPDBusEnum - ok
11:55:43.0046 7176 [ 717FF17071FE7287E555F613C46409AF ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:55:43.0048 7176 WpdUpFltr - ok
11:55:43.0062 7176 [ B21B62F72BC166BC3E8A55194BE6F2CD ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:55:43.0063 7176 ws2ifsl - ok
11:55:43.0083 7176 [ 51CF231389EE86F8CC0EBF59C5F87EAB ] wscsvc C:\WINDOWS\System32\wscsvc.dll
11:55:43.0089 7176 wscsvc - ok
11:55:43.0095 7176 WSearch - ok
11:55:43.0194 7176 [ 0532113434382CDEB671747248BEC456 ] WSService C:\WINDOWS\System32\WSService.dll
11:55:43.0264 7176 WSService - ok
11:55:43.0350 7176 [ 8DE43E215349F961DC97374CDBCED96B ] wuauserv C:\WINDOWS\system32\wuaueng.dll
11:55:43.0417 7176 wuauserv - ok
11:55:43.0449 7176 [ 6A36211499A473EE851838482E1EC7F3 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
11:55:43.0450 7176 WudfPf - ok
11:55:43.0469 7176 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
11:55:43.0470 7176 WUDFRd - ok
11:55:43.0486 7176 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:55:43.0487 7176 WUDFSensorLP - ok
11:55:43.0504 7176 [ FB5DA58536DC59CCCE4EB0C0F2F36793 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
11:55:43.0508 7176 wudfsvc - ok
11:55:43.0514 7176 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:55:43.0515 7176 WUDFWpdFs - ok
11:55:43.0524 7176 [ F94A807B81554BB021C89E47BFAD6D9B ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:55:43.0526 7176 WUDFWpdMtp - ok
11:55:43.0567 7176 [ 640B1224C0138F8FBCE1902DF3D13FE6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
11:55:43.0582 7176 WwanSvc - ok
11:55:43.0621 7176 ================ Scan global ===============================
11:55:43.0668 7176 [ 7D5D03F3030F9A8E457D4E683ECA1497 ] C:\WINDOWS\system32\basesrv.dll
11:55:43.0684 7176 [ 78F34EA9D29A3FA9CD33EC3867971A84 ] C:\WINDOWS\system32\winsrv.dll
11:55:43.0703 7176 [ EFEC5911F3FB4F9660E05E8E45EA16D2 ] C:\WINDOWS\system32\sxssrv.dll
11:55:43.0738 7176 [ B5643CD44EF5F7514D1C6BA2FBBD5E7E ] C:\WINDOWS\system32\services.exe
11:55:43.0744 7176 [Global] - ok
11:55:43.0744 7176 ================ Scan MBR ==================================
11:55:43.0753 7176 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:55:44.0139 7176 \Device\Harddisk0\DR0 - ok
11:55:44.0140 7176 ================ Scan VBR ==================================
11:55:44.0143 7176 [ 8FD2404BBD6B7394EB64F1F688F7693F ] \Device\Harddisk0\DR0\Partition1
11:55:44.0145 7176 \Device\Harddisk0\DR0\Partition1 - ok
11:55:44.0145 7176 ============================================================
11:55:44.0145 7176 Scan finished
11:55:44.0145 7176 ============================================================
11:55:44.0175 7148 Detected object count: 0
11:55:44.0175 7148 Actual detected object count: 0
12:14:14.0631 3560 Deinitialize success

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.30.09

Windows 7 x64 NTFS
Internet Explorer 9.10.8400.0
callies123 :: CALLIES123-10 [administrator]

Protection: Enabled

11/30/2012 12:07:30 PM
mbam-log-2012-11-30 (12-07-30).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204381
Time elapsed: 3 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 18
HKCR\CrossriderApp0005058.Sandbox (PUP.CrossRider.SSK) -> No action taken.
HKCR\CLSID\{33333333-3333-3333-3333-330033503358} (PUP.CrossRider.SSK) -> No action taken.
HKCR\CrossriderApp0005058.FBApi.1 (PUP.CrossRider.SSK) -> No action taken.
HKCR\CrossriderApp0005058.FBApi (PUP.CrossRider.SSK) -> No action taken.
HKCR\CLSID\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\TypeLib\{44444444-4444-4444-4444-440044504458} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\Interface\{55555555-5555-5555-5555-550055505558} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0005058.BHO.1 (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501158} (PUP.215Apps) -> Quarantined and deleted successfully.
HKCR\CLSID\{22222222-2222-2222-2222-220022502258} (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
HKCR\CrossriderApp0005058.Sandbox.1 (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nllafhekklanfkimibokomlmidmcmaoi (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\Software\InstalledBrowserExtensions\215 Apps|5058 (PUP.CrossFire.SA) -> Data: Shopping Sidekick -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shopping Sidekick|Publisher (PUP.CrossRider.SSK) -> Data: 215 Apps -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Program Files (x86)\Shopping Sidekick (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.

Files Detected: 12
C:\Users\callies123\AppData\Local\Temp\is754907076\GiantSavings_US.exe (PUP.GamePlayLabs) -> No action taken.
C:\Users\callies123\AppData\Local\Temp\is754907076\installer.volonet.playbryte-fa.exe (PUP.PlayBryte) -> No action taken.
C:\Program Files (x86)\Shopping Sidekick\Shopping Sidekick.dll (PUP.215Apps) -> Quarantined and deleted successfully.
C:\Users\callies123\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick\Shopping SidekickInstaller.log (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick\Shopping Sidekick.exe (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick\Shopping Sidekick.ico (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick\Shopping Sidekick.ini (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick\Shopping SidekickGui.exe (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Shopping Sidekick\Uninstall.exe (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Users\callies123\Local Settings\Application Data\Shopping Sidekick\Chrome\Shopping Sidekick.crx (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.
C:\Users\callies123\AppData\Local\Shopping Sidekick\Chrome\Shopping Sidekick.crx (PUP.CrossRider.SSK) -> Quarantined and deleted successfully.

(end)

#5 ProwdPapa

ProwdPapa
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 30 November 2012 - 03:54 PM

something caused Avast! to stop working. next step?

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:18 AM

Posted 30 November 2012 - 07:18 PM

OK, run RKILL first then try again,,, if it fails move to ESET.
Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 ProwdPapa

ProwdPapa
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 30 November 2012 - 10:35 PM

It ran successfully.

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:18 AM

Posted 01 December 2012 - 10:28 PM

Can you post that TDSS og and ESET and let me know how its running.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 ProwdPapa

ProwdPapa
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:10:18 PM

Posted 02 December 2012 - 04:47 PM

Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.02.02
C:\torrent.exe Win32/BundleInstaller.A application cleaned by deleting - quarantined
C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe a variant of Win32/SpeedingUpMyPC application cleaned by deleting - quarantined
C:\Program Files (x86)\Vuze\bunndle.zip a variant of Win32/Bunndle application deleted - quarantined
C:\ProgramData\ADDICT-THING\bhoclass.dll Win32/Adware.MultiPlug application cleaned by deleting - quarantined
C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\callies123\AppData\Local\Temp\ICReinstall_VideoConverterSetup.exe a variant of Win32/InstallCore.AL application cleaned by deleting - quarantined
C:\Users\callies123\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\callies123\AppData\Local\Temp\is754907076\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Users\callies123\Documents\Vuze Downloads\Drive_ryan_gosling_sountrack (1).exe Win32/BundleInstaller.A application cleaned by deleting - quarantined
C:\Users\callies123\Documents\Vuze Downloads\Drive_ryan_gosling_sountrack.exe Win32/BundleInstaller.A application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\Dinner_Belles_-_West_Simcoe_County_(2011)_downloader.exe a variant of Win32/ExpressFiles application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\installer_snood_4_0_English.exe Win32/Toggle application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\mediawidgettrialtype14setup.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\Softango_VideoConverter.exe Win32/InstallBrain application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\VideoConverterSetup.exe a variant of Win32/InstallCore.AL application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\VideoPerformerSetup (1).exe a variant of Win32/InstallBrain.C application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\VideoPerformerSetup (2).exe a variant of Win32/InstallBrain.C application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\VideoPerformerSetup (3).exe a variant of Win32/InstallBrain.C application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\VideoPerformerSetup.exe a variant of Win32/InstallBrain.C application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\winace.exe a variant of Win32/InstallCore.F application cleaned by deleting - quarantined
C:\Users\callies123\Downloads\Windows8-ConsumerPreview-64bit-English.ace multiple threats deleted - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\setup.exe Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\toolbar10333989.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\toolbar10408261.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\Video Performer63274.exe Win32/InstallBrain application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\vzf-1985573308232499394.dll a variant of Win32/Bunndle application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\40FE15BB-BAB0-7891-ADD9-7A081353DFD1\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\F711D0E6-BAB0-7891-997E-CA247096A63F\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\Local\Temp\is1566002423\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Windows.old\Users\callies123\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\63061f01-1cf70543 Java/Exploit.Agent.NBI trojan deleted - quarantined
C:\Windows.old\Users\callies123\AppData\Roaming\Mozilla\Firefox\Profiles\6xgcy82e.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined



Windows 7 x64 NTFS
Internet Explorer 9.10.8400.0
callies123 :: CALLIES123-10 [administrator]

Protection: Enabled

12/2/2012 12:43:07 PM
mbam-log-2012-12-02 (12-43-07).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364675
Time elapsed: 41 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

I deleted the files found by ESET then ran TDSS.

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:18 AM

Posted 02 December 2012 - 08:02 PM

Hmmm, tdss find anything..

Mal/Iframe-F is a small or hidden iframe within a web page that attempts to run malicious software. It is often used by attackers as the first stage of a larger web based malware
Lets run one more as I cannot besure it is gone without a log.
SOPHOS Virus Removal Tool
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users