Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus Protection won't open/windows updates fail


  • Please log in to reply
11 replies to this topic

#1 Gloman8

Gloman8

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 20 January 2013 - 06:39 PM

Hi guys,

Looking for help here. I have windows 7 64x and recently my windows updates started to fail during the configuration stage. I tried to do a system restore and found that my system restore had been turned off. I tried running McAfee and then AVG virus protection and neither would open. Ran MalwareBytes and Spybot and nothing came up as an issue. Everytime I turn the computer on it gets slower and slower. Not sure what to do here. I don't want to have to reinstall windows if I can help it and not sure if that will even fix my problem.

Thanks!

Edited by hamluis, 20 January 2013 - 08:35 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:04:33 PM

Posted 20 January 2013 - 07:43 PM

I tried running McAfee and then AVG virus protection and neither would open

Hello Goman8 and Welcome -
Have you fully removed the Antivirus program(s) that you are not using with their tool ??

Can you please try and do these simple downloads so that we can have a better look at the problem -

Download Security Check by Screen317 from HERE or HERE, and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

Please download MiniToolBox, Save it to your desktop and run it.

Checkmark the following boxes:

•Flush DNS
•Report IE Proxy Settings
•Reset IE Proxy Settings
•Report FF Proxy Settings
•Reset FF Proxy Settings
•List content of Hosts
•List IP configuration
•List last 10 Event Viewer log
•List Installed Programs
List devices >>(Problem only)<<
•List Users, Partitions and Memory size.
•List Minidump Files

Click Go and copy / paste the result (Result.txt) in your next reply -

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Thank You -



#3 Gloman8

Gloman8
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 20 January 2013 - 10:18 PM

Thank you noknojon. I appreciate you helping me through this.

Here are the results from the Security Check:

Results of screen317's Security Check version 0.99.57
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
AVG PC TuneUp Language Pack (en-US)
Java™ 6 Update 37
Java version out of Date!
Adobe Flash Player 11.5.502.146
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (6.0.2)
Google Chrome 23.0.1271.97
Google Chrome 24.0.1312.52
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

_____________________________________________________________________________________________

Here are the results of the MiniToolBox:

MiniToolBox by Farbar Version:10-01-2013
Ran by Eric Glover (administrator) on 20-01-2013 at 22:10:52
Running from "C:\Users\Eric Glover\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

There are 15287 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
NETGEAR WPN311 RangeMax™ Wireless PCI Adapter = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection 2" forwarding=disabled advertise=disabled mtu=1428 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : EricGlover-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter
Physical Address. . . . . . . . . : 00-FF-B0-1B-72-05
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 22-1B-2F-C5-D2-8E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : NETGEAR WPN311 RangeMax™ Wireless PCI Adapter
Physical Address. . . . . . . . . : 00-1B-2F-C5-D2-8E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1d90:986c:11df:ec83%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 20, 2013 6:03:42 PM
Lease Expires . . . . . . . . . . : Monday, January 21, 2013 6:23:46 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 218110767
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-1B-4D-2F-6C-F0-49-06-FB-9A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 6C-F0-49-06-FB-9A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::387d:763d:6613:d659%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 20, 2013 6:03:34 PM
Lease Expires . . . . . . . . . . : Monday, January 21, 2013 6:23:44 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 242020425
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-1B-4D-2F-6C-F0-49-06-FB-9A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{440181EC-E0EA-4116-8882-68031B6D2E89}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:18b7:34ab:3f57:fefb(Preferred)
Link-local IPv6 Address . . . . . : fe80::18b7:34ab:3f57:fefb%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{A3FA4D08-ED81-425D-AC98-F023B6EFFB35}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{974EA6FD-C938-4F11-9287-4E2EBC10F8FC}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{6E219AB5-FC47-4EC4-A141-F5EF73B8DE7D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:801::1007
74.125.226.225
74.125.226.233
74.125.226.228
74.125.226.227
74.125.226.224
74.125.226.238
74.125.226.232
74.125.226.229
74.125.226.230
74.125.226.226
74.125.226.231


Pinging google.com [74.125.226.230] with 32 bytes of data:
Reply from 74.125.226.230: bytes=32 time=12ms TTL=55
Reply from 74.125.226.230: bytes=32 time=14ms TTL=55

Ping statistics for 74.125.226.230:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 12ms, Maximum = 14ms, Average = 13ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=57ms TTL=50
Reply from 98.138.253.109: bytes=32 time=82ms TTL=50

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 57ms, Maximum = 82ms, Average = 69ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
22...00 ff b0 1b 72 05 ......Juniper Network Connect Virtual Adapter
16...22 1b 2f c5 d2 8e ......Microsoft Virtual WiFi Miniport Adapter
11...00 1b 2f c5 d2 8e ......NETGEAR WPN311 RangeMax™ Wireless PCI Adapter
10...6c f0 49 06 fb 9a ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
40...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.4 20
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.4 276
192.168.1.0 255.255.255.0 On-link 192.168.1.5 281
192.168.1.4 255.255.255.255 On-link 192.168.1.4 276
192.168.1.5 255.255.255.255 On-link 192.168.1.5 281
192.168.1.255 255.255.255.255 On-link 192.168.1.4 276
192.168.1.255 255.255.255.255 On-link 192.168.1.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.4 276
224.0.0.0 240.0.0.0 On-link 192.168.1.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.4 276
255.255.255.255 255.255.255.255 On-link 192.168.1.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:18b7:34ab:3f57:fefb/128
On-link
10 276 fe80::/64 On-link
11 281 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::18b7:34ab:3f57:fefb/128
On-link
11 281 fe80::1d90:986c:11df:ec83/128
On-link
10 276 fe80::387d:763d:6613:d659/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
10 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/20/2013 05:47:18 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (01/20/2013 04:16:56 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (01/20/2013 04:04:37 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (01/20/2013 03:38:25 PM) (Source: SecurityCenter) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.

Error: (12/12/2012 11:52:04 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_eventlog, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec4aa8e
Exception code: 0xc0000374
Fault offset: 0x00000000000c40f2
Faulting process id: 0x2f8
Faulting application start time: 0xsvchost.exe_eventlog0
Faulting application path: svchost.exe_eventlog1
Faulting module path: svchost.exe_eventlog2
Report Id: svchost.exe_eventlog3

Error: (11/27/2012 09:26:18 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1032.

Error: (11/27/2012 09:26:07 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1032.

Error: (11/26/2012 04:27:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1032.

Error: (11/26/2012 04:27:05 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1032.

Error: (11/25/2012 00:46:38 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1032.


System errors:
=============
Error: (01/20/2013 06:23:45 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (01/20/2013 06:23:45 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (01/20/2013 06:23:45 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (01/20/2013 06:19:55 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (01/20/2013 06:19:55 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (01/20/2013 06:19:55 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (01/20/2013 06:19:55 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (01/20/2013 06:19:44 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (01/20/2013 06:19:44 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (01/20/2013 06:18:44 PM) (Source: Service Control Manager) (User: )
Description: The Security Center service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (01/20/2013 05:47:18 PM) (Source: SecurityCenter)(User: )
Description:

Error: (01/20/2013 04:16:56 PM) (Source: SecurityCenter)(User: )
Description:

Error: (01/20/2013 04:04:37 PM) (Source: SecurityCenter)(User: )
Description:

Error: (01/20/2013 03:38:25 PM) (Source: SecurityCenter)(User: )
Description:

Error: (12/12/2012 11:52:04 AM) (Source: Application Error)(User: )
Description: svchost.exe_eventlog6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.177254ec4aa8ec000037400000000000c40f22f801cdd888f9e091d6C:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll411d8534-447c-11e2-aaa8-6cf04906fb9a

Error: (11/27/2012 09:26:18 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1032

Error: (11/27/2012 09:26:07 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1032

Error: (11/26/2012 04:27:17 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1032

Error: (11/26/2012 04:27:05 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1032

Error: (11/25/2012 00:46:38 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: -1032


CodeIntegrity Errors:
===================================
Date: 2011-11-29 18:28:09.132
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-27 12:55:09.816
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ksthunk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-09 18:00:21.774
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ndiswan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-09 18:00:21.742
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ndiswan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-09 18:00:21.711
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ndiswan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-09 18:00:21.696
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ndiswan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-09 18:00:21.664
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ndiswan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-11-09 18:00:21.633
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\ndiswan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-02 19:56:07.820
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\dxgkrnl.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-10-02 19:56:07.789
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\dxgkrnl.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

1310 (Version: 130.0.365.000)
1310_Help (Version: 82.0.58.000)
1310Trb (Version: 82.0.242.000)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Flash Player 11 Plugin (Version: 11.5.502.146)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AIM 7
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
AMD Accelerated Video Transcoding (Version: 12.5.100.20928)
AMD APP SDK Runtime (Version: 10.0.1016.4)
AMD Catalyst Install Manager (Version: 8.0.891.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.70928.1539)
AOL Messaging Toolbar
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
Application Verifier (x64) (Version: 4.1.1078)
ASPCA Reminder by We-Care.com v5.0.5.1 (Version: 5.0.5.1)
ATI Catalyst Registration (Version: 3.00.0000)
AVG 2013 (Version: 13.0.2638)
AVG 2013 (Version: 13.0.2890)
AVG 2013 (Version: 2013.0.2890)
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4000.108)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0928.1532.26058)
Catalyst Control Center Graphics Previews Common (Version: 2012.0928.1532.26058)
Catalyst Control Center InstallProxy (Version: 2012.0928.1532.26058)
Catalyst Control Center Localization All (Version: 2012.0928.1532.26058)
ccc-utility64 (Version: 2012.0928.1532.26058)
CCC Help Chinese Standard (Version: 2012.0928.1531.26058)
CCC Help Chinese Traditional (Version: 2012.0928.1531.26058)
CCC Help Czech (Version: 2012.0928.1531.26058)
CCC Help Danish (Version: 2012.0928.1531.26058)
CCC Help Dutch (Version: 2012.0928.1531.26058)
CCC Help English (Version: 2012.0928.1531.26058)
CCC Help Finnish (Version: 2012.0928.1531.26058)
CCC Help French (Version: 2012.0928.1531.26058)
CCC Help German (Version: 2012.0928.1531.26058)
CCC Help Greek (Version: 2012.0928.1531.26058)
CCC Help Hungarian (Version: 2012.0928.1531.26058)
CCC Help Italian (Version: 2012.0928.1531.26058)
CCC Help Japanese (Version: 2012.0928.1531.26058)
CCC Help Korean (Version: 2012.0928.1531.26058)
CCC Help Norwegian (Version: 2012.0928.1531.26058)
CCC Help Polish (Version: 2012.0928.1531.26058)
CCC Help Portuguese (Version: 2012.0928.1531.26058)
CCC Help Russian (Version: 2012.0928.1531.26058)
CCC Help Spanish (Version: 2012.0928.1531.26058)
CCC Help Swedish (Version: 2012.0928.1531.26058)
CCC Help Thai (Version: 2012.0928.1531.26058)
CCC Help Turkish (Version: 2012.0928.1531.26058)
CCleaner (Version: 3.24)
Copy (Version: 130.0.428.000)
Data Lifeguard Diagnostic for Windows 1.24
Debugging Tools for Windows (x64) (Version: 6.12.2.633)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Defraggler (Version: 2.11)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Download Updater (AOL Inc.)
Driver Reviver (Version: 4.0.1.36)
Dropbox (Version: 1.6.11)
Easy Tune 6 B11.0309.1 (Version: 1.00.0000)
Fax (Version: 130.0.418.000)
ffdshow [rev 2527] [2008-12-19] (Version: 1.0)
GameStop App (Version: 4.00)
Garmin City Navigator North America NT 2012.20 Update (Version: 15.20.0.0)
Garmin Communicator Plugin (Version: 3.0.1)
Garmin USB Drivers (Version: 2.3.0.0)
Google Chrome (Version: 24.0.1312.52)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
HTC BMP USB Driver (Version: 1.0.5375)
HTC Driver Installer (Version: 3.0.0.021)
HTC Sync (Version: 3.2.20)
iCloud (Version: 2.1.1.3)
iTunes (Version: 11.0.1.12)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 37 (Version: 6.0.370)
Juniper Networks Host Checker (Version: 7.1.0.19757)
Juniper Networks Network Connect 7.1.0 (Version: 7.1.0.19757)
Juniper Networks, Inc. Setup Client (Version: 7.1.5.14305)
Juniper Networks, Inc. Setup Client Activex Control (Version: 2.1.1.1)
Logitech Webcam Software (Version: 12.10.1113)
Logitech Webcam Software Driver Package (Version: 12.10.1110)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Windows Performance Toolkit (Version: 4.8.0)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.7600.0.30514)
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514)
Mozilla Firefox 6.0.2 (x86 en-US) (Version: 6.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
OLYMPUS Digital Camera Updater (Version: 1.0.1)
Olympus ib (Version: 1.3.2207)
OLYMPUS Viewer 2 (Version: 1.1.1)
PowerTeacher Gradebook
QuickTime (Version: 7.73.80.64)
Realtek High Definition Audio Driver (Version: 6.0.1.6690)
Scan (Version: 13.0.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 13.0)
Sid Meier's Civilization V SDK
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Spybot - Search & Destroy (Version: 2.0.12)
Status (Version: 130.0.469.000)
Steam (Version: 1.0.0.0)
System Requirements Lab (Version: 4.1.72.0)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Verizon V CAST Media Manager
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
WebReg (Version: 130.0.132.017)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
WModem Driver Installer (Version: 2.0.6.9)

========================= Devices: ================================

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgldx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 4094.49 MB
Available physical RAM: 2321.92 MB
Total Pagefile: 8187.18 MB
Available Pagefile: 5930.99 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.9 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:465.66 GB) (Free:400.13 GB) NTFS
5 Drive f: (My Passport) (Fixed) (Total:465.73 GB) (Free:428.64 GB) NTFS

========================= Users: ========================================

User accounts for \\ERICGLOVER-PC

Administrator Eric Glover Guest

========================= Minidump Files ==================================

No minidump file found


**** End of log ****

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:33 AM

Posted 25 January 2013 - 10:32 AM

Hello, let's do this next..

We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode > Advanced Mode.
    Posted Image
  • You may be presented with a warning dialog. If so, click Yes
  • Click on Tools and then Resident
    Posted Image
  • Uncheck this checkbox: "Resident TeaTimer {protection of over-all system settings) active"
  • Close/Exit Spybot Search and Destroy


Please download Rkill by Grinler and save it to your desktop.Link 1
Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.


Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.



Reboot now..

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Gloman8

Gloman8
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 25 January 2013 - 10:27 PM

Thank you Boopme. I appreciate everything your doing to help me. Below are the logs you requested.

TDSSKiller:

19:06:57.0479 5180 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:06:57.0775 5180 ============================================================
19:06:57.0775 5180 Current date / time: 2013/01/25 19:06:57.0775
19:06:57.0775 5180 SystemInfo:
19:06:57.0775 5180
19:06:57.0775 5180 OS Version: 6.1.7601 ServicePack: 1.0
19:06:57.0775 5180 Product type: Workstation
19:06:57.0775 5180 ComputerName: ERICGLOVER-PC
19:06:57.0775 5180 UserName: Eric Glover
19:06:57.0775 5180 Windows directory: C:\Windows
19:06:57.0775 5180 System windows directory: C:\Windows
19:06:57.0775 5180 Running under WOW64
19:06:57.0775 5180 Processor architecture: Intel x64
19:06:57.0775 5180 Number of processors: 2
19:06:57.0775 5180 Page size: 0x1000
19:06:57.0775 5180 Boot type: Normal boot
19:06:57.0775 5180 ============================================================
19:06:59.0396 5180 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:06:59.0396 5180 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:06:59.0400 5180 ============================================================
19:06:59.0400 5180 \Device\Harddisk0\DR0:
19:06:59.0400 5180 MBR partitions:
19:06:59.0400 5180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:06:59.0400 5180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
19:06:59.0400 5180 \Device\Harddisk1\DR1:
19:06:59.0400 5180 MBR partitions:
19:06:59.0400 5180 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C543A61
19:06:59.0400 5180 ============================================================
19:06:59.0421 5180 C: <-> \Device\Harddisk0\DR0\Partition2
19:06:59.0421 5180 D: <-> \Device\Harddisk1\DR1\Partition1
19:06:59.0421 5180 ============================================================
19:06:59.0421 5180 Initialize success
19:06:59.0421 5180 ============================================================
19:07:20.0904 5480 ============================================================
19:07:20.0904 5480 Scan started
19:07:20.0904 5480 Mode: Manual; TDLFS;
19:07:20.0904 5480 ============================================================
19:07:22.0024 5480 ================ Scan system memory ========================
19:07:22.0024 5480 System memory - ok
19:07:22.0024 5480 ================ Scan services =============================
19:07:22.0153 5480 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:07:22.0156 5480 1394ohci - ok
19:07:22.0181 5480 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:07:22.0182 5480 ACPI - ok
19:07:22.0218 5480 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:07:22.0219 5480 AcpiPmi - ok
19:07:22.0302 5480 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:07:22.0317 5480 AdobeARMservice - ok
19:07:22.0412 5480 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:07:22.0414 5480 AdobeFlashPlayerUpdateSvc - ok
19:07:22.0445 5480 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:07:22.0450 5480 adp94xx - ok
19:07:22.0464 5480 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:07:22.0467 5480 adpahci - ok
19:07:22.0490 5480 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:07:22.0492 5480 adpu320 - ok
19:07:22.0520 5480 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:07:22.0521 5480 AeLookupSvc - ok
19:07:22.0547 5480 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:07:22.0549 5480 AFD - ok
19:07:22.0575 5480 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:07:22.0575 5480 agp440 - ok
19:07:22.0584 5480 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:07:22.0589 5480 ALG - ok
19:07:22.0608 5480 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:07:22.0609 5480 aliide - ok
19:07:22.0634 5480 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:07:22.0635 5480 AMD External Events Utility - ok
19:07:22.0659 5480 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:07:22.0660 5480 amdide - ok
19:07:22.0673 5480 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:07:22.0674 5480 AmdK8 - ok
19:07:22.0806 5480 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:07:22.0964 5480 amdkmdag - ok
19:07:22.0982 5480 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:07:22.0984 5480 amdkmdap - ok
19:07:22.0996 5480 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:07:22.0997 5480 AmdPPM - ok
19:07:23.0021 5480 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:07:23.0022 5480 amdsata - ok
19:07:23.0043 5480 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:07:23.0045 5480 amdsbs - ok
19:07:23.0054 5480 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:07:23.0054 5480 amdxata - ok
19:07:23.0076 5480 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:07:23.0077 5480 AppID - ok
19:07:23.0092 5480 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:07:23.0093 5480 AppIDSvc - ok
19:07:23.0126 5480 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:07:23.0127 5480 Appinfo - ok
19:07:23.0191 5480 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:07:23.0192 5480 Apple Mobile Device - ok
19:07:23.0206 5480 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:07:23.0207 5480 arc - ok
19:07:23.0211 5480 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:07:23.0212 5480 arcsas - ok
19:07:23.0230 5480 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:07:23.0230 5480 AsyncMac - ok
19:07:23.0241 5480 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:07:23.0241 5480 atapi - ok
19:07:23.0289 5480 [ 7D0398396727195CC73D703001D3CFF4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:07:23.0337 5480 athr - ok
19:07:23.0359 5480 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:07:23.0359 5480 AtiHDAudioService - ok
19:07:23.0389 5480 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:07:23.0395 5480 AudioEndpointBuilder - ok
19:07:23.0403 5480 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:07:23.0406 5480 AudioSrv - ok
19:07:23.0522 5480 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:07:23.0604 5480 AVGIDSAgent - ok
19:07:23.0643 5480 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:07:23.0644 5480 AVGIDSDriver - ok
19:07:23.0651 5480 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
19:07:23.0652 5480 AVGIDSHA - ok
19:07:23.0664 5480 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
19:07:23.0665 5480 Avgldx64 - ok
19:07:23.0685 5480 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
19:07:23.0687 5480 Avgloga - ok
19:07:23.0695 5480 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
19:07:23.0696 5480 Avgmfx64 - ok
19:07:23.0708 5480 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
19:07:23.0708 5480 Avgrkx64 - ok
19:07:23.0716 5480 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
19:07:23.0717 5480 Avgtdia - ok
19:07:23.0735 5480 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:07:23.0737 5480 avgwd - ok
19:07:23.0742 5480 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:07:23.0744 5480 AxInstSV - ok
19:07:23.0786 5480 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:07:23.0791 5480 b06bdrv - ok
19:07:23.0817 5480 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:07:23.0826 5480 b57nd60a - ok
19:07:23.0865 5480 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:07:23.0870 5480 BDESVC - ok
19:07:23.0887 5480 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:07:23.0887 5480 Beep - ok
19:07:23.0923 5480 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:07:23.0939 5480 BFE - ok
19:07:23.0982 5480 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:07:23.0986 5480 BITS - ok
19:07:23.0990 5480 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:07:23.0991 5480 blbdrive - ok
19:07:24.0072 5480 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:07:24.0077 5480 Bonjour Service - ok
19:07:24.0087 5480 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:07:24.0088 5480 bowser - ok
19:07:24.0096 5480 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:07:24.0097 5480 BrFiltLo - ok
19:07:24.0105 5480 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:07:24.0106 5480 BrFiltUp - ok
19:07:24.0119 5480 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:07:24.0120 5480 Browser - ok
19:07:24.0135 5480 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:07:24.0138 5480 Brserid - ok
19:07:24.0148 5480 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:07:24.0149 5480 BrSerWdm - ok
19:07:24.0157 5480 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:07:24.0158 5480 BrUsbMdm - ok
19:07:24.0166 5480 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:07:24.0167 5480 BrUsbSer - ok
19:07:24.0178 5480 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:07:24.0180 5480 BTHMODEM - ok
19:07:24.0197 5480 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:07:24.0198 5480 bthserv - ok
19:07:24.0237 5480 [ 9887CA12F407D7FBC7F48F3678F5F0B6 ] BVRPMPR5a64 C:\Windows\system32\drivers\BVRPMPR5a64.SYS
19:07:24.0238 5480 BVRPMPR5a64 - ok
19:07:24.0250 5480 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:07:24.0251 5480 cdfs - ok
19:07:24.0271 5480 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:07:24.0272 5480 cdrom - ok
19:07:24.0287 5480 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:07:24.0288 5480 CertPropSvc - ok
19:07:24.0301 5480 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:07:24.0302 5480 circlass - ok
19:07:24.0314 5480 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:07:24.0317 5480 CLFS - ok
19:07:24.0350 5480 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:07:24.0351 5480 clr_optimization_v2.0.50727_32 - ok
19:07:24.0393 5480 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:07:24.0408 5480 clr_optimization_v2.0.50727_64 - ok
19:07:24.0460 5480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:07:24.0488 5480 clr_optimization_v4.0.30319_32 - ok
19:07:24.0505 5480 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:07:24.0505 5480 clr_optimization_v4.0.30319_64 - ok
19:07:24.0516 5480 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:07:24.0516 5480 CmBatt - ok
19:07:24.0534 5480 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:07:24.0534 5480 cmdide - ok
19:07:24.0560 5480 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:07:24.0564 5480 CNG - ok
19:07:24.0580 5480 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:07:24.0581 5480 Compbatt - ok
19:07:24.0586 5480 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:07:24.0587 5480 CompositeBus - ok
19:07:24.0590 5480 COMSysApp - ok
19:07:24.0600 5480 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:07:24.0601 5480 crcdisk - ok
19:07:24.0624 5480 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:07:24.0625 5480 CryptSvc - ok
19:07:24.0638 5480 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:07:24.0641 5480 DcomLaunch - ok
19:07:24.0664 5480 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:07:24.0667 5480 defragsvc - ok
19:07:24.0695 5480 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:07:24.0696 5480 DfsC - ok
19:07:24.0711 5480 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:07:24.0714 5480 Dhcp - ok
19:07:24.0726 5480 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:07:24.0727 5480 discache - ok
19:07:24.0730 5480 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:07:24.0731 5480 Disk - ok
19:07:24.0751 5480 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:07:24.0753 5480 Dnscache - ok
19:07:24.0764 5480 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:07:24.0766 5480 dot3svc - ok
19:07:24.0818 5480 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
19:07:24.0819 5480 Dot4 - ok
19:07:24.0841 5480 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:07:24.0842 5480 Dot4Print - ok
19:07:24.0853 5480 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
19:07:24.0854 5480 dot4usb - ok
19:07:24.0867 5480 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:07:24.0869 5480 DPS - ok
19:07:24.0893 5480 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:07:24.0893 5480 drmkaud - ok
19:07:24.0920 5480 [ 0040A0132AAC1004E50055F8FBB14C08 ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
19:07:24.0921 5480 dsNcAdpt - ok
19:07:24.0970 5480 [ CE235D0AF501D4A622B0B8CFE7963B32 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
19:07:24.0976 5480 dsNcService - ok
19:07:25.0000 5480 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:07:25.0004 5480 DXGKrnl - ok
19:07:25.0029 5480 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:07:25.0031 5480 EapHost - ok
19:07:25.0094 5480 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:07:25.0137 5480 ebdrv - ok
19:07:25.0155 5480 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:07:25.0156 5480 EFS - ok
19:07:25.0267 5480 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:07:25.0273 5480 ehRecvr - ok
19:07:25.0293 5480 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:07:25.0294 5480 ehSched - ok
19:07:25.0309 5480 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:07:25.0314 5480 elxstor - ok
19:07:25.0326 5480 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:07:25.0327 5480 ErrDev - ok
19:07:25.0358 5480 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys
19:07:25.0358 5480 etdrv - ok
19:07:25.0365 5480 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:07:25.0367 5480 EventSystem - ok
19:07:25.0379 5480 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:07:25.0381 5480 exfat - ok
19:07:25.0401 5480 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:07:25.0402 5480 fastfat - ok
19:07:25.0416 5480 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:07:25.0422 5480 Fax - ok
19:07:25.0432 5480 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:07:25.0432 5480 fdc - ok
19:07:25.0441 5480 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:07:25.0442 5480 fdPHost - ok
19:07:25.0448 5480 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:07:25.0449 5480 FDResPub - ok
19:07:25.0456 5480 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:07:25.0457 5480 FileInfo - ok
19:07:25.0465 5480 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:07:25.0466 5480 Filetrace - ok
19:07:25.0476 5480 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:07:25.0476 5480 flpydisk - ok
19:07:25.0505 5480 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:07:25.0506 5480 FltMgr - ok
19:07:25.0535 5480 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:07:25.0545 5480 FontCache - ok
19:07:25.0586 5480 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:07:25.0603 5480 FontCache3.0.0.0 - ok
19:07:25.0607 5480 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:07:25.0608 5480 FsDepends - ok
19:07:25.0619 5480 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:07:25.0620 5480 Fs_Rec - ok
19:07:25.0647 5480 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:07:25.0666 5480 fvevol - ok
19:07:25.0675 5480 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:07:25.0676 5480 gagp30kx - ok
19:07:25.0700 5480 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
19:07:25.0701 5480 gdrv - ok
19:07:25.0717 5480 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:07:25.0717 5480 GEARAspiWDM - ok
19:07:25.0739 5480 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:07:25.0755 5480 gpsvc - ok
19:07:25.0770 5480 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
19:07:25.0770 5480 GVTDrv64 - ok
19:07:25.0785 5480 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:07:25.0786 5480 hcw85cir - ok
19:07:25.0815 5480 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:07:25.0818 5480 HdAudAddService - ok
19:07:25.0834 5480 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:07:25.0836 5480 HDAudBus - ok
19:07:25.0848 5480 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:07:25.0849 5480 HidBatt - ok
19:07:25.0875 5480 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:07:25.0877 5480 HidBth - ok
19:07:25.0885 5480 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:07:25.0886 5480 HidIr - ok
19:07:25.0897 5480 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:07:25.0898 5480 hidserv - ok
19:07:25.0908 5480 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:07:25.0908 5480 HidUsb - ok
19:07:25.0934 5480 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:07:25.0935 5480 hkmsvc - ok
19:07:25.0952 5480 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:07:25.0954 5480 HomeGroupListener - ok
19:07:25.0965 5480 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:07:25.0968 5480 HomeGroupProvider - ok
19:07:26.0033 5480 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
19:07:26.0034 5480 hpqcxs08 - ok
19:07:26.0048 5480 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
19:07:26.0049 5480 hpqddsvc - ok
19:07:26.0062 5480 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:07:26.0064 5480 HpSAMD - ok
19:07:26.0101 5480 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
19:07:26.0105 5480 HPSLPSVC - ok
19:07:26.0121 5480 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:07:26.0122 5480 HTCAND64 - ok
19:07:26.0162 5480 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
19:07:26.0163 5480 htcnprot - ok
19:07:26.0187 5480 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcUsbMdmV64 C:\Windows\system32\DRIVERS\HtcUsbMdmV64.sys
19:07:26.0188 5480 HtcUsbMdmV64 - ok
19:07:26.0206 5480 [ 6B2A1B01B79036A265734964CBA73AAB ] htcusbnet C:\Windows\system32\DRIVERS\htcusbnet.sys
19:07:26.0207 5480 htcusbnet - ok
19:07:26.0229 5480 [ 7C7C986776D00E575BFBDE5DCBDC615D ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
19:07:26.0231 5480 HtcVCom32 - ok
19:07:26.0272 5480 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:07:26.0275 5480 HTTP - ok
19:07:26.0316 5480 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:07:26.0316 5480 hwpolicy - ok
19:07:26.0326 5480 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:07:26.0326 5480 i8042prt - ok
19:07:26.0348 5480 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:07:26.0352 5480 iaStorV - ok
19:07:26.0382 5480 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:07:26.0383 5480 IDriverT - ok
19:07:26.0417 5480 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:07:26.0425 5480 idsvc - ok
19:07:26.0438 5480 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:07:26.0439 5480 iirsp - ok
19:07:26.0461 5480 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:07:26.0469 5480 IKEEXT - ok
19:07:26.0539 5480 [ 6BDCC85422817FA53CD705ADE312CE6A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:07:26.0559 5480 IntcAzAudAddService - ok
19:07:26.0579 5480 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:07:26.0579 5480 intelide - ok
19:07:26.0589 5480 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:07:26.0590 5480 intelppm - ok
19:07:26.0613 5480 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:07:26.0614 5480 IPBusEnum - ok
19:07:26.0633 5480 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:07:26.0633 5480 IpFilterDriver - ok
19:07:26.0756 5480 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:07:26.0767 5480 iphlpsvc - ok
19:07:26.0800 5480 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:07:26.0802 5480 IPMIDRV - ok
19:07:26.0821 5480 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:07:26.0822 5480 IPNAT - ok
19:07:26.0882 5480 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:07:26.0884 5480 iPod Service - ok
19:07:26.0893 5480 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:07:26.0894 5480 IRENUM - ok
19:07:26.0909 5480 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:07:26.0909 5480 isapnp - ok
19:07:26.0944 5480 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:07:26.0946 5480 iScsiPrt - ok
19:07:26.0967 5480 [ 2224ABC439D115A44EDB5630A92C1D7E ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
19:07:26.0968 5480 JRAID - ok
19:07:26.0986 5480 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:07:26.0987 5480 kbdclass - ok
19:07:26.0999 5480 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:07:27.0000 5480 kbdhid - ok
19:07:27.0013 5480 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:07:27.0014 5480 KeyIso - ok
19:07:27.0020 5480 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:07:27.0021 5480 KSecDD - ok
19:07:27.0045 5480 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:07:27.0046 5480 KSecPkg - ok
19:07:27.0058 5480 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:07:27.0059 5480 ksthunk - ok
19:07:27.0083 5480 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:07:27.0087 5480 KtmRm - ok
19:07:27.0115 5480 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:07:27.0118 5480 LanmanServer - ok
19:07:27.0143 5480 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:07:27.0145 5480 LanmanWorkstation - ok
19:07:27.0154 5480 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:07:27.0155 5480 lltdio - ok
19:07:27.0179 5480 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:07:27.0183 5480 lltdsvc - ok
19:07:27.0186 5480 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:07:27.0187 5480 lmhosts - ok
19:07:27.0197 5480 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:07:27.0199 5480 LSI_FC - ok
19:07:27.0210 5480 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:07:27.0211 5480 LSI_SAS - ok
19:07:27.0226 5480 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:07:27.0227 5480 LSI_SAS2 - ok
19:07:27.0245 5480 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:07:27.0246 5480 LSI_SCSI - ok
19:07:27.0272 5480 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:07:27.0273 5480 luafv - ok
19:07:27.0290 5480 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:07:27.0290 5480 LVPr2M64 - ok
19:07:27.0314 5480 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
19:07:27.0315 5480 LVPr2Mon - ok
19:07:27.0363 5480 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
19:07:27.0364 5480 LVPrcS64 - ok
19:07:27.0395 5480 [ E5ECF40E5FD459141E5F6685FFD51804 ] Lycosa C:\Windows\system32\drivers\Lycosa.sys
19:07:27.0396 5480 Lycosa - ok
19:07:27.0420 5480 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:07:27.0421 5480 MBAMProtector - ok
19:07:27.0456 5480 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:07:27.0460 5480 MBAMScheduler - ok
19:07:27.0478 5480 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:07:27.0484 5480 MBAMService - ok
19:07:27.0517 5480 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:07:27.0519 5480 Mcx2Svc - ok
19:07:27.0524 5480 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:07:27.0525 5480 megasas - ok
19:07:27.0539 5480 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:07:27.0542 5480 MegaSR - ok
19:07:27.0577 5480 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:07:27.0578 5480 MMCSS - ok
19:07:27.0599 5480 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:07:27.0599 5480 Modem - ok
19:07:27.0616 5480 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:07:27.0617 5480 monitor - ok
19:07:27.0621 5480 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:07:27.0622 5480 mouclass - ok
19:07:27.0633 5480 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:07:27.0633 5480 mouhid - ok
19:07:27.0653 5480 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:07:27.0654 5480 mountmgr - ok
19:07:27.0677 5480 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:07:27.0678 5480 mpio - ok
19:07:27.0693 5480 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:07:27.0694 5480 mpsdrv - ok
19:07:27.0736 5480 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:07:27.0744 5480 MpsSvc - ok
19:07:27.0756 5480 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:07:27.0757 5480 MRxDAV - ok
19:07:27.0782 5480 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:07:27.0783 5480 mrxsmb - ok
19:07:27.0813 5480 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:07:27.0815 5480 mrxsmb10 - ok
19:07:27.0828 5480 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:07:27.0830 5480 mrxsmb20 - ok
19:07:27.0847 5480 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:07:27.0848 5480 msahci - ok
19:07:27.0876 5480 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:07:27.0878 5480 msdsm - ok
19:07:27.0894 5480 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:07:27.0897 5480 MSDTC - ok
19:07:27.0909 5480 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:07:27.0910 5480 Msfs - ok
19:07:27.0918 5480 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:07:27.0918 5480 mshidkmdf - ok
19:07:27.0929 5480 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:07:27.0930 5480 msisadrv - ok
19:07:27.0957 5480 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:07:27.0959 5480 MSiSCSI - ok
19:07:27.0962 5480 msiserver - ok
19:07:27.0986 5480 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:07:27.0986 5480 MSKSSRV - ok
19:07:27.0996 5480 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:07:27.0997 5480 MSPCLOCK - ok
19:07:28.0007 5480 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:07:28.0007 5480 MSPQM - ok
19:07:28.0025 5480 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:07:28.0028 5480 MsRPC - ok
19:07:28.0042 5480 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:07:28.0043 5480 mssmbios - ok
19:07:28.0045 5480 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:07:28.0046 5480 MSTEE - ok
19:07:28.0058 5480 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:07:28.0059 5480 MTConfig - ok
19:07:28.0068 5480 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:07:28.0069 5480 Mup - ok
19:07:28.0092 5480 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:07:28.0097 5480 napagent - ok
19:07:28.0120 5480 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:07:28.0123 5480 NativeWifiP - ok
19:07:28.0178 5480 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:07:28.0182 5480 NDIS - ok
19:07:28.0195 5480 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:07:28.0196 5480 NdisCap - ok
19:07:28.0210 5480 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:07:28.0210 5480 NdisTapi - ok
19:07:28.0227 5480 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:07:28.0227 5480 Ndisuio - ok
19:07:28.0263 5480 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:07:28.0264 5480 NdisWan - ok
19:07:28.0278 5480 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:07:28.0278 5480 NDProxy - ok
19:07:28.0352 5480 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
19:07:28.0360 5480 Net Driver HPZ12 - ok
19:07:28.0363 5480 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:07:28.0363 5480 NetBIOS - ok
19:07:28.0427 5480 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:07:28.0428 5480 NetBT - ok
19:07:28.0438 5480 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:07:28.0439 5480 Netlogon - ok
19:07:28.0460 5480 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:07:28.0462 5480 Netman - ok
19:07:28.0479 5480 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:07:28.0484 5480 netprofm - ok
19:07:28.0505 5480 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:07:28.0506 5480 NetTcpPortSharing - ok
19:07:28.0523 5480 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:07:28.0524 5480 nfrd960 - ok
19:07:28.0592 5480 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:07:28.0595 5480 NlaSvc - ok
19:07:28.0632 5480 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:07:28.0633 5480 Npfs - ok
19:07:28.0638 5480 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:07:28.0639 5480 nsi - ok
19:07:28.0643 5480 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:07:28.0643 5480 nsiproxy - ok
19:07:28.0679 5480 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:07:28.0686 5480 Ntfs - ok
19:07:28.0699 5480 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:07:28.0699 5480 Null - ok
19:07:28.0719 5480 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:07:28.0721 5480 nvraid - ok
19:07:28.0749 5480 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:07:28.0751 5480 nvstor - ok
19:07:28.0771 5480 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:07:28.0773 5480 nv_agp - ok
19:07:28.0841 5480 [ 4E5989A0033E9805BC626A3B660362F6 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
19:07:28.0867 5480 OfficeSvc - ok
19:07:28.0892 5480 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:07:28.0904 5480 ohci1394 - ok
19:07:28.0953 5480 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:07:28.0955 5480 ose - ok
19:07:29.0060 5480 [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:07:29.0137 5480 osppsvc - ok
19:07:29.0178 5480 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:07:29.0182 5480 p2pimsvc - ok
19:07:29.0196 5480 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:07:29.0200 5480 p2psvc - ok
19:07:29.0218 5480 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:07:29.0219 5480 Parport - ok
19:07:29.0238 5480 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:07:29.0239 5480 partmgr - ok
19:07:29.0318 5480 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
19:07:29.0319 5480 PassThru Service - ok
19:07:29.0330 5480 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:07:29.0332 5480 PcaSvc - ok
19:07:29.0342 5480 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:07:29.0343 5480 pci - ok
19:07:29.0363 5480 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:07:29.0364 5480 pciide - ok
19:07:29.0412 5480 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:07:29.0413 5480 pcmcia - ok
19:07:29.0434 5480 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:07:29.0435 5480 pcw - ok
19:07:29.0491 5480 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:07:29.0497 5480 PEAUTH - ok
19:07:29.0550 5480 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:07:29.0557 5480 PerfHost - ok
19:07:29.0602 5480 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:07:29.0626 5480 pla - ok
19:07:29.0704 5480 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:07:29.0708 5480 PlugPlay - ok
19:07:29.0744 5480 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
19:07:29.0746 5480 Pml Driver HPZ12 - ok
19:07:29.0755 5480 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:07:29.0757 5480 PNRPAutoReg - ok
19:07:29.0762 5480 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:07:29.0764 5480 PNRPsvc - ok
19:07:29.0787 5480 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:07:29.0790 5480 PolicyAgent - ok
19:07:29.0817 5480 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:07:29.0826 5480 Power - ok
19:07:29.0854 5480 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:07:29.0855 5480 PptpMiniport - ok
19:07:29.0878 5480 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:07:29.0878 5480 Processor - ok
19:07:29.0917 5480 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:07:29.0920 5480 ProfSvc - ok
19:07:29.0930 5480 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:07:29.0930 5480 ProtectedStorage - ok
19:07:29.0962 5480 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:07:29.0964 5480 Psched - ok
19:07:30.0004 5480 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:07:30.0027 5480 ql2300 - ok
19:07:30.0042 5480 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:07:30.0043 5480 ql40xx - ok
19:07:30.0071 5480 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:07:30.0074 5480 QWAVE - ok
19:07:30.0077 5480 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:07:30.0078 5480 QWAVEdrv - ok
19:07:30.0091 5480 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:07:30.0091 5480 RasAcd - ok
19:07:30.0107 5480 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:07:30.0108 5480 RasAgileVpn - ok
19:07:30.0122 5480 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:07:30.0124 5480 RasAuto - ok
19:07:30.0135 5480 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:07:30.0135 5480 Rasl2tp - ok
19:07:30.0152 5480 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:07:30.0156 5480 RasMan - ok
19:07:30.0164 5480 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:07:30.0165 5480 RasPppoe - ok
19:07:30.0178 5480 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:07:30.0179 5480 RasSstp - ok
19:07:30.0190 5480 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:07:30.0191 5480 rdbss - ok
19:07:30.0203 5480 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:07:30.0204 5480 rdpbus - ok
19:07:30.0209 5480 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:07:30.0209 5480 RDPCDD - ok
19:07:30.0222 5480 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:07:30.0223 5480 RDPENCDD - ok
19:07:30.0231 5480 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:07:30.0231 5480 RDPREFMP - ok
19:07:30.0259 5480 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:07:30.0260 5480 RDPWD - ok
19:07:30.0277 5480 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:07:30.0279 5480 rdyboost - ok
19:07:30.0300 5480 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:07:30.0302 5480 RemoteAccess - ok
19:07:30.0312 5480 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:07:30.0314 5480 RemoteRegistry - ok
19:07:30.0325 5480 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:07:30.0326 5480 RpcEptMapper - ok
19:07:30.0344 5480 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:07:30.0345 5480 RpcLocator - ok
19:07:30.0371 5480 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:07:30.0374 5480 RpcSs - ok
19:07:30.0400 5480 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:07:30.0401 5480 rspndr - ok
19:07:30.0413 5480 RTHDMIAzAudService - ok
19:07:30.0447 5480 [ 8181B5E7BFC040E0B26349C73E719335 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:07:30.0450 5480 RTL8167 - ok
19:07:30.0453 5480 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:07:30.0454 5480 SamSs - ok
19:07:30.0471 5480 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:07:30.0473 5480 sbp2port - ok
19:07:30.0490 5480 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:07:30.0492 5480 SCardSvr - ok
19:07:30.0512 5480 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:07:30.0513 5480 scfilter - ok
19:07:30.0542 5480 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:07:30.0547 5480 Schedule - ok
19:07:30.0561 5480 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:07:30.0562 5480 SCPolicySvc - ok
19:07:30.0575 5480 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:07:30.0578 5480 SDRSVC - ok
19:07:30.0599 5480 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:07:30.0599 5480 secdrv - ok
19:07:30.0611 5480 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:07:30.0612 5480 seclogon - ok
19:07:30.0618 5480 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:07:30.0619 5480 SENS - ok
19:07:30.0624 5480 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:07:30.0626 5480 SensrSvc - ok
19:07:30.0628 5480 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:07:30.0629 5480 Serenum - ok
19:07:30.0641 5480 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:07:30.0642 5480 Serial - ok
19:07:30.0666 5480 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:07:30.0675 5480 sermouse - ok
19:07:30.0696 5480 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:07:30.0698 5480 SessionEnv - ok
19:07:30.0718 5480 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:07:30.0718 5480 sffdisk - ok
19:07:30.0729 5480 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:07:30.0740 5480 sffp_mmc - ok
19:07:30.0749 5480 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:07:30.0750 5480 sffp_sd - ok
19:07:30.0769 5480 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:07:30.0769 5480 sfloppy - ok
19:07:30.0793 5480 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:07:30.0796 5480 SharedAccess - ok
19:07:30.0812 5480 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:07:30.0815 5480 ShellHWDetection - ok
19:07:30.0832 5480 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:07:30.0833 5480 SiSRaid2 - ok
19:07:30.0842 5480 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:07:30.0844 5480 SiSRaid4 - ok
19:07:30.0869 5480 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:07:30.0871 5480 Smb - ok
19:07:30.0876 5480 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:07:30.0878 5480 SNMPTRAP - ok
19:07:30.0892 5480 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:07:30.0892 5480 spldr - ok
19:07:30.0928 5480 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:07:30.0931 5480 Spooler - ok
19:07:30.0977 5480 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:07:31.0029 5480 sppsvc - ok
19:07:31.0058 5480 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:07:31.0059 5480 sppuinotify - ok
19:07:31.0079 5480 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:07:31.0081 5480 srv - ok
19:07:31.0103 5480 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:07:31.0107 5480 srv2 - ok
19:07:31.0121 5480 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:07:31.0122 5480 srvnet - ok
19:07:31.0139 5480 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:07:31.0141 5480 SSDPSRV - ok
19:07:31.0166 5480 [ D1E083D50F354A1840C9DF1C62437BC9 ] SSMO3v2Filter C:\Windows\system32\drivers\MO3v2Driver.sys
19:07:31.0167 5480 SSMO3v2Filter - ok
19:07:31.0180 5480 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:07:31.0194 5480 SstpSvc - ok
19:07:31.0218 5480 Steam Client Service - ok
19:07:31.0229 5480 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:07:31.0229 5480 stexstor - ok
19:07:31.0251 5480 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:07:31.0255 5480 stisvc - ok
19:07:31.0262 5480 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:07:31.0262 5480 swenum - ok
19:07:31.0276 5480 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:07:31.0281 5480 swprv - ok
19:07:31.0309 5480 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:07:31.0334 5480 SysMain - ok
19:07:31.0373 5480 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:07:31.0375 5480 TabletInputService - ok
19:07:31.0390 5480 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:07:31.0392 5480 TapiSrv - ok
19:07:31.0401 5480 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:07:31.0403 5480 TBS - ok
19:07:31.0455 5480 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:07:31.0463 5480 Tcpip - ok
19:07:31.0497 5480 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:07:31.0505 5480 TCPIP6 - ok
19:07:31.0518 5480 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:07:31.0519 5480 tcpipreg - ok
19:07:31.0537 5480 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:07:31.0538 5480 TDPIPE - ok
19:07:31.0557 5480 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:07:31.0558 5480 TDTCP - ok
19:07:31.0586 5480 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:07:31.0601 5480 tdx - ok
19:07:31.0612 5480 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:07:31.0612 5480 TermDD - ok
19:07:31.0642 5480 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:07:31.0646 5480 TermService - ok
19:07:31.0669 5480 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:07:31.0670 5480 Themes - ok
19:07:31.0677 5480 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:07:31.0678 5480 THREADORDER - ok
19:07:31.0684 5480 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:07:31.0687 5480 TrkWks - ok
19:07:31.0748 5480 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:07:31.0749 5480 TrustedInstaller - ok
19:07:31.0774 5480 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:07:31.0775 5480 tssecsrv - ok
19:07:31.0786 5480 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:07:31.0787 5480 TsUsbFlt - ok
19:07:31.0816 5480 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:07:31.0817 5480 tunnel - ok
19:07:31.0824 5480 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:07:31.0826 5480 uagp35 - ok
19:07:31.0836 5480 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:07:31.0837 5480 udfs - ok
19:07:31.0854 5480 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:07:31.0855 5480 UI0Detect - ok
19:07:31.0875 5480 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:07:31.0876 5480 uliagpkx - ok
19:07:31.0890 5480 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:07:31.0891 5480 umbus - ok
19:07:31.0904 5480 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:07:31.0904 5480 UmPass - ok
19:07:31.0929 5480 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:07:31.0931 5480 upnphost - ok
19:07:31.0950 5480 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:07:31.0951 5480 USBAAPL64 - ok
19:07:31.0990 5480 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:07:31.0991 5480 usbaudio - ok
19:07:32.0019 5480 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:07:32.0020 5480 usbccgp - ok
19:07:32.0030 5480 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:07:32.0031 5480 usbcir - ok
19:07:32.0057 5480 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:07:32.0057 5480 usbehci - ok
19:07:32.0075 5480 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:07:32.0076 5480 usbhub - ok
19:07:32.0086 5480 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:07:32.0087 5480 usbohci - ok
19:07:32.0111 5480 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:07:32.0112 5480 usbprint - ok
19:07:32.0128 5480 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:07:32.0129 5480 usbscan - ok
19:07:32.0154 5480 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:07:32.0155 5480 USBSTOR - ok
19:07:32.0172 5480 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:07:32.0172 5480 usbuhci - ok
19:07:32.0185 5480 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:07:32.0187 5480 UxSms - ok
19:07:32.0196 5480 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:07:32.0197 5480 VaultSvc - ok
19:07:32.0200 5480 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:07:32.0200 5480 vdrvroot - ok
19:07:32.0225 5480 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:07:32.0230 5480 vds - ok
19:07:32.0241 5480 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:07:32.0242 5480 vga - ok
19:07:32.0249 5480 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:07:32.0249 5480 VgaSave - ok
19:07:32.0261 5480 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:07:32.0263 5480 vhdmp - ok
19:07:32.0291 5480 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:07:32.0291 5480 viaide - ok
19:07:32.0304 5480 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:07:32.0308 5480 volmgr - ok
19:07:32.0355 5480 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:07:32.0358 5480 volmgrx - ok
19:07:32.0389 5480 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:07:32.0391 5480 volsnap - ok
19:07:32.0421 5480 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:07:32.0423 5480 vsmraid - ok
19:07:32.0466 5480 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:07:32.0481 5480 VSS - ok
19:07:32.0497 5480 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:07:32.0498 5480 vwifibus - ok
19:07:32.0517 5480 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:07:32.0518 5480 vwififlt - ok
19:07:32.0534 5480 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:07:32.0535 5480 vwifimp - ok
19:07:32.0548 5480 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:07:32.0550 5480 W32Time - ok
19:07:32.0564 5480 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:07:32.0565 5480 WacomPen - ok
19:07:32.0638 5480 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:07:32.0639 5480 WANARP - ok
19:07:32.0652 5480 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:07:32.0653 5480 Wanarpv6 - ok
19:07:32.0693 5480 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:07:32.0705 5480 WatAdminSvc - ok
19:07:32.0745 5480 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:07:32.0762 5480 wbengine - ok
19:07:32.0794 5480 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:07:32.0797 5480 WbioSrvc - ok
19:07:32.0825 5480 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:07:32.0829 5480 wcncsvc - ok
19:07:32.0836 5480 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:07:32.0848 5480 WcsPlugInService - ok
19:07:32.0872 5480 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:07:32.0883 5480 Wd - ok
19:07:32.0925 5480 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:07:32.0926 5480 WDC_SAM - ok
19:07:32.0974 5480 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:07:32.0981 5480 Wdf01000 - ok
19:07:32.0997 5480 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:07:33.0009 5480 WdiServiceHost - ok
19:07:33.0012 5480 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:07:33.0013 5480 WdiSystemHost - ok
19:07:33.0038 5480 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:07:33.0044 5480 WebClient - ok
19:07:33.0072 5480 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:07:33.0088 5480 Wecsvc - ok
19:07:33.0103 5480 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:07:33.0114 5480 wercplsupport - ok
19:07:33.0145 5480 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:07:33.0147 5480 WerSvc - ok
19:07:33.0152 5480 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:07:33.0152 5480 WfpLwf - ok
19:07:33.0165 5480 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:07:33.0166 5480 WIMMount - ok
19:07:33.0186 5480 WinDefend - ok
19:07:33.0194 5480 WinHttpAutoProxySvc - ok
19:07:33.0274 5480 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:07:33.0276 5480 Winmgmt - ok
19:07:33.0314 5480 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:07:33.0336 5480 WinRM - ok
19:07:33.0414 5480 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:07:33.0430 5480 WinUsb - ok
19:07:33.0489 5480 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:07:33.0498 5480 Wlansvc - ok
19:07:33.0553 5480 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:07:33.0554 5480 WmiAcpi - ok
19:07:33.0590 5480 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:07:33.0592 5480 wmiApSrv - ok
19:07:33.0602 5480 WMPNetworkSvc - ok
19:07:33.0606 5480 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:07:33.0607 5480 WPCSvc - ok
19:07:33.0616 5480 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:07:33.0619 5480 WPDBusEnum - ok
19:07:33.0628 5480 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:07:33.0629 5480 ws2ifsl - ok
19:07:33.0636 5480 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:07:33.0637 5480 wscsvc - ok
19:07:33.0640 5480 WSearch - ok
19:07:33.0724 5480 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:07:33.0746 5480 wuauserv - ok
19:07:33.0756 5480 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:07:33.0758 5480 WudfPf - ok
19:07:33.0780 5480 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:07:33.0782 5480 WUDFRd - ok
19:07:33.0825 5480 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:07:33.0827 5480 wudfsvc - ok
19:07:33.0839 5480 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:07:33.0843 5480 WwanSvc - ok
19:07:33.0867 5480 ================ Scan global ===============================
19:07:33.0894 5480 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:07:33.0916 5480 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:07:33.0923 5480 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:07:33.0945 5480 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:07:33.0967 5480 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:07:33.0969 5480 [Global] - ok
19:07:33.0970 5480 ================ Scan MBR ==================================
19:07:33.0979 5480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:07:34.0281 5480 \Device\Harddisk0\DR0 - ok
19:07:34.0284 5480 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:07:35.0276 5480 \Device\Harddisk1\DR1 - ok
19:07:35.0276 5480 ================ Scan VBR ==================================
19:07:35.0278 5480 [ DEDA584F8050CF1AABDAA89FE72AE889 ] \Device\Harddisk0\DR0\Partition1
19:07:35.0279 5480 \Device\Harddisk0\DR0\Partition1 - ok
19:07:35.0294 5480 [ 5E1DB97D0838B48108950DC7A46D44C2 ] \Device\Harddisk0\DR0\Partition2
19:07:35.0295 5480 \Device\Harddisk0\DR0\Partition2 - ok
19:07:35.0297 5480 [ D580C0F6C2EEC72D9F46AA9A8FB56465 ] \Device\Harddisk1\DR1\Partition1
19:07:35.0298 5480 \Device\Harddisk1\DR1\Partition1 - ok
19:07:35.0298 5480 ============================================================
19:07:35.0298 5480 Scan finished
19:07:35.0298 5480 ============================================================
19:07:35.0306 5304 Detected object count: 0
19:07:35.0306 5304 Actual detected object count: 0
19:07:45.0666 5436 Deinitialize success

Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.26.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Eric Glover :: ERICGLOVER-PC [administrator]

Protection: Enabled

1/25/2013 10:23:57 PM
mbam-log-2013-01-25 (22-23-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214279
Time elapsed: 2 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


ESET OnlineScan:

C:\Users\Eric Glover\AppData\Local\Google\Chrome\User Data\Default\Cache\f_002984 Win32/DownloadAdmin.G application cleaned by deleting - quarantined
C:\Users\Eric Glover\Downloads\DriverReviverSetup.exe a variant of Win32/RegistryReviver application cleaned by deleting - quarantined

#6 Gloman8

Gloman8
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 25 January 2013 - 10:29 PM

And here is the Rkill log:

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/25/2013 07:05:53 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Eric Glover\Desktop\rkill\rkill-01-25-2013-07-05-57.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15307 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/25/2013 07:06:04 PM
Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:33 AM

Posted 26 January 2013 - 11:09 AM

Try the updates..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Gloman8

Gloman8
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 26 January 2013 - 02:35 PM

Hi Boopme,

Out of 30 updates, only 7 were successful. The other 23 windows updates failed with error code 800F0826. I also still cannot open AVG 2013, and I can't uninstall it either. Please let me know what else I can do.

Thank you.

#9 Gloman8

Gloman8
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 26 January 2013 - 06:41 PM

Update:

I was able to repair AVG 2013 and that is working properly again. My only remaining issue is windows updates failing. Any ideas on how to fix my computer so that error stops?

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:33 AM

Posted 26 January 2013 - 08:23 PM

Download Windows Repair (all in one) from this site

Install the program then run it.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

Posted Image



Once that is done then skip Steps 3 and 4.

Go to Start Repairs tab and click Start button.

Posted Image


Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default)(if you see extra items not shown, leave them un-checked):

Posted Image

Click on box next to the Restart System when Finished. Then click on Start.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Gloman8

Gloman8
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:01:33 AM

Posted 27 January 2013 - 04:44 PM

Hi boopme. I ran through those steps and attempted to install the windows updates and they still failed. Each time they fail at the configuration stage after the reboot, Please let know me what else I can do.

Edited by Gloman8, 27 January 2013 - 04:46 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:33 AM

Posted 28 January 2013 - 12:13 PM

Ok, Think we need a deeper look/ Looks like a service is failed.

Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users